Adding a Database and Exporting Database Configurations

Add a database to be audited, enable the audit function, and import the database configurations to Object Storage Service (OBS).

Limitations and Constraints

Before adding a database, you need to check the databases bound to cluster workloads and ensure:
- A database is added to only one audit instance.
- Databases accessed by the same workload must be added to the same audit instance.
- If the databases accessed by multiple workloads overlap, all these databases must be added to the same audit instance.
If any of the following changes occurred, you need to export your latest database configurations to an OBS bucket, import the bucket to the CCE cluster, and use the bucket for cluster storage:
You just purchased a database audit instance, or a database is added or deleted.
Disable SSL for a database before auditing it.

Adding a Database and Enabling Audit

After purchasing database audit, add the database to be audited to the database audit instance and enable the database audit function for the database.

For details about how to purchase database audit, see Purchasing Database Audit.

Log in to the management console.
Select a region, click , and choose Security & Compliance > Database Security Service. The Dashboard page is displayed.
In the navigation pane, choose Databases.
Select an instance from the Instance drop-down list. Click Add Database.
In the displayed dialog box, set database parameters described in Table 1.

Database audit supports UTF-8 and GBK character encoding.
Figure 1 Add Database dialog box
Click OK. The database will be displayed in the database list and its Audit Status will be Disabled.
In the Operation column of the database, click Enable.

Export database configurations.

Import the database configurations to OBS.

In the navigation pane, choose Instances.
Click Export Database Configurations.

Figure 2 Exporting database configurations
- The Export Database Configurations button is hidden. To show this button, add ?exportCfg at the end of the link of the instance list page, and press Enter.
- Database configuration includes the configurations of the database to be audited and the database audit agent.
Click OK.
After you agree to the authorization, a bucket named dbss-audit-agent-{projectid} will be created in OBS.

If any of the following changes occurred, your audit instance configurations will also change and you need to export them again:

You just purchased a database audit instance, or a database is added or deleted.

Parent topic: Deploying the Database Audit Agent in a Container

Previous topic: Scenario

Next topic: Installing the Agent on CCE Cluster Nodes

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot