Use the Hologres console to configure two data security features for your instance: SSL encryption in transit and HoloWeb cross-account logon.
Prerequisites
Before you begin, ensure that you have:
A purchased Hologres instance
SSL encryption in transit
SSL encryption in transit secures the connection between clients and Hologres. When enabled, clients connect to Hologres over SSL and must explicitly specify whether to use an encrypted connection. When disabled, only non-SSL connections are accepted.
Enabling or disabling SSL encryption in transit requires an instance restart. Proceed with caution. This feature is disabled by default.
To enable SSL encryption:
Log on to the Hologres console and select a region in the upper-left corner.
In the navigation pane on the left, click Instances, then click the ID of the target instance.
On the instance details page, click Data Security.
On the Data Security page, in the SSL Encryption section, turn on the SSL Encryption switch.
In the Enable SSL Encryption dialog box, click Enable SSL Encryption.
HoloWeb cross-account logon
HoloWeb cross-account logon controls whether other Alibaba Cloud accounts and their RAM users can access your instance through HoloWeb.
Enabled: Other Alibaba Cloud accounts and their RAM users can log on to this instance from HoloWeb.
Disabled: Only RAM users belonging to the current Alibaba Cloud account can log on to this instance from HoloWeb, provided they have the required logon permissions. Cross-account access from HoloWeb is blocked.
This feature is disabled by default for new instances. This means that cross-account logon from HoloWeb is not allowed for the instance.
Step 1: Enable HoloWeb cross-account logon for the instance
Log on with Account A (the instance owner) and enable the feature:
Log on to the Hologres console and select a region in the upper-left corner.
In the navigation pane on the left, click Instances, then click the ID of the target instance.
On the instance details page, click Data Security.
In the HoloWeb Logon Settings section, turn on the HoloWeb Cross-account Logon switch.
In the Enable HoloWeb Cross-account Logon dialog box, click Enable.
Step 2: Log on from HoloWeb using another account
After Account A enables the feature, Account B (or its RAM users) can connect to the instance from HoloWeb:
Log on to the Hologres console with Account B and select a region.
In the navigation pane on the left, click Go to HoloWeb.
Click Metadata Management > Instances.
In the Instances dialog box, go to the Instance Information section and configure the following parameters.
NoteLeave the Search for Instance section blank.
Parameter Description Name A custom connection name. Domain name The network domain name of the Hologres instance in Account A. Use Account A to go to the instance details page in the Hologres console and copy the domain name from the Network Information section. Port The network port of the Hologres instance in Account A. Obtain it from the Network Information section on the instance details page. Logon method Select Password Logon. Account The AccessKey ID of Account A. Click AccessKey Management to get the ID. Password The AccessKey secret of Account A. Test connectivity Verifies the connection. The test is successful. means the connection succeeded. The test failed. means it failed. Log on after connection Select Yes to log on immediately — the instance appears in the Logged-on Instances list. Select No to skip logon — the instance appears in the Not Logged-on Instances list. After the connection test succeeds, click the icon next to Instance Management to refresh the instance list. Click Logged-on Instances to view the databases and tables of Account A's instance and perform table operations.
What's next
Encryption in transit — Learn about SSL configuration details and client connection requirements.