Creating a Database Account

Scenarios

When you create a DB instance, account root is created at the same time by default. You can create other database accounts as needed.

Constraints

• The instance must be in the running state.
• This operation is not allowed for DB instances that are being restored.

Procedure

1. Log in to the management console.
2. Click in the upper left corner and select a region.
3. Click in the upper left corner of the page and choose Databases > TaurusDB.
4. On the Instances page, click the instance name.
5. On the Accounts page, click Create Account.
6. In the displayed dialog box, set required parameters and click OK.
   Figure 1 Creating a database account
   

   Table 1 Parameter description

   Parameter	Description
   Username	The username can contain 1 to 128 characters. It can include letters, digits, hyphens (-), and underscores (_), and it must be different from system accounts. System accounts include rdsadmin, rdsuser, rdsbackup, and rdsmirror.
   Password	The password must consist of 8 to 32 characters and contain at least three types of the following characters: uppercase letters, lowercase letters, digits, and special characters (~!@#$%^*-_=+?,). The password cannot contain the username or the username spelled backwards. The password must be strong to avoid being easily cracked, as weak passwords will block the creation of your account. You are advised to enter a strong password to improve security and prevent security risks such as brute force cracking.
   Permission	You can assign permissions, including CREATEDB, CREATEROLE, and REPLICATION, to the user. CREATEDB: indicates that the user has the permission to create a database. If this attribute is not specified, the user cannot create databases by default. CREATEROLE: indicates that the user has the permission to create other users. If this attribute is not specified, the user cannot be used to create new users by default. REPLICATION: indicates that the user can use streaming replication or logical replication. If this attribute is not specified, the user cannot be used to set up streaming replication or logical replication by default.
   Description	The description can contain 0 to 512 characters.

7. After the account is created, manage it on the Accounts page.

Privileges of the Root User

TaurusDB for PostgreSQL provides privileges for the root user. To create objects on a TaurusDB for PostgreSQL database without operation risks, escalate your account to root privileges when necessary.

The following table describes root privilege escalation in different versions.

Escalate to root privileges when you need to:

• Create an event trigger.
• Create a wrapper.
• Create a logical replication publication.
• Create a logical replication subscription.
• Query and maintain replication sources.
• Create a replication user.
• Create a full-text index template and parser.
• Run the vacuum command on a system catalog.
• Run the analyze command on a system catalog.
• Create an extension.
• Grant an object permission to a user.

Creating a Common Babelfish User

After connecting to the TDS port of a TaurusDB for PostgreSQL instance with Babelfish enabled, you can create a common Babelfish user.

1. Connect to an instance through the TDS port.

   sqlcmd -S <host>,1433 -U babelfish_user

2. Create a common user. For more information, see CREATE USER (Transact-SQL).

   -- Create a login.
   CREATE LOGIN test_babelfish_login WITH PASSWORD = '***';
   GO

   -- Creates a user for the login.
   CREATE USER test_babelfish_user FOR LOGIN test_babelfish_login;
   GO