Help Center/ GaussDB(DWS)/ Developer Guide/ Developer Guide (9.1.0.x)/ GaussDB(DWS) Development Design Proposal/ GaussDB(DWS) Object Design Specifications/ USER Object Design

Updated on 2025-07-22 GMT+08:00

View PDF

USER Object Design

Rule 2.5: Following the Least Privilege Principle and Avoiding Running Services Using Users with Special Permissions

Impact of rule violation:

Administrators have full access to a lot of things in the system and using these users to run services can pose security and control risks.

Solution:

It is advised to use common users for service running, reserving users with special permissions for management operations.

Rule 2.6: Avoiding the Use of a Single Database Account for All Services

Impact of rule violation:

Using a single database user for all services hinders effective service management and control. In abnormal situations, it becomes impossible to isolate specific users for emergency purposes.

Solution:

Create administrators, service operation users, and O&M users for different purposes.
Use different users to run different services for improved management and allocation of services and resources.

Parent Topic: GaussDB(DWS) Object Design Specifications

Previous topic: DATABASE Object Design

Next topic: Schema Object Design

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.