Updated on 2024-11-06 GMT+08:00

Configuring Database Security

Password Strength Requirements

For database password strength requirements on the management console, see the database configuration table in Buying a DB Instance.

GaussDB(for MySQL) has a password security policy for newly created database users. Passwords must:
  • Consist of at least eight characters.
  • Contain at least three types of the following characters: uppercase letters, lowercase letters, digits, and special characters (~!@#%^*-_=+?,()&$|.).

When you create instances, your password strength is checked. You can modify the password strength as user root. For security reasons, use a password that is at least as strong as the default one.

Account Description

To provide O&M services, the system automatically creates system accounts when you create instances. These system accounts are unavailable to you.

Deleting, renaming, and changing passwords or permissions for these accounts will cause instances to run abnormally. Exercise caution when performing these operations.

  • rdsAdmin: a management account with superuser permissions, which is used to query and modify instance information, rectify faults, migrate data, and restore data.
  • rdsRepl: a replication account, which is used to synchronize data from the primary node to read replicas.
  • rdsBackup: a backup account, which is used to back up data in the background.
  • rdsMetric: a metric monitoring account, which is used by watchdog to collect database status data.
  • rdsProxy: a database proxy account, which is used for authentication when the database is connected through the proxy address. This account is automatically created when you enable read/write splitting.