Security in cloud environments is both challenging and fascinating, particularly for Database-as-a-Service (DBaaS) offerings like Amazon RDS, GCP CloudSQL and Alibaba ApsaraDB RDS. The cloud vendor acts as the system administrator, managing the operating system, patching, and backups, while the user manages their data and databases.
To uphold this managed experience and protect the platform’s integrity, each vendor implements strict access controls, effectively removing the customer’s ability to access high-privilege system roles like sysadmin or internal databases. The core idea is simple: limit what users can do and see to protect the underlying infrastructure and other tenants.
They say: