This topic describes how to create a data source in OceanBase Cloud.
Background information
A data source is a collection of database connection information, such as the connection address, port number, username, and password. In OceanBase Cloud, you can configure a data source to quickly establish a database connection during tasks such as data migration and job scheduling, so as to improve the operation efficiency and reliability.
At present, OceanBase Cloud data sources support the following cloud vendors: Amazon Web Services (AWS), Huawei Cloud, Google Cloud, Alibaba Cloud, and Microsoft Azure. Supported database types are OceanBase Database (MySQL and Oracle compatible modes), MySQL (including Aurora MySQL, RDS MySQL, Cloud MySQL, PolarDB MySQL, Azure MySQL, and self-managed MySQL), Oracle (including RDS Oracle and self-managed Oracle), Kafka (including cloud instance Kafka and self-managed Kafka), PostgreSQL (including RDS PostgreSQL, Azure for PostgreSQL, and self-managed PostgreSQL), and self-managed TiDB.
The data source connection type varies based on the database type. You must select a connection type based on your database type.
OceanBase data sources (MySQL and Oracle compatible modes)
OceanBase Cloud provides three connection types for OceanBase data sources.
OceanBase Cloud Instance: This connection type applies to OceanBase Database instances created in the OceanBase Cloud console and realizes quick connection.
Endpoint or public IP: This connection type applies to OceanBase Database instances deployed in AWS, Huawei Cloud, Google Cloud, Alibaba Cloud, or Azure.
Prerequisites
You have created an instance and a tenant of OceanBase Database (MySQL or Oracle compatible mode) in the OceanBase Cloud console, and prepared a database account.
You have the privileges of the organization admin or project admin of the OceanBase Cloud console.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, click Data Services > Data Sources.
On the Data Sources page, click Create Data Source > OceanBase MySQL Compatible or OceanBase Oracle Compatible based on the actual situation.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Vendor At present, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region of the data source. Connection Type Select OceanBase Cloud Instance. Instance Type Valid values: Dedicated (Transactional), Shared, and Dedicated (Analytical). This parameter is displayed only when Connection Type is set to OceanBase Cloud Instance. Notice
Migration supports only the Dedicated (Transactional) and Dedicated (Analytical) instance types.
Instance Select the target instance from the drop-down list. This parameter is displayed only when Connection Type is set to OceanBase Cloud Instance. Database Account The username of a user in OceanBase Database. Password The password of the database user. Click Test Connection.
After the test succeeds, click Save.
Prerequisites
You have created an endpoint service on AWS, Huawei Cloud, Google Cloud, Alibaba Cloud, or Azure, and have the privilege to modify the endpoint allowlist.
You have the privileges of the organization admin or project admin of the OceanBase Cloud console.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, click Data Services > Data Sources.
On the Data Sources page, click Create Data Source > OceanBase MySQL Compatible or OceanBase Oracle Compatible based on the actual situation.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Vendor At present, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region of the data source. Connection Type Select Endpoint. Connection Information Enter the name of the endpoint service of the selected cloud vendor. Instance The ID or name of the instance to which the OceanBase database belongs. You can view the ID or name of the target instance on the Instances page. Note
When the cloud vendor is Alibaba Cloud, you can also select a cross-account authorized instance of an Alibaba Cloud account. For more information, see Alibaba Cloud account authorization.
Tenant The ID or name of the OceanBase Database tenant. Database Account The username of a user in OceanBase Database. Password The password of the database user. If you set Connection Type to Endpoint, you can choose whether to configure advanced settings as needed.
Notice
If incremental synchronization is required in your migration task, you must also toggle on sys Tenant Account and OBLogProxy.
Parameter Description sys Tenant Account After you toggle on sys Tenant Account, you must specify sys Account and Password. - sys Account: the username of the user in the sys tenant. The user reads incremental logs of OceanBase Database and obtains database object schemas. You must create the user in the sys tenant of your business cluster.
- Password: the password of the user.
OBLogProxy After you toggle on OBLogProxy, you must specify OBLogProxy connection information. oblogproxy is a proxy service for managing incremental logs of OceanBase Database. It provides project intervention and management capabilities as services to allow applications to access and manage real-time incremental logs of OceanBase Database. It also addresses the need for incremental log subscriptions in network isolation mode. The value is in the format of oblogproxy IP address:oblogproxy port number.Click Test Connection.
After the test succeeds, click Save.
Prerequisites
You have the privilege to modify the security group allowlist of AWS, Huawei Cloud, Google Cloud, Alibaba Cloud, or Azure.
You have the privileges of the organization admin or project admin of the OceanBase Cloud console.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, click Data Services > Data Sources.
On the Data Sources page, click Create Data Source > OceanBase MySQL Compatible or OceanBase Oracle Compatible based on the actual situation.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Vendor At present, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region of the data source. Connection Type Select Public IP. Connection Information Enter the IP address or host name to connect. Instance The ID or name of the instance to which the OceanBase database belongs. You can view the ID or name of the target instance on the Instances page. Note
When the cloud vendor is Alibaba Cloud, you can also select a cross-account authorized instance of an Alibaba Cloud account. For more information, see Alibaba Cloud account authorization.
Tenant The ID or name of the OceanBase Database tenant. Database Account The username of a user in OceanBase Database. Password The password of the database user. If you set Connection Type to Public IP, you can choose whether to configure advanced settings as needed.
Notice
If incremental synchronization is required in your migration task, you must also toggle on sys Tenant Account and OBLogProxy.
Parameter Description sys Tenant Account After you toggle on sys Tenant Account, you must specify sys Account and Password. - sys Account: the username of the user in the sys tenant. The user reads incremental logs of OceanBase Database and obtains database object schemas. You must create the user in the sys tenant of your business cluster.
- Password: the password of the user.
OBLogProxy After you toggle on OBLogProxy, you must specify OBLogProxy connection information. oblogproxy is a proxy service for managing incremental logs of OceanBase Database. It provides project intervention and management capabilities as services to allow applications to access and manage real-time incremental logs of OceanBase Database. It also addresses the need for incremental log subscriptions in network isolation mode. The value is in the format of oblogproxy IP address:oblogproxy port number.Click Test Connection.
After the test succeeds, click Save.
MySQL data sources
OceanBase Cloud provides two connection types for MySQL data sources: Endpoint and Public IP.
Prerequisites
You have created an endpoint service on AWS, Huawei Cloud, Google Cloud, Alibaba Cloud, or Azure, and have the privilege to modify the endpoint allowlist.
You have the privileges of the organization admin or project admin of the OceanBase Cloud console.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, select Data Services > Data Source.
On the Data Source page, choose Create Data Source > MySQL.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Vendor At present, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region of the data source. Connection Type Select Endpoint. You must add the account ID displayed on the page to the allowlist of your endpoint service. This way, the endpoint of this account can connect to your endpoint service. For more information, see the corresponding topic under Connect via private network. - When you select Cloud Vendor as AWS, if you selected Acceptance required for the parameter Require acceptance for endpoint when you created the endpoint service, the data migration service will prompt you to go to the AWS console to perform the Accept endpoint connection request operation in the AWS console when the data migration service first connects to the PrivateLink.
- If you set Cloud Vendor to Google Cloud, add an authorized project to Published Services. After that, no manual authorization is required during a data source connection test.
Instance Type - When Cloud Vendor is set to Alibaba Cloud, instance types RDS MySQL, PolarDB MySQL, and Self-managed MySQL are supported.
- When Cloud Vendor is set to AWS, instance types Aurora MySQL, RDS MySQL, and Self-managed MySQL are supported.
- When Cloud Vendor is set to Google Cloud, instance types Cloud MySQL and Self-managed MySQL are supported.
- When Cloud Vendor is set to Huawei Cloud, instance types RDS MySQL and Self-managed MySQL are supported.
- When Cloud Vendor is set to Azure, instance types Azure MySQL and Self-managed MySQL are supported.
Connection Information Enter the name of the endpoint service of the selected cloud vendor. Database Account The username of a user in the MySQL database. Password The password of the database user. Click Test Connection.
After the test succeeds, click Save.
Prerequisites
You have the privilege to modify the security group allowlist of AWS, Huawei Cloud, Google Cloud, Alibaba Cloud, or Azure.
You have the privileges of the organization admin or project admin of the OceanBase Cloud console.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, click Data Services > Data Sources.
On the Data Sources page, click Create Data Source > MySQL.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Vendor At present, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region of the data source. Connection Type Select Public IP. You must first add the data source IP address displayed on the page to the allowlist of the MySQL database instance to ensure connectivity. For more information, see the corresponding topic under Connect via public network. Instance Type - When Cloud Vendor is set to Alibaba Cloud, instance types RDS MySQL, PolarDB MySQL, and Self-managed MySQL are supported.
- When Cloud Vendor is set to AWS, instance types Aurora MySQL, RDS MySQL, and Self-managed MySQL are supported.
- When Cloud Vendor is set to Google Cloud, instance types Cloud MySQL and Self-managed MySQL are supported.
- When Cloud Vendor is set to Huawei Cloud, instance types RDS MySQL and Self-managed MySQL are supported.
- When Cloud Vendor is set to Azure, instance types Azure MySQL and Self-managed MySQL are supported.
Connection Information Enter the IP address or host name to connect. Database Account The username of a user in the MySQL database. Password The password of the database user. Click Test Connection.
After the test succeeds, click Save.
Oracle data sources
OceanBase Cloud provides two connection types for Oracle data sources: Endpoint and Public IP.
Prerequisites
You have created an endpoint service on AWS, Huawei Cloud, Google Cloud, Alibaba Cloud, or Azure, and have the privilege to modify the endpoint allowlist.
You have the privileges of the organization admin or project admin of the OceanBase Cloud console.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, click Data Services > Data Sources.
On the Data Sources page, click Create Data Source > Oracle.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Vendor At present, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region of the data source. Connection Type Select Endpoint. You must add the account ID displayed on the page to the allowlist of your endpoint service. This way, the endpoint of this account can connect to your endpoint service. For more information, see the corresponding topic under Connect via private network. - When you select Cloud Vendor as AWS, if you selected Acceptance required for the parameter Require acceptance for endpoint when you created the endpoint service, the data migration service will prompt you to go to the AWS console to perform the Accept endpoint connection request operation in the AWS console when the data migration service first connects to the PrivateLink.
- If you set Cloud Vendor to Google Cloud, add an authorized project to Published Services. After that, no manual authorization is required during a data source connection test.
Instance Type - When Cloud Vendor is set to AWS, instance types RDS Oracle and Self-managed Oracle are supported.
- When Cloud Vendor is set to Alibaba Cloud, Google Cloud, Huawei Cloud, or Azure, only the Self-managed Oracle instance type is supported.
Connection Information Enter the name of the endpoint service of the selected cloud vendor. Service Name The service name of the Oracle database. Database Account The username of a user in the Oracle database. Password The password of the database user. Click Test Connection.
After the test succeeds, click Save.
Prerequisites
You have the privilege to modify the security group allowlist of AWS, Huawei Cloud, Google Cloud, Alibaba Cloud, or Azure.
You have the privileges of the organization admin or project admin of the OceanBase Cloud console.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, click Data Services > Data Sources.
On the Data Sources page, click Create Data Source > Oracle.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Vendor At present, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region of the data source. Connection Type Select Public IP. You must first add the data source IP address displayed on the page to the allowlist of the Oracle database instance to ensure connectivity. For more information, see the corresponding topic under Connect via public network. Instance Type - When Cloud Vendor is set to AWS, instance types RDS Oracle and Self-managed Oracle are supported.
- When Cloud Vendor is set to Alibaba Cloud, Google Cloud, Huawei Cloud, or Azure, only the Self-managed Oracle instance type is supported.
Connection Information Enter the IP address or host name to connect. Service Name The service name of the Oracle database. Database Account The username of a user in the Oracle database. Password The password of the database user. Click Test Connection.
After the test succeeds, click Save.
Kafka data sources
OceanBase Cloud supports two connection methods for a Kafka instance: Endpoint and Public IP.
Prerequisites
You have created a endpoint service on Alibaba Cloud, AWS, Google Cloud, or Huawei Cloud and have the permission to modify the allowlist of the endpoint service.
You have the permissions of an organization admin or project admin in the OceanBase Cloud console.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, click Data Services > Data Source.
On the Data Source page, click Create Data Source > Kafka.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Vendor Currently, Alibaba Cloud, AWS, Google Cloud, and Huawei Cloud are supported. Region The region where the data source is located. Connection Type Select Endpoint. You need to add the account ID displayed on the page to the allowlist of your endpoint service to allow the endpoint to connect to the endpoint service. For more information, see the corresponding topic under Connect via private network. - When you select Cloud Vendor as AWS, if you selected Acceptance required for the parameter Require acceptance for endpoint when you created the endpoint service, the data migration service will prompt you to go to the AWS console to perform the Accept endpoint connection request operation in the AWS console when the data migration service first connects to the PrivateLink.
- If you select Google Cloud as the cloud vendor, you need to add the authorized project to the published services. After you add the authorization, you do not need to manually authorize the data source when you test the connection.
Instance Type The type of the Kafka instance. Valid values: Self-managed Kafka and Cloud Instance Kafka. Connection Information The name of the endpoint service and the Kafka endpoint of the selected cloud vendor. 
Notice
For Alibaba Cloud Kafka Instance, you can enter only an IP address, not a domain name, when you enter the Kafka endpoint.
You can choose to enable SASL in Security Authentication as needed. If you enable SASL, configure the following parameters.
Parameter Description Authentication Method The authentication method. Valid values: PLAIN, SCRAM-SHA-256, and SCRAM-SHA-512. - The PLAIN authentication method is simple but cannot dynamically change users. It stores usernames and passwords in plaintext, which is not secure.
- SCRAM (Salted Challenge Response Authentication Mechanism) solves security issues by using the traditional username and password authentication mechanism. Kafka supports SCRAM-SHA-256, which can be used together with TLS for secure authentication.
This authentication method allows dynamic user changes, and stores user data in Zookeeper. Before starting a broker, you need to communicate with Zookeeper to create a communication user between the broker and Zookeeper. However, this authentication method stores the username and password in plaintext. - Kafka also supports SCRAM-SHA-512, which can be used together with TLS for secure authentication.
Username The username for data migration. Password The password for data migration. Click Test Connection.
After the test succeeds, click Save.
Prerequisites
You have the permission to modify the allowlist of the security group of AWS, Huawei Cloud, Google Cloud, or Alibaba Cloud.
You have the permissions of an organization admin or project admin in the OceanBase Cloud console.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, click Data Services > Data Source.
On the Data Source page, click Create Data Source > Kafka.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Vendor Currently, Alibaba Cloud, AWS, Google Cloud, and Huawei Cloud are supported. Region The region where the data source is located. Connection Type Select Public IP. You need to add the data source IP address displayed on the page to the allowlist of the Kafka instance to ensure connectivity. For more information, see the corresponding topic under Connect via public network. Instance Type The type of the Kafka instance. Valid values: Self-managed Kafka and Cloud Instance Kafka. Connection Information The Kafka endpoint. If the Kafka data source has not been configured with security authentication, a data migration task that uses the data source as the source or destination may fail to connect. Configure the security authentication parameters as follows.
Click Upload File and upload a trusted certificate with the .jks extension.
You can choose to enable SASL as needed. If you enable SASL, configure the following parameters.
Parameter Description Authentication Method The authentication method. Valid values: PLAIN, SCRAM-SHA-256, and SCRAM-SHA-512. - The PLAIN authentication method is simple but cannot dynamically change users. It stores usernames and passwords in plaintext, which is not secure.
- SCRAM (Salted Challenge Response Authentication Mechanism) solves security issues by using the traditional username and password authentication mechanism. Kafka supports SCRAM-SHA-256, which can be used together with TLS for secure authentication.
This authentication method allows dynamic user changes, and stores user data in Zookeeper. Before starting a broker, you need to communicate with Zookeeper to create a communication user between the broker and Zookeeper. However, this authentication method stores the username and password in plaintext. - Kafka also supports SCRAM-SHA-512, which can be used together with TLS for secure authentication.
Username The username for data migration. Password The password for data migration.
Click Test Connection.
After the test succeeds, click Save.
PostgreSQL data source
For a PostgreSQL database, OceanBase Cloud provides two connection methods: endpoint connection and public IP connection.
Prerequisites
You have created an endpoint service for connecting to the cloud service and have the permission to modify the allowlist of the endpoint service.
You have the permission of an organization admin or project admin of OceanBase Cloud.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, select Data Services > Data Source.
On the Data Source page, click Create Data Source > PostgreSQL.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Service Currently, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region where the data source is located. Connection Type Select Endpoint. You need to add the displayed account ID to the allowlist of your endpoint service to allow the endpoint to connect to the endpoint service. For more information, see the corresponding topic under Connect via private network. - When you select Cloud Vendor as AWS, if you selected Acceptance required for the parameter Require acceptance for endpoint when you created the endpoint service, the data migration service will prompt you to go to the AWS console to perform the Accept endpoint connection request operation in the AWS console when the data migration service first connects to the PrivateLink.
- When you select Google Cloud as the cloud service, add the authorized project to Published Services. After the authorization is added, no manual authorization is required when you test the connection to the data source.
Instance Type - When you select AWS as the cloud service, the instance type can be RDS PostgreSQL, Aurora PostgreSQL, or Self-managed PostgreSQL.
- When you select Huawei Cloud or Alibaba Cloud as the cloud service, the instance type can be RDS PostgreSQL or Self-managed PostgreSQL.
- When you select Google Cloud as the cloud service, the instance type can be Cloud PostgreSQL or Self-managed PostgreSQL.
- When you select Azure as the cloud service, the instance type can be Azure for PostgreSQL or Self-managed PostgreSQL.
