Automated Database Access Using an Account for Multitenancy Management of GeminiDB Redis Instances
GeminiDB Redis API continuously provides enhanced features for enterprises, one of which is multitenancy. With multi-tenancy, read-only accounts and read/write accounts can be added, and databases accessible to each account can be specified. This prevents misoperations on data of other tenants. This feature allows multiple tenants to use the same Redis instances while keeping their data isolated, facilitating enterprise development and management.
Scenarios
Multi-tenancy is a common function of database users. For example, an enterprise has service departments A and B, both of which need to use Redis to store their own data. If multi-tenancy is not used, data of departments A and B will be mixed. As a result, data breaches and misoperations may occur. After multitenancy is enabled, data of departments A and B can be stored in different Redis instances or databases, and permissions on these instances or databases can be controlled to ensure data security and reliability.
Multi-tenant databases usually have some standard attributes, such as read/write permission control as well as cross-database authentication and isolation. GeminiDB Redis instances use such comprehensive multitenancy technologies, allowing for read/write permission control and database isolation.
Advantages
In contrast to multi-tenant databases, open-source Redis supporting an access control list (ACL) in its new version only grants accounts read-only and read/write permissions. Each account can still be used to view all databases. For example, a development engineer wants to use database 1 but accidentally clears another engineer's database 0, causing a production accident. Permission isolation of GeminiDB Redis API can avoid this problem. For example, if engineer A has only the permission of database 1, database 0 is not affected even if misoperations are performed.
In addition, multitenancy of open-source Redis can be used only on a single node. Once the service volume increases and a cluster is required, multiple databases are unavailable. As a result, only database 0 is left. More than 1,000 GeminiDB Redis databases can be deployed in a cluster, and more than 200 ACL sub-accounts can be created.
|
Product |
Account Read and Write Permission Control |
Account Permission Isolation |
Multi-DB Cluster |
Default Quantity of Supported Databases |
|---|---|---|---|---|
|
Open-source Redis |
Supported |
Supported |
Not supported |
16 |
|
GeminiDB Redis API |
Supported |
Supported |
Supported |
1,000 |
Solution
To use the tenant management function of GeminiDB Redis instances, you need to create accounts on the account management page and set read-only and read/write permissions for each account. For details, see Managing Accounts.
After an account is created, you can run auth USER PWD or auth USER:PWD for authentication and execute the SELECT DB statement to access the database on which the account has permissions. For details, see Enabling Database Access With a Password.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
