Creating a Database Account
Scenarios
When you create a DB instance, account root is created at the same time by default. You can create other database accounts as needed.
Account Type
Account Type |
Description |
---|---|
Administrator account root |
Only the administrator account root is provided on the instance creation page. For details about the supported permissions, see RDS for MySQL Constraints.
NOTE:
Running revoke, drop user, or rename user on root may cause service interruption. Exercise caution when running any of these statements. |
System accounts |
To provide O&M services, the system automatically creates system accounts when you create RDS for MySQL DB instances. These system accounts are unavailable to you.
|
Other accounts |
Accounts created through the console, APIs, or SQL statements After an account is created, you can assign permissions to it as required. For details, see Changing Permissions for a Database Account. |
Constraints
- Accounts cannot be created for DB instances that are being restored.
Creating a Database Account Through RDS
- Log in to the management console.
- Click in the upper left corner of the page and choose Databases > Relational Database Service.
- On the Instances page, click the target DB instance.
- On the Accounts page, click Create Account. In the displayed dialog box, specify Username and Host IP Address, authorize permissions for databases, enter a password, and confirm the password. Then, click OK.
- If the DB engine version is MySQL 5.7 or 8.0, the username can contain 1 to 32 characters. Only letters, digits, hyphens (-), and underscores (_) are allowed.
- You can specify IP addresses that are allowed to access your DB instance.
- To enable all IP addresses to access your instance, enter % for Host IP Address.
- To enable all IP addresses in the subnet 10.10.10.X to access your instance, enter 10.10.10.% for Host IP Address.
- To specify multiple IP addresses, separate them with commas (,), for example, 192.168.0.1,172.16.213.9 (no spaces before or after the comma).
- Select unauthorized databases and click to authorize them or select authorized databases and click to revoke permissions.
If there are no unauthorized databases, you can create one by referring to Creating a Database. You can also modify the permissions after the account creation by referring to Changing Permissions for a Database Account.
- The password must consist of 8 to 32 characters and contain at least three types of the following characters: uppercase letters, lowercase letters, digits, and special characters (~ ! @ # $ % ^ * - _ = + ? , ( ) & . | ).
- The password must be different from the username or username spelled backwards.
- You are advised to enter a strong password to improve security and prevent security risks such as brute force cracking.
- After the database account is created, you can add remarks (for 8.0.25 and later versions), reset the password, modify permissions, and change the host IP addresses for the account.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.