TencentDB for SQL Server instances support granting, modifying, or revoking operation permissions for different accounts on databases or tables after accounts are created.
The operations to set database/table permissions supported by different types of accounts are as follows.
Account Type
Operation to Set Database Permissions
Operation to Set Table Permissions
Standard account
Supported
Supported
Privileged account
Not supported. Privileged accounts have owner permissions for all databases by default. There is no need to set database permissions separately.
Supported
Admin account
Not supported. Admin accounts have the highest sysadmin management permission and have owner permissions for all databases by default. There is no need to set database permissions separately.
Reference permission. A table should be referenced when a foreign key is created.
Database Permission Setting
Setting database permissions for an account means granting database-level permissions to the account.
When you create an account, if the database permissions have already been set for the account, you can modify or revoke these permissions by following the steps below. If no database permissions are set for the account, you can grant database-level permissions after account creation by following the steps below. You can also follow the steps below to modify or revoke permissions after authorization.
1. Log in to the TencentDB for SQL Server console and click Instance ID or Manage in the Operation column of the instance list to enter the instance management page.
2. On the instance management page, select the Account Management page, select the target account, and click Set Database Permission in the Operation column.
Note:
You can select multiple accounts in the account list and choose Batch Management > Batch Reset Database Permissions above to modify database permissions in batches.
3. In the pop-up dialog box, set permissions as needed and click OK.
Operations that can be performed in the dialog box are as follows:
Selecting the databases to be authorized: The database list on the left displays unselected databases. You can select one or multiple databases to be authorized, or select Unauthorized Database to select all such databases in one click. You can click
to sort the databases by the first letter of database names (in ascending or descending order). After selecting databases to be authorized, you can set permissions in the database list on the right, including read-write, read-only, and owner.
Revoking database authorization: The database list on the right displays authorized databases. If you need to revoke authorization, click the cross sign next to the target database.
Modifying permissions on authorized databases: In the database list on the right, you can modify permissions on authorized databases. For example, change from read-write to read-only or from read-only to owner.
Table Permission Setting
Setting table permissions for an account means granting table-level permissions to the account.
1. Log in to the TencentDB for SQL Server console and click Instance ID or Manage in the Operation column of the instance list to enter the instance management page.
2. On the instance management page, select the Account Management page, select the target account, and choose More > Set Table Permissions in the Operation column.
Note:
The account type in Step 2 is standard account. If the account type is privileged account, the operation is as follows: Click Set Table Permissions in the Operation column.
3. In the pop-up dialog box, select the table for setting table permissions, set permissions, and click Next.
Operations that can be performed in the dialog box are as follows:
Filtering: In a database, you can enter a table name for quick filtering.
Batch authorization: You can click Batch Authorize to select tables in batches and set permissions for these tables uniformly.
Clearing and exiting batch authorization: After clicking Batch Authorize, you can perform this operation to clear selected tables and set permissions in one click and return to the initial permission settings page before confirming the current permission settings.
Reset: You can click Reset to reset table permissions. After the reset, you can perform permission settings again as needed.
Permission settings: Multiple operations can be performed on tables, such as INSERT and DELETE. You can set permissions for each operation (including granting, granting and allowing further granting, or denying).
Modifying or revoking permissions: To modify or revoke set permissions for a table, you can locate the target table and then reselect permissions during permission settings or deselect the set permissions.
4. After setting the permissions, enter SQL Preview to preview all table permissions granted to the current account this time. If modifications are needed, click Previous to make modifications. To revoke this authorization, click Revoke.
5. After confirming that everything is correct, click Confirm to complete the current settings.
