Identity Authentication and Access Control

When you access TaurusDB for PostgreSQL, the system authenticates your identity using a password or IAM.

Password verification
To manage your instance, you need to use Data Admin Service (DAS) to log in to your instance. The login is successful only after your account and password are verified.
IAM verification
You can use Identity and Access Management (IAM) to provide fine-grained control over TaurusDB for PostgreSQL permissions. IAM provides identity authentication, permissions management, and access control, helping you secure access to your Huawei Cloud resources. IAM users can use TaurusDB for PostgreSQL resources only after their accounts and passwords are verified. For details, see Creating an IAM User and Logging In.

Permissions control
If you need to assign different permissions to different employees in your enterprise to access your instance resources, IAM is a good choice. For details, see Permissions.
VPCs and subnets
A VPC is a logically isolated, configurable, and manageable virtual network. It helps improve the security of cloud resources and simplifies network deployment. You can define security groups, virtual private networks (VPNs), IP address segments, and bandwidth for a VPC. This facilitates internal network configuration and management and allows you to change your network in a secure and convenient manner.

A subnet provides dedicated network resources that are logically isolated from other networks for security.

For details, see Creating a VPC.
Security groups
A security group is a logical group that provides access control policies for ECSs and TaurusDB for PostgreSQL instances that have the same security requirements and are mutually trusted in a VPC. To ensure database security and reliability, you need to configure security group rules to allow only specific IP addresses and ports to access your TaurusDB for PostgreSQL instances.

For details, see Configuring a Security Group Rule.