For data security purposes, GaussDB(DWS) provides a series of security measures, such as automatically locking and unlocking accounts, manually locking and unlocking abnormal accounts, and deleting accounts that are no longer used.
If administrators detect an abnormal account that may be stolen or illegally accesses the database, they can manually lock the account.
The administrator can also manually unlock the account if the account becomes normal again.
For details about how to create a user, see Users. To manually lock and unlock user joe, run commands in the following format:
1 | ALTER USER joe ACCOUNT LOCK; |
1 | ALTER USER joe ACCOUNT UNLOCK; |
An administrator can delete an account that is no longer used. This operation cannot be rolled back.
When an account to be deleted is in the active state, it is deleted after the session is disconnected.
For example, if you want to delete account joe, run the command in the following format:
1 | DROP USER joe CASCADE; |