本文介绍RAM用户如何使用资源编排(ROS)为云原生数据仓库 AnalyticDB PostgreSQL 版指定实例创建一个高权限的数据库账号。
前提条件
RAM用户具备云原生数据仓库 AnalyticDB PostgreSQL 版的操作权限AliyunGPDBFullAccess
和管理资源编排服务的操作权限AliyunROSFullAccess
。
操作步骤
登录资源编排ROS控制台,单击顶部导航栏地域下拉框,选择您需要的地域。
单击左侧菜单栏中的资源栈,选择创建资源栈 > 使用ROS。
指定模板:选中选择已有模板。
模板录入方式:选中输入模板。
模板内容选择ROS,输入模板代码,单击下一步。
以下是用于创建云原生数据仓库 AnalyticDB PostgreSQL 版实例的数据库高权限账号的ROS模板示例。更多详情,请参见ALIYUN::GPDB::Account。
示例
{ "ROSTemplateFormatVersion": "2015-09-01", "Parameters": { "DBInstanceId": { "Type": "String", "Description": "The ID of the instance.\nNote You can call the DescribeDBInstances operation to query details of all AnalyticDB for PostgreSQL instances in a specific\nregion, including instance IDs." }, "AccountPassword": { "Type": "String", "Description": "The password of the privileged account.\nThe password must contain at least three of the following character types: uppercase\nletters, lowercase letters, digits, and special characters.\nSpecial characters include ! @ # & $ % ^ * ( ) _ + - =\nThe password must be 8 to 32 characters in length." }, "AccountName": { "Type": "String", "Description": "The name of the privileged account.\nThe name can contain lowercase letters, digits, and underscores (_).\nThe name must start with a lowercase letter and end with a lowercase letter or a digit.\nThe name cannot start with gp.\nThe name must be 2 to 16 characters in length." } }, "Resources": { "Account": { "Type": "ALIYUN::GPDB::Account", "Properties": { "DBInstanceId": { "Ref": "DBInstanceId" }, "AccountPassword": { "Ref": "AccountPassword" }, "AccountName": { "Ref": "AccountName" } } } }, "Outputs": { "DBInstanceId": { "Description": "The ID of the instance.", "Value": { "Fn::GetAtt": [ "Account", "DBInstanceId" ] } }, "AccountName": { "Description": "The name of the account.", "Value": { "Fn::GetAtt": [ "Account", "AccountName" ] } } } }
ROSTemplateFormatVersion: '2015-09-01' Parameters: DBInstanceId: Type: String Description: |- The ID of the instance. Note You can call the DescribeDBInstances operation to query details of all AnalyticDB for PostgreSQL instances in a specific region, including instance IDs. AccountPassword: Type: String Description: |- The password of the privileged account. The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters. Special characters include ! @ # & $ % ^ * ( ) _ + - = The password must be 8 to 32 characters in length. AccountName: Type: String Description: |- The name of the privileged account. The name can contain lowercase letters, digits, and underscores (_). The name must start with a lowercase letter and end with a lowercase letter or a digit. The name cannot start with gp. The name must be 2 to 16 characters in length. Resources: Account: Type: ALIYUN::GPDB::Account Properties: DBInstanceId: Ref: DBInstanceId AccountPassword: Ref: AccountPassword AccountName: Ref: AccountName Outputs: DBInstanceId: Description: The ID of the instance. Value: Fn::GetAtt: - Account - DBInstanceId AccountName: Description: The name of the account. Value: Fn::GetAtt: - Account - AccountName
单击下一步。
单击创建。
创建资源栈成功后,登录云原生数据仓库Analytic PostgreSQL控制台查看用户账号。
文档内容是否对您有帮助?