• Relational Database Service

  1. Help Center
  2. Relational Database Service
  3. User Guide
  4. Working with RDS for MySQL
  5. Configuring Database Security

Configuring Database Security

Password Strength Requirements

For strength requirements for the RDS console database password, see the database configuration table in Table 4.

RDS sets password security policies for database users. The passwords of RDS database accounts must:
  • Consist of at least eight characters.
  • Contain at least one uppercase letter, one lowercase letter, one digit, and one special character.

When you create DB instances, your password strength is checked. You can modify the password strength as user root. For security reasons, you are advised to use a password that is at least as strong as the default one.

Account Description

To provide management services for MySQL DB instances, the following accounts are created when you create MySQL DB instances.

Attempting to delete, rename, and change passwords or permissions for these accounts will result in an error.

  • rdsAdmin: indicates the management account, which has the highest superuser permission and is used to query and modify DB instance information, rectify faults, migrate data, and restore data.
  • rdsRepl: indicates the replication account, which is used to synchronize data from primary DB instances to standby DB instances or read replicas.
  • rdsBackup: indicates the backup account, which is used for background backup.
  • rdsMetric: indicates the metering account, which is used by watchdog to collect database status data.