tencent cloud

Feedback

Account Types and Permissions

Last updated: 2024-09-05 11:38:12
    After you create a TencentDB for SQL Server instance, you can create different database accounts to allocate and manage databases based on your business needs. You can create different types of accounts with different permissions for both TencentDB for SQL Server two-node (formerly High Availability/Cluster Edition) and single-node (formerly Basic Edition) instances. This document describes the supported types of accounts and their permissions.
    Note:
    TencentDB for SQL Server launched the new database account and permission logic on February 9, 2023. For the mappings between old and new account types and permissions, see Account Type and Permission Changes.

    Account types and permissions for two-node (formerly High Availability/Cluster Edition) instances

    Instance Architecture
    Account Type
    Database Permission
    Role Description
    Two-node (formerly High Availability/Cluster Edition)
    Privileged account
    Instance admin account, which has the owner permissions of all databases by default.
    Server-level roles:
    securityadmin
    processadmin
    dbcreatorDatabase-level roles:
    db_owner
    Standard account
    Owner
    Server-level roles:
    securityadmin
    processadmin
    dbcreatorDatabase-level roles:
    db_owner
    Read/Write
    Server-level roles:
    securityadmin
    processadmin
    dbcreatorDatabase-level roles:
    db_reader
    db_writer
    Read-only
    Server-level roles:
    securityadmin
    processadmin
    dbcreatorDatabase-level roles:
    db_reader
    Designated account
    A designated account can only view and own the specified database.
    A designated account can be authorized to multiple databases, but a database can be authorized to only one designated account.
    Server-level roles:
    securityadmin
    processadmin
    dbcreatorDatabase-level roles:
    db_owner

    Account types and permissions for single-node (formerly Basic Edition) instances

    Note:
    The admin account is currently not available for creation. If necessary, submit a ticket to obtain a resolution.
    Instance Architecture
    Account Type
    Database Permission
    Role Description
    Single-node (formerly Basic Edition)
    Admin account
    Instance admin account, which has the highest-level sysadmin permission and the owner permissions of all databases. After the admin account is enabled, the product SLA will no longer be guaranteed.
    Server-level roles:
    sysadminDatabase-level roles:
    db_owner
    Privileged account
    It has the owner permissions of all databases by default.
    Server-level roles:
    securityadmin
    processadmin
    dbcreatorDatabase-level roles:
    db_owner
    Standard account
    Owner
    Server-level roles:
    securityadmin
    processadmin
    dbcreatorDatabase-level roles:
    db_owner
    Read/Write
    Server-level roles:
    securityadmin
    processadmin
    dbcreatorDatabase-level roles:
    db_reader
    db_writer
    Read-only
    Server-level roles:
    securityadmin
    processadmin
    dbcreatorDatabase-level roles:
    db_reader
    Designated account
    A designated account can only view and own the specified database.
    A designated account can be authorized to multiple databases, but a database can be authorized to only one designated account.
    Server-level roles:
    securityadmin
    processadmin
    dbcreatorDatabase-level roles:
    db_owner
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support