All Products
Search
Document Center

ApsaraDB RDS:Create and use a host account for logons

Last Updated:Jun 19, 2024

ApsaraDB RDS for SQL Server allows you to create a host account for your ApsaraDB RDS for SQL Server instance. You can use the host account to log on to the host on which the RDS instance is deployed. This facilitates the management of the RDS instance.

Prerequisites

  • The RDS instance meets the following requirements:

    • The RDS instance runs RDS Basic Edition, RDS High-availability Edition, or RDS Cluster Edition. If your RDS instance runs RDS High-availability Edition, make sure that the instance runs SQL Server 2012 or later.

    • The RDS instance belongs to the general-purpose or dedicated instance family. The shared instance family is not supported.

    • The RDS uses the subscription or pay-as-you-go billing method. Serverless instances are not supported.

    • The RDS instance resides in a virtual private cloud (VPC). For more information about how to change the network type of an RDS instance, see Change the network type.

    • The creation time of the RDS instance meets the following requirements:

      • If the RDS instance runs RDS High-availability Edition or RDS Cluster Edition, the instance is created on or after January 01, 2021.

      • If the RDS instance runs RDS Basic Edition, the instance is created on or after September 02, 2022.

      Note

      You can view the Creation Time parameter of an RDS instance in the Status section of the Basic Information page in the ApsaraDB RDS console.

  • An Alibaba Cloud account is used to log on to the RDS instance.

Usage notes

  • RDS instances in CloudTmall system do not support host accounts.

  • You can create only one host account that has the permissions of a system admin account for each RDS instance.

  • The following usernames cannot be used for host accounts:

    root|admin|eagleye|master|aurora|sysadmin|administrator|mssqld|public|securityadmin|serveradmin|setupadmin|processadmin|diskadmin|dbcreator|bulkadmin|tempdb|msdb|model|distribution|mssqlsystemresource|guest|add|except|percent|all|exec|plan|alter|execute|precision|and|exists|primary|any|exit|print|as|fetch|proc|asc|file|procedure|authorization|fillfactor|public|backup|for|raiserror|begin|foreign|read|between|freetext|readtext|break|freetexttable|reconfigure|browse|from|references|bulk|full|replication|by|function|restore|cascade|goto|restrict|case|grant|return|check|group|revoke|checkpoint|having|right|close|holdlock|rollback|clustered|identity|rowcount|coalesce|identity_insert|rowguidcol|collate|identitycol|rule|column|if|save|commit|in|schema|compute|index|select|constraint|inner|session_user|contains|insert|set|containstable|intersect|setuser|continue|into|shutdown|convert|is|some|create|join|statistics|cross|key|system_user|current|kill|table|current_date|left|textsize|current_time|like|then|current_timestamp|lineno|to|current_user|load|top|cursor|national|tran|database|nocheck|transaction|dbcc|nonclustered|trigger|deallocate|not|truncate|declare|null|tsequal|default|nullif|union|delete|of|unique|deny|off|update|desc|offsets|updatetext|disk|on|use|distinct|open|user|distributed|opendatasource|values|double|openquery|varying|drop|openrowset|view|dummy|openxml|waitfor|dump|option|when|else|or|where|end|order|while|errlvl|outer|with|escape|over|writetext||dbo|login|sys|drc_rds
Warning

The system admin account has permissions that are beyond the management scope of ApsaraDB RDS for SQL Server. If you create the system admin account for your RDS instance, the system does not provide the service availability that is specified in Alibaba Cloud service level agreement (SLA) for the RDS instance.

Procedure

Step 1: Create a host account

  1. Go to the Instances page. In the top navigation bar, select the region in which the RDS instance resides. Then, find the RDS instance and click the ID of the instance.
  2. In the left-side navigation pane, click Accounts.

  3. On the Host Account tab, click Create Account and configure the following parameters.

    Parameter

    Description

    Host Account Name

    Enter a name for the host account. The name must be 2 to 64 characters in length and can contain lowercase letters, digits, and underscores (_). The name must start with a lowercase letter and end with a lowercase letter or a digit.

    Account Type

    • Standard Account: Create a host account that has the permissions of a standard account.

    • System Admin Account: Create a host account that has the permissions of a system admin account. You can create only one host account that has the permissions of a system admin account for each RDS instance. For more information about system admin accounts, see Create a system admin account.

      Note

      If you create the system admin account for the first time by using your Alibaba Cloud account, make sure that the required permissions are granted to your Alibaba Cloud account. The system admin account type is displayed on the Create Host Account page only after the permissions to create a system admin account are granted. For more information about how to create a system admin account, see Procedure.

    New Password

    Enter a password for the account. The password must meet the following requirements:

    • The password is 8 to 32 characters in length.

    • The password must contain at least three types of the following characters: uppercase letters, lowercase letters, digits, and special characters.

    • Special characters include ! @ # $ % ^ & * ( ) _ + - =

    Confirm Password

    Enter the password of the account again.

    Description

    Enter a description that can help identify the account. The description can be up to 256 characters in length.

  4. Read and select I have read and agree to the changes to the RDS Service Level Agreement caused by the creation of a host account.

  5. Click OK.

  6. Optional. Reset the password of the host account or delete the host account.

    You can click Reset Password or Delete in the Actions column to reset the password of the host account or delete the host account.

    image..png

Step 2: Use the host account to log on to the host on which the RDS instance runs

  1. Go to the Instances page. In the top navigation bar, select the region in which the RDS instance resides. Then, find the RDS instance and click the ID of the instance.
  2. In the left-side navigation pane, click Accounts.

  3. On the Host Account tab, find the required account and click Remote Connection (Primary) in the Actions column.

  4. In the Remote Connection dialog box, enter the password of the host account.

    image..png

  5. Click OK.

    The system generates a webshell URL and automatically connects to the host on which the RDS instance runs by using the URL. The system displays a webshell page in a pop-up window. The page may be blocked by the browser. If the page is blocked, you can configure the browser to allow the appearance of the page. The following figure provides an example.

    image..png

FAQ

Can I call operations to obtain the hostname of my RDS instance and the webshell URL to connect to the host of my RDS instance?

Yes, you can call the DescribeDBInstanceIpHostname operation to obtain the hostname of your RDS instance, and then the DescribeHostWebShell operation to obtain the webshell URL to connect to the host of your RDS instance. The hostname is specified by the IpHostnameInfos parameter, and the webshell URL is specified by the LoginUrl parameter.

Note
  • The webshell URL is valid for 2 minutes. You must use the URL at the earliest opportunity. If the URL is invalid, you cannot connect to the host of your RDS instance.

  • In this case, you can call the required operation to obtain the most recent URL.

Related operations

Operation

Description

DescribeHostWebShell

Queries the webshell URL that can be used to connect to the host of the ApsaraDB RDS for SQL Server instance.

DescribeDBInstanceIpHostname

Queries the hostname of the Elastic Compute Service (ECS) instance to which the ApsaraDB RDS for SQL Server instance is connected.

References

You can use SQL Server Reporting Services (SSRS) to manage an instance after you log on to the host on which the RDS instance resides. For more information, see Use a webshell to log on to the host on which an ApsaraDB RDS for SQL Server instance resides and use SSRS on the host.