PolarDB-X 1.0 provides the account management feature. This topic describes how to create an account, modify account permissions, and reset the account password in the console.
Precautions
- The account management feature is only available on instances of 5.3.6 10460044 and later.
- In the console, you can only authorize DML, DDL, read-only, and read/write permissions to standard accounts. To grant more permissions, use SQL statements. For more information, see Manage accounts and permissions.
Account types and permissions
- PolarDB-X 1.0 instances support the following two types of database accounts.
Account type Description Privileged account - You can create or manage privileged accounts by using SQL statements only.
- You can create only one privileged account on each instance, and can use this privileged account to manage all standard accounts and databases on the instance.
- A privileged account is granted with more permissions to enable personalized and refined management over permissions. For example, you can grant different users the permissions to query different tables.
- A privileged account has all the permissions on all the databases on the instance and can disconnect all accounts.
Standard account - You can create or manage standard accounts in the console, by calling API operations, or executing SQL statements.
- You can create one or more standard accounts on each instance. The allowed maximum number of standard accounts depends on the kernel engine of the instance.
- You must manually grant standard accounts the permissions on specific databases.
- You cannot use a standard account to create or manage other accounts, or disconnect other accounts from databases.
- The following table shows the support for SQL operations by different account types
with different permissions.
Account type Permission SELECT INSERT UPDATE DELETE INDEX ALTER CREATE DROP GRANT Standard account DDL Not supported Not supported Not supported Not supported Supported Supported Supported Supported Not supported DML Supported Supported Supported Supported Not supported Not supported Not supported Not supported Not supported Read-only Supported Not supported Not supported Not supported Not supported Not supported Not supported Not supported Not supported Read/write Supported Supported Supported Supported Supported Supported Supported Supported Not supported Privileged account Root Supported Supported Supported Supported Supported Supported Supported Supported Supported