The Permission Settings tool lets you create, delete, and manage database users and roles for an ApsaraDB for SelectDB instance directly from the console—no SQL required.
Prerequisites
Before you begin, make sure you have:
An ApsaraDB for SelectDB instance (version 3.0.7 or later). See Create an instance
(Optional) Familiarity with SelectDB users and roles. See Manage the basic permissions of users
Open Permission Settings
Log on to the ApsaraDB for SelectDB console.
In the top navigation bar, select the region where your instance resides.
In the left-side navigation pane, click Instances. Find the instance and click its ID to go to the Instance Details page.
In the upper-right corner, click Data Development and Management.
NoteThe first time you use Data Development and Management, a message prompts you to add your machine's public IP address to the IP address whitelist named webui_whitelist. Click OK to proceed.
From the drop-down list, select Permission Settings.
NoteThe first time you open Permission Settings, the WebUI login page appears. Log on with the admin account. If you have forgotten the password, see Reset the password of an account. The Users page opens by default and lists all users except the root user.
Manage users
In the left-side navigation pane, choose Privileges > Users.
The admin user cannot be deleted, and its roles and permissions cannot be modified. Only users with ADMIN permissions can modify roles, change passwords, delete users, or modify permissions for other users.
Create a user
Click New User in the upper-left corner.
In the New User dialog box, fill in the following fields.
Parameter Required Description Example User Name Yes The name of the user. test_accountHost No The IP address from which the user's login requests originate. 127.0.0.1Password Yes The password for the user. — Granted Role No One or more roles to assign to the user. adminClick Confirm.
Edit a user's roles
In the Actions column, click the
icon next to the user, then select Edit Role.In the Edit User dialog box, select one or more roles from the Granted Role drop-down list.
Click Confirm.
Change a user's password
In the Actions column, click the
icon next to the user, then select Change Password.In the Change Password dialog box, enter a new password in the New Password field.
Click Confirm.
Delete a user
Deleted users cannot be recovered.
In the Actions column, click the
icon next to the user, then select Delete User.In the confirmation message, click Confirm.
Grant permissions to a user
Click the user's name to go to the Privileges page.
Find the permission type, then click Privileges in the upper-right corner of that section.
In the dialog box, select the permissions to grant and click Confirm.
For a full list of available permissions, see Manage the basic permissions of users.
Revoke permissions from a user
Click the user's name to go to the Privileges page.
Find the permission to revoke, then click the
icon in the last column of that section.In the Revoke dialog box, select the permissions to revoke and click Revoke.
For a full list of available permissions, see Manage the basic permissions of users.
Manage roles
In the left-side navigation pane, choose Privileges > Roles.
The admin role cannot be deleted. Only users with ADMIN permissions can delete roles or modify permissions for roles other than the admin role.
Create a role
Click New Role in the upper-left corner.
In the New Role dialog box, enter a name in the Name field.
Click Confirm.
Delete a role
In the Actions column, click the Delete icon next to the role.
In the confirmation message, click Confirm.
Grant permissions to a role
Click the role name to go to the Privileges page.
Find the permission type, then click Privileges in the upper-right corner of that section.
In the dialog box, select the permissions to grant and click Confirm.
For a full list of available permissions, see Permission management.
Revoke permissions from a role
Click the role name to go to the Privileges page.
Find the permission to revoke, then click the
icon in the last column of that section.In the Revoke dialog box, select the permissions to revoke and click Revoke.
For a full list of available permissions, see Permission management.