DocsICP FilingConsole
官方文档
首页

Manage databases

更新时间:
复制 MD 格式
产品详情
我的收藏

This topic explains how to create, delete, and select a permission model for databases on the Database Authorization page in the Hologres console.

Create a database

You can create databases on the Database Authorization page.

  1. Log on to the Hologres console and click Go to HoloWeb to open the HoloWeb development page.

  2. In the top navigation bar of the HoloWeb development page, choose Security Center > Database Authorization.

  3. On the Database Authorization page, select the target instance and click Create Database in the upper-right corner.

  4. In the Create Database dialog box, select the target instance, enter a Database Name, and select a Permission Model based on your business needs.

    For a simplified authorization process, use the simple permission model (SPM).

    Hologres provides the following permission models:

    • Expert: This model is fully compatible with PostgreSQL and uses the same authorization system. You grant permissions to RAM users using standard PostgreSQL grant statements. For more information, see Expert permission model.

    • Simple permission model (SPM): Built on PostgreSQL, this model provides a simplified, coarse-grained approach to permissions. You grant permissions by adding users to a user group. For more information, see simple permission model (SPM).

    • Schema-level permission model (SLPM): This model provides more granular control than SPM by organizing permissions at the schema level. It is ideal if you require strict permission boundaries but also want a simple authorization process. For more information, see Schema-level permission model (SLPM).

    Note

    After you purchase an instance, a database named postgres is created by default. This database is for management purposes only, has limited resources, and does not appear on the Database Authorization page. For business workloads, you must create a new database.

Grant permissions

After creating a database with the simple permission model, you can grant permissions to RAM users.

  1. On the Authorize User page for the target database, click Grant Permission.

  2. In the Grant Permission dialog box, select a User Account and a User Group. The available user groups are Admin, Developer, Writer, and Viewer.

    The user groups are defined as follows:

    • Admin: Acts as the database owner and can access and manage all objects and user groups in the database.

    • Developer: Can use Data Definition Language (DDL) to create, modify, or delete objects. They can also read and write data.

    • Writer: Can read and write data in database objects.

    • Viewer: Has read-only access to all database objects.

  3. Click OK. The user can now connect to the database with a development tool to access its data.

    Note

    If you cannot find the corresponding account in the User Account dropdown list, it means the account has not been added to the current instance. You need to go to the Users page to add the user.

Revoke permissions

If your database uses the simple permission model, you can revoke permissions from a RAM user.

  1. On the Database Authorization page, find the target database, and in the Actions column, click Authorize User to open the Authorize User page.

  2. Find the target user, and in the Actions column, click Revoke Permission.

  3. Click OK.

    To learn which permissions a RAM user retains after revocation, see Use the simple permission model.

Delete a database

To delete a database, find it on the Database Authorization page and click Delete in the Actions column. Deleting a database permanently removes all its data, which cannot be recovered.

Previous:User managementNext:Manage resource groups (Deprecated)