All Products
Search
Document Center

Data Management:Customize approval processes for permission applications

Last Updated:Jun 19, 2024

Data Management (DMS) allows you to customize approval processes for different permission applications. For example, the approval of a database administrator (DBA) is required for permissions on a database in a development environment. The approval of a database owner and a DBA is required for permissions on a database in a production environment to improve data security. You can also customize approval processes so that regular users cannot apply for the query permissions on a database in a production environment. This prevents data breach in an online environment.

Procedure

This example shows how to customize an approval process for permissions on the poc_prod database in a production environment. In this example, a security rule set named Security Rules for POC Production Databases is used for the poc_prod database.

  1. Configure security rules as a DMS administrator.

    1. Log on to the DMS console V5.0 as a DMS administrator.

    2. Move the pointer over the 2023-01-28_15-57-17.png icon in the upper-left corner and choose All functions > Security and Specifications > Security Rules.

      Note

      If you use the DMS console in normal mode, choose Security and Specifications > Security Rules in the top navigation bar.

    3. On the Security Rules page, find the Security Rules for POC Production Databases security rule set and click Edit in the Actions column.

    4. On the Details page, click the Access apply tab.

    5. Find the [DB-permission application] default approval Template rule and click Edit in the Actions column.

    6. In the dialog box that appears, click Switch Approval Template.

      If you use the default approval template of the system, the approval of only a DBA is required.

    7. Find the template named Owner-->DBA and click Select in the Actions column.

    8. Click Submit.

  2. Apply for permissions as a regular user to verify the customized approval process.

    1. Log on to the DMS console V5.0 as a regular user.

    2. Move the pointer over the 2023-01-28_15-57-17.png icon in the upper-left corner and choose All functions > Security and Specifications > Permission Center > Permission Tickets.

      Note

      If you use the DMS console in normal mode, choose Security and Specifications > Permission Center > Permission Tickets in the top navigation bar.

    3. In the upper-right corner of the Access applyTickets page, choose Access apply > Database-Permission.

    4. On the Database Permission tab of the Security Hosting Enabled tab, enter poc_prod in the field in the Select Databases/Tables/Columns section and click Search.

    5. Select the database that you want to access and click Add to add the database to the Selected Databases/Tables/Columns section.

    6. In the Select Permission section, configure the Permission, Duration, and Reason parameters. Then, click Submit.

      Note

      After you submit the ticket, wait until the application is approved by the instance owner and the DBA. You can view the status of the application on the homepage of the console.

    7. After your application is approved, find the ticket that you submit and click Details in the Actions column. On the Ticket Details page, click View Approval Details in the Approval section to view the approval progress of the ticket.