With the latest update of the Relational Database Services, you can now configure permissions on the Relational Database in-depth. From now onwards, you can also set fine-grained access rights via the "Custom Policy Designer", which allows you to define permissions on specific "actions". This can be the permission to, e.g., "ReadWrite" or "ListOnly". You can select from a total of 66 actions which can be assigned to your custom policy. Permissions on "actions" can be "granted", as well as explicitly forbidden.
Furthermore, it is possible to limit the access rules to specific resources. This allows you to define different action permissions for different users/user groups on different RDS services. The permission policy can be linked to further conditional parameters. Those criteria must first be met before the user is then allowed to perform the corresponding action. For example, permissions can be bound to conditions such as only valid for a specific service name or valid for all service names excluding a specific one.
The "Custom Policy Designer" is available to you via the "Permissions" tab from the IAM Service.
Below you will find the short overview of the update again.
Permissions can be:
- set up on action level (66 individual actions in total).
- allowed or explicitly forbidden.
- assigned to dedicated services.
- linked to conditional parameters.
Further information can be found in the Open Telekom Cloud help center:
Please feel free to ask questions in our Open Telekom Cloud Community.