All Products
Search
Document Center

Data Management:Register an Alibaba Cloud database instance

Last Updated:Jul 03, 2024

This topic describes how to register an Alibaba Cloud database instance with Data Management (DMS).

Prerequisites

Usage notes

  • To allow DMS users to manage database instances in the DMS console, you must grant permissions to the DMS users based on your business requirements. For more information about the syntax that you can use to grant permissions, see the official documentation of each type of database. The DMS users must have the following permissions:

    • To manage all the databases on an instance, a DMS user must have permissions on all the databases.

    • To manage one or more databases of an instance, a DMS user must have permissions on the specified databases.

    • To insert, delete, modify, and query data in an instance and change table schemas, a DMS user must have the required DML permissions.

    • To perform operations on objects, such as views, stored procedures, triggers, and functions in an instance, a DMS user must have the required permissions on these objects.

  • We recommend that you create a separate database account when you register a database instance.

  • To prevent interference, do not add spaces or special characters before or after the information that you enter when you register a database instance.

Procedure

In this example, an ApsaraDB RDS for MySQL instance is registered with DMS.

  1. Log on to the DMS console V5.0.
  2. On the Home page of the DMS console, click the add icon next to Database Instances in the left-side navigation pane.

    Note

    Alternatively, choose Data Assets > Instances in the top navigation bar. On the Instance List tab of the Instances page, click New.

  3. In the Add Instance dialog box, configure the parameters that are described in the following table.

    Section

    Parameter

    Description

    Data Source

    -

    The source of the database instance. In this example, Alibaba Cloud is selected.

    Basic Information

    Database Type

    The type of the database instance.

    Instance Region

    The region in which the database instance resides.

    Other primary accounts

    The Alibaba Cloud account to which the database instance belongs. This parameter appears if you click Cross-Alibaba Cloud account instances.

    Note

    If the Alibaba Cloud account is not in the list, you can click Add User to add the Alibaba Cloud account that is used to purchase the database instance. For more information, see the Add a user section of the "Manage users" topic.

    Connection Method

    The method that you use to specify the information about the database instance. Valid values: Instance ID and Connection String Address.

    Instance ID or Connection String Address

    The ID of the database instance or the connection string of the database instance.

    Note

    The connection string is in the following format: Internal network address:Port number. Example: rm-XXXXXXX.mysql.rds.aliyuncs.com:3306.

    Secure hosting

    Specifies whether to enable security hosting for the database instance. Valid values:

    • Enable: If you enable security hosting for a database instance, you do not need to use a database account and password to log on to the database. You can manage permissions at the database instance, database, table, and row levels. For more information, see Security hosting.

    • Disable: If you disable security hosting for a database instance, you must use a database account and password every time you log on to the database if the logon session times out. This may affect the use of the database instance. We recommend that you do not set the Security hosting parameter to Disable.

    Access mode

    Note

    This parameter appears only if you register an ApsaraDB RDS instance.

    The method to log on to the database.

    • Account + password login: Log on to the database by using the account and password that you created.

    • Logon with KMS Secret: Log on to the database by using the ApsaraDB RDS secret created in Key Management Service (KMS). For more information, see Manage and use ApsaraDB RDS secrets.

    Database Account

    The account that is used to log on to the database. If you enable security hosting for a database instance that is registered for the first time, you must specify this parameter.

    Note

    DMS uses the specified database account to perform operations such as read and write on the data of the database instance in DMS. You must specify a database account that has the required permissions.

    Database Password

    The password of the account that is used to log on to the database.

    KMS Secret

    Note

    This parameter appears only if you set the Access mode parameter to Logon with KMS Secret.

    The KMS secret.

    Advanced Feature Pack

    Specifies the control mode in which the database instance is managed and whether to enable sensitive data protection for the database instance. Valid values:

    • Security Collaboration and Stable Change: The Security Collaboration mode supports all features that are included in Stable Change mode and provides the DevOps feature to help you customize R&D processes and approval processes. The Stable Change mode provides solutions to allow databases to run more stably, such as lock-free changes and SQL review. You can select only one of the Security Collaboration and Stable Change modes. For more information, see Control modes.

      Note

      If you do not select the Security Collaboration or Stable Change mode, the database instance is managed in Flexible Management mode by default.

    • Sensitive Data Protection: This feature allows you to control and mask sensitive data. You can enable the feature based on your business requirements. For more information, see Enable the sensitive data protection feature.

    Security Rules

    The parameter appears if you set the Advanced Feature Pack parameter to Security Collaboration.

