Data Management (DMS) allows you to customize approval processes for different permission applications. For example, the approval of a database administrator (DBA) is required for permissions on a database in a development environment. The approval of a database owner and a DBA is required for permissions on a database in a production environment to improve data security. You can also customize approval processes so that common users cannot apply for query permissions on a database in a production environment to prevent data breach in an online environment.
This example demonstrates how to customize the approval process for permissions on
poc_prod database in a production environment.
- Configure security rules as a DMS administrator.
- Log on to the DMS console as a DMS administrator.
- In the top navigation bar, choose Security Rules tab appears. . The
- Find the rule set named
poc_prod_ruleand click Edit in the Actions column.
- On the Details tab, click the Access apply tab.
- Find the [DB-permission application] default approval Template rule and click Edit on the right.
- Click Switch Approval Template.
If you use the default approval template of the system, the approval of only a DBA is required.
- Find the template named
Owner-->DBAand click Select on the right.
- Click Submit.
- Apply for permissions as a common user to verify the customized approval process.
- Log on to the DMS console as a common user.
- In the top navigation bar, choose .
- On the Permission Application Ticket tab, enter
poc_prodas the database name and click Search.
- Select the database that you want from the matched result and click Add. The database appears in the Selected Databases/Tables/Columns section.
- In the Select Permission section, set the parameters as required and click Submit. The following table describes the parameters.
Parameter Description Permission The type of permission for which you want to apply. Valid values: Query, Export, and Change.Note You can select one or more permission types. Duration The validity period of the selected one or more permissions. Reason The description of the business background and the reason for this application. This reduces unnecessary communication and facilitates the approval process.Note After a permission application ticket is submitted, wait until the ticket is approved. You can view the status of the ticket in the My Tickets section of the Workbench tab.
- Click View Approval Details. The approval process shows that a ticket needs to be approved by a database owner and a DBA.