This topic describes how to create accounts in a tenant.
Background information
Before you connect to a database, you need to create an account with the privilege to connect to the database. Different account types have different privileges. You can use an account with database operation privileges to log in to the database. In a MySQL-compatible tenant, you can associate an account with multiple databases. In an Oracle-compatible tenant, an account has only the privileges of its corresponding schema.
Prerequisites
- The tenant is not being created, deleted, or has been deleted.
Create an account
You can create an account by using one of the following four methods:
Method 1: Log in to the OceanBase Cloud console. On the tenant overview page, click Manage Access in the left-side navigation pane, and then click Create Account in the upper-right corner.
Method 2: Log in to the OceanBase Cloud console. On the Tenants page, click ... > Actions in the Create Account column of the target tenant.
Method 3: Log in to the OceanBase Cloud console. On the tenant overview page, click Create Account in the upper-right corner.
Method 4: Log in to the OceanBase Cloud console. On the instance list page, expand the target instance, and then click ... > Create Account of the tenant name.
The following example describes how to create an account by using Method 1:
Log in to the OceanBase Cloud console.
On the instance list page, click the expand icon next to the instance name, and then click the name of the target tenant.
Click Manage Access in the left-side navigation pane to go to the account page.
Click Create Account in the upper-right corner, and set the parameters on the page that appears.
Parameter Description Account Name Sets the account name. The name must start with a lowercase letter and must be 2 to 32 characters in length. It can contain uppercase letters, lowercase letters, underscores, hyphens, and digits, but cannot contain any of the following reserved keywords and their lowercase counterparts: SYS, OCEANBASE, ROOT, OPERATOR, LBACSYS, ORAAUDITOR, OBMIGRATE, OMC, IDB_DDL, ODC_RND, ODC_DDL, DWEXP.Host Address You can specify a host name that contains any character, an IP address such as 192.168.1.1, an IPv4 subnet mask such as 192.168.1.% or a domain name. Account Type You can select a regular account, a super account, or a read-only account. - A regular account can perform authorized operations on the authorized databases.
- A read-only account can read data in all databases by default.
Note
A data manipulation language (DML) statement is used to query or manipulate data in existing schema objects. A data definition language (DDL) statement is used to define, modify, and delete schema objects. For more information, see SQL statement overview.
Global Privileges Select the global permission of the account. For an regular account, you can grant only the corresponding permissions to the authorized database. For a read-only account, you can select the encryption or decryption permission. Grant Database Privileges You can authorize the specified databases in the database list to a regular account. You can authorize the databases in the authorized database list in batches. For more information about the permissions, see Account privileges. Password Password policy depends on the database version. The policies for each database mode are described as follows. - MySQL compatible mode:
- Databases of a version earlier than V4.2.1: The length ranges from 10 to 32 characters. The password must contain at least three types of characters, including uppercase letters, lowercase letters, digits, and special characters.
- Databases of V4.2.1 and later versions: The length ranges from 8 to 64 characters. You can customize the password policy. For more information, see the Set a password policy section.
- Oracle compatible mode: The length ranges from 10 to 32 characters. The password must contain at least three types of characters, including uppercase letters, lowercase letters, digits, and special characters.
~!@#$%^&*_-+=|(){}[]:;,.?/.Randomly Generate Click this button to generate a random password. After the password is generated, copy it and keep it properly. Remarks (optional) The length must be at most 30 characters. Click Create. After the account is created, you can view account information in the account list.