Account Types and Permissions

Recent Pages

Account Types and Permissions

Last updated: 2024-09-05 11:38:12

After you create a TencentDB for SQL Server instance, you can create different database accounts to allocate and manage databases based on your business needs.
You can create different types of accounts with different permissions for both TencentDB for SQL Server two-node (formerly High Availability/Cluster Edition) and single-node (formerly Basic Edition) instances. This document describes the supported types of accounts and their permissions.
Note: 
TencentDB for SQL Server launched the new database account and permission logic on February 9, 2023. For the mappings between old and new account types and permissions, see Account Type and Permission Changes.
Account types and permissions for two-node (formerly High Availability/Cluster Edition) instances
Instance Architecture
Account Type
Database Permission
Role Description
Two-node (formerly High Availability/Cluster Edition)
Privileged account
Instance admin account, which has the owner permissions of all databases by default.
Server-level roles: 
securityadmin
processadmin
dbcreatorDatabase-level roles:
db_owner
﻿
Standard account
Owner
Server-level roles: 
securityadmin
processadmin
dbcreatorDatabase-level roles:
db_owner
﻿
﻿
Read/Write
Server-level roles: 
securityadmin
processadmin
dbcreatorDatabase-level roles:
db_reader
db_writer
﻿
﻿
Read-only
Server-level roles: 
securityadmin
processadmin
dbcreatorDatabase-level roles:
db_reader
﻿
Designated account
A designated account can only view and own the specified database. 
A designated account can be authorized to multiple databases, but a database can be authorized to only one designated account.
Server-level roles: 
securityadmin
processadmin
dbcreatorDatabase-level roles: 
db_owner
Account types and permissions for single-node (formerly Basic Edition) instances
Note：
The admin account is currently not available for creation. If necessary, submit a ticket to obtain a resolution.                    
Instance Architecture
Account Type
Database Permission
Role Description
Single-node (formerly Basic Edition)
Admin account
Instance admin account, which has the highest-level sysadmin permission and the owner permissions of all databases. After the admin account is enabled, the product SLA will no longer be guaranteed.
Server-level roles: 
sysadminDatabase-level roles: 
db_owner
﻿
Privileged account
It has the owner permissions of all databases by default.
Server-level roles: 
securityadmin
processadmin
dbcreatorDatabase-level roles: 
db_owner
﻿
Standard account
Owner
Server-level roles: 
securityadmin
processadmin
dbcreatorDatabase-level roles:
db_owner
﻿
﻿
Read/Write
Server-level roles: 
securityadmin
processadmin
dbcreatorDatabase-level roles:
db_reader
db_writer
﻿
﻿
Read-only
Server-level roles: 
securityadmin
processadmin
dbcreatorDatabase-level roles:
db_reader
﻿
Designated account
A designated account can only view and own the specified database. 
A designated account can be authorized to multiple databases, but a database can be authorized to only one designated account.
Server-level roles: 
securityadmin
processadmin
dbcreatorDatabase-level roles: 
db_owner

Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support

tencent cloud

Recent Pages

Account Types and Permissions

Account types and permissions for two-node (formerly High Availability/Cluster Edition) instances

Account types and permissions for single-node (formerly Basic Edition) instances

Was this page helpful?

Was this page helpful?

Instance Architecture	Account Type	Database Permission	Role Description
Two-node (formerly High Availability/Cluster Edition)	Privileged account	Instance admin account, which has the owner permissions of all databases by default.	Server-level roles: securityadmin processadmin dbcreatorDatabase-level roles: db_owner
		Standard account	Owner	Server-level roles: securityadmin processadmin dbcreatorDatabase-level roles: db_owner
				Read/Write	Server-level roles: securityadmin processadmin dbcreatorDatabase-level roles: db_reader db_writer
				Read-only	Server-level roles: securityadmin processadmin dbcreatorDatabase-level roles: db_reader
		Designated account	A designated account can only view and own the specified database. A designated account can be authorized to multiple databases, but a database can be authorized to only one designated account.	Server-level roles: securityadmin processadmin dbcreatorDatabase-level roles: db_owner

tencent cloud

Sign Up

Log in

Recent Pages

Account Types and Permissions

Account types and permissions for two-node (formerly High Availability/Cluster Edition) instances

Account types and permissions for single-node (formerly Basic Edition) instances

Was this page helpful?

Was this page helpful?