tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Secrets Manager
    Documentation
    Download PDF

    Creating a Database Credential

    Last updated: 2024-01-02 15:07:13
    Download PDF

      Scenarios

      You want to enable rotation and encryption for database credential created in the SSM console, securing your data while reducing disclosure risks and security threats to your account.

      Prerequisites

      Before using database credentials, please note the following prerequisites:
      You have enabled KMS services, as SSM encrypts data based on keys managed in KMS.
      You have created a TencentDB for MySQL instance or TDSQL for MySQL instance. For details, see Creating MySQL Instance, and Creating TDSQL Instance.

      Directions

      1. Log in to the SSM Console and click Database Credential on the left sidebar.
      
      2. Click the drop-down button in the top left corner of the credential list to modify the region.
      
      3. Click Create in the top left corner of the credential list.
      4. Enter the information required to create a credential and click OK. The credential will be displayed at the top of the credential list.
      

      Fields

      Basic settings

      Secret Name: supports 1–128 bytes of letters, digits, hyphens (-), and underscores (_). It must start with a letter or digit.
      Description: contains information of a credential using up to 2048 bytes (optional).

      Database account settings

      Bound Instance: a MySQL instance or TDSQL instance of your choice.
      Account Prefix: It contains 1-8 characters, including letters, digits and underscores (_). It must start with an upper- or lower-case letter.
      Note:
      Two account names will be generated in the format of [prefix]SSM[three random digits]. These two account names will be shifted for rotation.
      Server:
      Must be in IP format. % is supported.
      Multiple servers should be separated with a carriage return or space.
      Authorization: enables you to set permissions on the database.
      

      Rotation settings

      Rotation Status: with rotation enabled, SSM will update the database credential password periodically. It is recommended to enable rotation for safety.
      Rotation Cycle: ranges from 30 days to 365 days.
      Next Rotation Start: enables you to set the start time (in seconds) for next rotation as needed.

      Others

      Tag: optional item.
      Encryption Key:
      Use the default CMK that SSM has created in KMS.
      Use a custom encryption key.
      Note:
      If you are using SSM, you have activated KMS. You can create an encryption key in either of the following ways:
      Use the default Tencent Cloud managed CMK created in the KMS console as encryption key, and use the envelope encryption method for encrypted storage.
      Use a custom key created in the KMS console as encryption key for encrypted storage.
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy