All Products
Search

This Product

    PolarDB:Account management

    Document Center

    PolarDB:Account management

    Last Updated:Feb 08, 2025

    This topic describes the Alibaba Cloud console accounts and the PolarDB database accounts.

    Console accounts

    You can use the following accounts to log on to the console:

    • Alibaba Cloud account: This type of account allows flexible control over all your Alibaba Cloud resources and is used for billing purposes. You must create an Alibaba Cloud account before you purchase Alibaba Cloud services.
    • RAM user. You can create and manage RAM users in the Resource Access Management (RAM) console to share resources among multiple users. RAM users do not own resources. The charges of the resources consumed by RAM users are billed to the corresponding Alibaba Cloud account.

    Database accounts

    You can use the following accounts to log on to databases in the cluster. For more information, see Create and manage a database account.

    Account type

    Description

    Privileged Account

    • Privileged accounts can be created and managed only in the console.

    • Only one privileged account can be created for each cluster. The privileged account can manage all the standard accounts and databases in the corresponding cluster.

    • A privileged account can be used to create databases and standard accounts and authorize a standard account to perform add, delete, modify, and view operations on a database.

    • A privileged account has the permissions to implement fine-grained control over user permissions based on your business requirements. For example, you can use a privileged account to grant different users the permissions to query different tables.

    • A privileged account has the permissions to disconnect all standard accounts on the cluster.

    Standard Account

    • Standard accounts can be created and managed in the console or by using SQL statements.

    • Multiple standard accounts can be created for each cluster. The maximum number of standard accounts that you can create depends on the database engine.

    • A standard account cannot be used to create databases or standard accounts. A standard account can only manage databases on which they have permissions.

    • A standard account does not have permissions to manage or disconnect other accounts of the cluster on which the standard account is created.

    Related operations

    APIDescription
    CreateAccountCreates an account.
    DescribeAccountsQueries the accounts of the specified cluster.
    ModifyAccountDescriptionModifies the description of a database account for the specified PolarDB cluster.
    ModifyAccountPasswordChanges the password of a database account for the specified PolarDB cluster.
    GrantAccountPrivilegeGrants a specified standard account the permissions on one or more databases of the specified PolarDB cluster.
    RevokeAccountPrivilegeRevokes the permissions on one or more databases from the specified PolarDB standard account.
    ResetAccountResets the permissions of a privileged account for the specified PolarDB cluster.
    DeleteAccountDeletes an account.