    You can select the default or custom security rules to implement fine-grained control on the database. For more information, see Manage security rules.

    Classification template

    This parameter appears if you set the Advanced Feature Pack parameter to Sensitive Data Protection.

    You can bind a classification and grading template to an instance to identify whether the fields in databases and tables in the instance comply with the identification rules of the template. If the fields comply with the identification rules, the fields are labeled for classification and grading to protect the fields with high sensitivity levels. For more information, see Manage DMS classification and grading templates.

    Advanced Information

    Environment Type.

    The type of the environment in which the database instance is deployed. For more information, see the Environment types section of the "Change the environment type of an instance" topic.

    Instance Name

    The name that you specify for the database instance.

    Note

    If you register an Alibaba Cloud database instance for the first time, the name of the Alibaba Cloud database instance is synchronized to DMS. DMS does not synchronize the name if the Alibaba Cloud database instance is not registered for the first time. You can change the name of the database instance in the DMS console. For more information, see Modify database instances.

    Lock-free Schema Change

    Specifies whether to enable lock-free schema change. Valid values: Enable (DMS OnlineDDL First), Enable (MySQL Native OnlineDDL First), and Close. For more information, see Enable the lock-free schema change feature.

    Note

    This parameter appears only for a MySQL database instance.

    Enable SSL

    Note

    This parameter appears only for a MySQL or Redis database instance.

    Specifies whether to allow DMS to connect to the database instance by using SSL connections. By default, DMS does not connect to the database instance by using SSL connections.

    If you want to use SSL connections to connect to the database instance, set this parameter to Enable and make sure that the SSL encryption feature is enabled for the database instance.

    SSL encrypts network connections at the transport layer to improve the security and integrity of data in transmission. However, SSL increases the response time of network connections.

    DBA

    The DBA of the database instance. The DBA can grant permissions to users.

    Query Timeout(s)

    The timeout period for the execution of an SQL query statement. If the execution of an SQL query statement lasts longer than the specified timeout period, the execution of the statement is terminated to protect the database.

    Export Timeout(s)

    The timeout period for the execution of an SQL export statement. If the execution of an SQL export statement lasts longer than the specified timeout period, the execution of the statement is terminated to protect the database.

  4. After you configure the preceding parameters, click Test Connection in the lower-left corner.

    Note

    If the connection test fails, check the specified instance information based on the error message.

  5. If the connection test is passed, click Submit.

    After the preceding steps are performed, the Alibaba Cloud database instance is registered with DMS. You can view and manage your database instance in the instance list of the DMS console.

What to do next

  • After you register a database instance with DMS, you can perform the following operations:

    • Manage the database instance, such as creating databases, creating tables in a database, and querying and modifying the table data. For more information, see Manage a database on the SQLConsole tab.

    • Change a large amount of data in a table without locking the table. You can perform this operation by using the lock-free DML feature of DMS. For more information, see Perform lock-free DML operations.

    • Export the table data. For more information, see Export data.

  • You can also call an API operation to register a database instance with DMS.

    For more information, see RegisterInstance.

FAQ

  • Q: What do I do if the following whitelist error message appears when I register an Alibaba Cloud database instance with DMS?

    设置白名单

    A: You can click Configure whitelist in the message. The system automatically adds the IP address of the DMS server to the whitelist of the Alibaba Cloud database instance. If the IP address fails to be automatically added to the whitelist, you need to manually add it. For more information, see Add DMS IP addresses and CIDR blocks to security settings.

  • Q: Does DMS support the Flexible Management mode?

    A: Yes, DMS supports the Flexible Management mode. If you do not set the Advanced Feature Pack parameter to Stable Change or Security Collaboration when you register a database instance with DMS, the database instance is managed in the Flexible Management mode by default.

  • Q: I have enabled the SSL/TSL encryption protocol for an ApsaraDB for Redis instance, but the following error message appears when I log on to the ApsaraDB for Redis instance in the DMS console. What do I do to resolve this issue?

    A: To resolve this issue, perform the following steps:

    1. Log on to the DMS console V5.0.
    2. On the Home page of the DMS console, choose Database Instances > Instances Disconnected in the left-side navigation pane. In the instance list that appears, right-click the ApsaraDB for Redis instance to which you want to log on and click Edit.

    3. In the Advanced Information section of the Edit dialog box, set the Enable SSL parameter to Enable.

    4. Click Test Connection.

    5. After the connection test is passed, click Save. Then, the database instance is connected to DMS.

    For more information, see Modify database instances.