Endpoint Enter the name of the endpoint service of the selected cloud service. Database Name The name of the PostgreSQL database. Database Account The username of the PostgreSQL database. Password The password of the database user. Click Test Connection.
After the test is successful, click Save.
Prerequisites
You have the permission to modify the allowlist of the security group of AWS, Huawei Cloud, Google Cloud, Alibaba Cloud, or Azure.
You have the permission of an organization admin or project admin of OceanBase Cloud.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, select Data Services > Data Source.
On the Data Source page, click Create Data Source > PostgreSQL.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Service Currently, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region where the data source is located. Connection Type Select Public IP. You need to add the displayed data source IP address to the allowlist of the PostgreSQL database instance to ensure connectivity. For more information, see the corresponding topic under Connect via public network. Instance Type - When you select AWS as the cloud service, the instance type can be RDS PostgreSQL, Aurora PostgreSQL, or Self-managed PostgreSQL.
- When you select Huawei Cloud or Alibaba Cloud as the cloud service, the instance type can be RDS PostgreSQL or Self-managed PostgreSQL.
- When you select Google Cloud as the cloud service, the instance type can be Cloud PostgreSQL or Self-managed PostgreSQL.
- When you select Azure as the cloud service, the instance type can be Azure for PostgreSQL or Self-managed PostgreSQL.
Endpoint Enter the IP address or hostname of the data source to be connected. Database Name The name of the PostgreSQL database. Database Account The username of the PostgreSQL database. Password The password of the database user. Click Test Connection.
After the test is successful, click Save.
TiDB data source
For a TiDB database, OceanBase Cloud provides two connection methods: endpoint connection and public IP connection.
Prerequisites
You have created an endpoint service for connecting to the cloud service and have the permission to modify the allowlist of the endpoint service.
You have the permission of an organization admin or project admin of OceanBase Cloud.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, select Data Services > Data Source.
On the Data Source page, click Create Data Source > TiDB.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Service Currently, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region where the data source is located. Connection Type Select Endpoint. You need to add the displayed account ID to the allowlist of your endpoint service to allow the endpoint to connect to the endpoint service. For more information, see the corresponding topic under Connect via private network. - When you select Cloud Vendor as AWS, if you selected Acceptance required for the parameter Require acceptance for endpoint when you created the endpoint service, the data migration service will prompt you to go to the AWS console to perform the Accept endpoint connection request operation in the AWS console when the data migration service first connects to the PrivateLink.
- When you select Google Cloud as the cloud service, add the authorized project to Published Services. After the authorization is added, no manual authorization is required when you test the connection to the data source.
Instance Type Only Self-managed TiDB is supported. Endpoint Enter the name of the endpoint service of the selected cloud service. Database Account The username of the TiDB database. Password The password of the database user. Click Test Connection.
After the test is successful, click Save.
Prerequisites
You have the permission to modify the allowlist of the security group of AWS, Huawei Cloud, Google Cloud, Alibaba Cloud, or Azure.
You have the permission of an organization admin or project admin of OceanBase Cloud.
Procedure
Log in to the OceanBase Cloud console.
In the left-side navigation pane, select Data Services > Data Source.
On the Data Source page, click Create Data Source > PostgreSQL.
In the Create Data Source dialog box, configure the parameters.
Parameter Description Cloud Service Currently, Alibaba Cloud, AWS, Google Cloud, Huawei Cloud, and Azure are supported. Region The region where the data source is located. Connection Type Select Public IP. You need to add the displayed data source IP address to the allowlist of the TiDB database instance to ensure connectivity. For more information, see the corresponding topic under Connect via public network. Instance Type Only Self-managed TiDB is supported. Endpoint Enter the IP address or hostname of the data source to be connected. Database Account The username of the TiDB database. Password The password of the database user. If you want to obtain incremental data from TiDB by using Kafka, you need to fill in Incremental Sync Settings to enable Binlog and TiCDC data sources. If you do not fill in the following configurations, when you create a data migration task to migrate data from the TiDB database to the MySQL compatible mode of OceanBase Database, you cannot select Incremental Synchronization on the Select Type & Objects page.
Parameter Description Kafka Data Source The Kafka data source is used to save the incremental logs of TiDB data converted by the TiCDC tool, so that the data migration service can consume the data. Notice
You can select only a Kafka data source of the same cloud service as TiDB.
Topic Select the topic of the Kafka data source to be bound from the drop-down list. TiDB Data Format When you migrate data from the TiDB database to the MySQL compatible mode of OceanBase Database, you can select TiCDC or TiDB Binlog data format from the drop-down list. Click Test Connection.
After the test is successful, click Save.