Help Center/ Database Security Service/ Service Overview/ Security/ Identity Authentication and Access Control
Updated on 2024-04-11 GMT+08:00

Identity Authentication and Access Control

  • Credential Authentication

    You can access DBSS through the DBSS console, APIs, or SDK. Regardless of the access method, requests are sent through the REST APIs provided by DBSS.

    DBSS APIs can be accessed only after requests are authenticated. DBSS supports the following authentication methods:

    • Token-based authentication: Requests are authenticated using tokens. By default, token authentication is required for access to the DBSS console.
    • AK/SK authentication: Requests are encrypted using AK/SK pairs. This method is recommended because it provides higher security than token-based authentication.
  • Access Control

    DBSS supports access control through IAM permissions.

Table 1 DBSS access control

Method

Description

Reference

Permission management

IAM permission

IAM permissions define which actions on your cloud resources are allowed or denied. After creating an IAM user, the administrator adds the user to one or more groups, and assigns permission policies or roles to these groups. The user will inherit permissions from its groups.

IAM Permissions

Permission Management

Permission Control (Fine-grained)