检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
DWSAccessKMS KMS Administrator Used to query and rotate keys in a KMS encrypted cluster. DWSAccessVPC Server Administrator If a node is faulty, the EIP is automatically migrated from the faulty node to a normal node.
The channels are not encrypted by default. NOTE: This parameter is available only for clusters with Kerberos authentication enabled.
-1 means no limit. rolpassword text Password (possibly encrypted); NULL if no password. rolvalidbegin timestamp with time zone Account validity start time; NULL if no start time rolvaliduntil timestamp with time zone Password expiry time; NULL if no expiration rolrespool name Resource
-1 means no limit. rolpassword Text Password (possibly encrypted); NULL if no password. rolvalidbegin Timestamp with time zone Account validity start time; NULL if no start time rolvaliduntil Timestamp with time zone Password expiry time; NULL if no expiration rolrespool Name Resource
The DEK is encrypted using the CEK and stored in the GaussDB(DWS) cluster. Keys are applied for, encrypted, and decrypted through the KMS service. The cryptographic algorithm is configured using configuration items. Currently, AES and SM4 algorithms are supported.
Table 1 sslmode options sslmode Whether SSL Encryption Is Enabled Description disable No The SSL secure connection is not used. allow Probably The SSL secure encrypted connection is used if required by the database server, but does not check the authenticity of the server. prefer
Table 1 sslmode options sslmode Whether SSL Encryption Is Enabled Description disable No The SSL secure connection is not used. allow Probably The SSL secure encrypted connection is used if required by the database server, but does not check the authenticity of the server. prefer
If Enable SSL is not selected during connecting to Data Studio, data is not encrypted by default. If the security file is damaged during the SSL connection, Data Studio cannot perform any database operations.
A positive number indicates the duration after which a locked account is automatically unlocked. 1 password_encryption_type Specifies the encryption type of user passwords. 0 indicates that passwords are encrypted with MD5. 1 indicates that passwords are encrypted with SHA-256, which
More Convert to Encryption Cluster: For details, see Converting an Ordinary Cluster to an Encrypted Cluster. View Metric: For details, see Viewing GaussDB(DWS) Cluster Monitoring Information on Cloud Eye. Restart: Click Restart to restart a cluster.
Table 3 sslmode options sslmode Whether SSL Encryption Is Enabled Description disable No The SSL secure connection is not used. allow Probably The SSL secure encrypted connection is used if required by the database server, but does not check the authenticity of the server. prefer
Table 3 sslmode options sslmode Whether SSL Encryption Is Enabled Description disable No The SSL secure connection is not used. allow Probably The SSL secure encrypted connection is used if required by the database server, but does not check the authenticity of the server. prefer
The new password will be encrypted using the hash algorithm and stored for authentication in the next connection.
The new password will be encrypted using the hash algorithm and stored for authentication in the next connection.
- -k, --with-key=KEY Uses gsql to decrypt imported encrypted files.
When you create a foreign table, its SK value is encrypted and saved to the metadata table of the database. chunksize Specifies the cache read by each OBS thread on a DN. Its value range is 8 to 512 in the unit of MB.
--with-encryption=AES128 Specifies that dumping data needs to be encrypted using AES128. --with-key=KEY Specifies that the key length of AES128 must be 16 bytes. --include-extensions Backs up all CREATE EXTENSION statements if the include-extensions parameter is set.
Figure 10 Configuring DataCheck You can use the command below in the tool to generate the ciphertext of src.passwd and dws.passwd. encryption.bat password After the command is executed, an encrypted file is generated in the local bin directory.
using a PGP symmetric key. 23 pgp_pub_encrypt() Used for public key encryption. 24 pgp_pub_decrypt() Decrypts a message encrypted using a PGP public key. 25 pgp_key_id() Extracts the key ID of the PGP public or private key.
When you create a foreign table, its SK value is encrypted and saved to the metadata table of the database.