Help Center/ Relational Database Service/ User Guide (Ally Region)/ Working with RDS for PostgreSQL/ Database Usage/ Accounts (Non-Administrator)/ Creating an Account
Updated on 2026-04-24 GMT+08:00
View PDF
Share

Creating an Account

Scenarios

When you create a DB instance, account root is created at the same time by default. You can create other database accounts as needed.

Constraints

This operation is not allowed for instances that are being restored.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select a region and a project.
  3. Click in the upper left corner of the page and choose Database > Relational Database Service.
  4. On the Instances page, click the target DB instance to go to the Basic Information page.
  5. In the navigation pane on the left, choose Databases and Accounts and then click the Accounts tab.
  6. Click Create Account. In the displayed dialog box, specify the username, password, and permissions and click OK.

    Table 1 Parameter description

    Parameter

    Description

    Username

    The username can contain 1 to 63 characters. It can include letters, digits, and underscores (_). It cannot start with pg or a digit and must be different from the system usernames. System users include rdsAdmin, rdsRepl, rdsBackup, rdsDisaster, rdsMetric, rdsProxy, and rdsDdm.

    • rdsAdmin: a management account with the highest privileges. It is used to query and modify instance information, rectify faults, migrate data, and restore data.
    • rdsRepl: a replication account. It is used to synchronize data from a primary instance to its standby instance or read replicas.
    • rdsBackup: a backup account. It is used to back up data in the background.
    • rdsDisaster: a DR account. It is used to set up cross-region DR.
    • rdsMetric: a metric monitoring account. It is used by watchdog to collect database status data.
    • rdsProxy: the proxy account. It is automatically created when Database Proxy is enabled and is used for authentication when a database is connected through a read/write splitting address.
    • rdsDdm: a DDM account.

    Password
    • The password must consist of 8 to 32 characters and contain at least three types of the following characters: uppercase letters, lowercase letters, digits, and special characters (~ ! @ # $ % ^ * - _ = + ? ,).
    • The password cannot contain the username or the username spelled backwards.
    • Using a weak password will cause account creation to fail. Enter a strong password to improve security, preventing security risks such as brute force cracking.

    Permission

    You can assign permissions to this account, including CREATEDB, CREATEROLE, and REPLICATION.

    • CREATEDB: The account has the permission to create databases. If it is not selected, the account cannot be used to create databases by default.
    • CREATEROLE: The account has the permission to create other users. If it is not selected, the account cannot be used to create new users by default.
    • REPLICATION: The account can use streaming replication or logical replication. If it is not selected, the account cannot be used to set up streaming replication or logical replication by default.

  7. After the account is created, manage it on the Accounts page.