All Products
Search

This Product

    Data Management:Use DMS and DG to manage on-premises or third-party cloud databases

    Document Center

    Data Management:Use DMS and DG to manage on-premises or third-party cloud databases

    Last Updated:Mar 30, 2026

    Database Gateway connects your on-premises databases or third-party cloud databases to Alibaba Cloud without requiring public IP addresses, keeping data secure through encrypted transmission.

    Background

    Common methods for connecting on-premises or third-party cloud databases to Alibaba Cloud each have significant limitations:

    • Leased line, VPN gateway, or Smart Access Gateway (SAG) instance: High costs make this unsuitable for individual users.

    • Exposing the database service port to the internet: Creates potential security risks.

    • User-created proxy to forward service requests: Low stability, requires advanced technical skills, and increases costs.

    Database Gateway resolves these issues. It requires no public IP addresses and no exposed service ports, and it encrypts all data in transit. For more information, see What is Database Gateway?

    Prerequisites

    Before you begin, ensure that you have:

    • An Alibaba Cloud account with access to the DMS console V5.0

    • A machine on which to install the Database Gateway agent. The machine must:

      • Be able to connect to the target database (same internal network recommended to reduce latency)

      • Have outbound internet access — no public IP address, no exposed service port, and no inbound access required

    Database Gateway is free.

    How it works

    1. Create a gateway in DMS.

    2. Install the Database Gateway agent on a machine in your network.

    3. Add your database to the gateway.

    4. Register the database as an instance in DMS.

    Once registered, your database appears in the DMS instance list, where you can manage it alongside your other databases.

    Register an on-premises or third-party cloud database

    Step 1: Open Database gateway in DMS

    1. Log on to the DMS console V5.0.

    2. In the top navigation bar, click Solution. In the left-side navigation pane, click Database gateway.

    If the console is in simple mode, hover over the icon icon in the upper-left corner and choose All functions > Solution > Database gateway.

    Step 2: Create a gateway

    1. In the upper-left corner, select the region where your database is deployed. China (Hangzhou) is the default.

    2. Click Create Gateway.

    3. In the Create Gateway step, enter a Gateway Name and an optional Note, then click Next step.

    Step 3: Install the Database Gateway agent

    Install the agent on the machine that connects to your database:

    • Windows: Click Download gateway and run the installer.

    • Linux or other OS: Copy the command shown on the page, paste it into a terminal on the target machine, and press Enter.

    When the agent starts successfully, the page advances to the Adding a Database wizard. You can also click Next step to navigate there manually.

    Step 4: Add a database to the gateway

    Click Add database address to add a database now, or skip this step and add one later. For the full procedure, see Create a database gateway.

    Edit Gateway

    Step 5: Register the database as a DMS instance

    1. In the upper-left corner of the DMS console, click 2022-09-20_10-41-18.jpg to open the Add Instance dialog box.

    2. Click Third-party Cloud/Self-managed, then select a database type.

    3. Fill in the instance information:

      Basic information

      Parameter Description
      Database type The type of the database
      Instance region The region where the database gateway is deployed
      Gateway ID The ID of the database gateway. If no gateway exists yet, click Click here to add a database gateway to create a database gateway
      Database address The internal endpoint of the database
      Database account The username for logging on to the database
      Database password The password for the database account
      Control mode How DMS manages the database. See Control modes
      Sensitive data protection Whether to enable DMS to scan, de-identify, and manage sensitive data

      Advanced information

      Parameter Description
      Environment type The environment where the database is deployed
      Instance name A custom display name for the instance
      Lock-free schema change Whether to enable lock-free DDL operations. See Perform lock-free DDL operations
      Enable SSL Whether DMS connects to the database over SSL. The database must support SSL for this to take effect
      DBA The database administrator (DBA) who handles permission requests and subsequent processes
      Query timeout (s) The timeout for SQL query statements. Queries that exceed this limit are terminated
      Export timeout (s) The timeout for SQL export statements. Exports that exceed this limit are terminated

    4. In the lower-left corner, click Test Connectivity. Wait for the connection test to pass.

      If the test fails, review the instance information and correct any errors.

    5. Click Submit.

    Your database is now registered in DMS. It appears in the instance list in the left-side navigation pane, where you can view and manage it.

    What's next