alibabacloud-dms-skill
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseAlibaba Cloud DMS Database Read/Write
阿里云DMS数据库读写
Search for target databases and execute SQL queries and data modifications via Alibaba Cloud DMS OpenAPI.
通过阿里云DMS OpenAPI搜索目标数据库,执行SQL查询和数据修改。
Scenario Description
场景描述
This skill implements the following workflow:
- Search Target Database — Search databases by keyword to get Database ID
- Execute SQL Query — Execute SQL statements on the target database
本技能实现以下工作流:
- 搜索目标数据库 — 按关键词搜索数据库获取数据库ID
- 执行SQL查询 — 在目标数据库上执行SQL语句
Architecture
架构
User Request → Search Database → Get Database ID → Execute SQL → Return ResultsUser Request → Search Database → Get Database ID → Execute SQL → Return ResultsPrerequisites
前置条件
Pre-check: Aliyun CLI >= 3.3.1 required Runto verify >= 3.3.1. If not installed or version too low, seealiyun versionfor installation instructions. Then [MUST] runreferences/cli-installation-guide.mdto enable automatic plugin installation.aliyun configure set --auto-plugin-install true
- Aliyun CLI >= 3.3.1
- jq (for JSON parsing):
brew install jq - Credentials configured via
aliyun configure
Pre-check: Alibaba Cloud Credentials RequiredSecurity Rules:
- NEVER read, echo, or print AK/SK values (e.g.,
is FORBIDDEN)echo $ALIBABA_CLOUD_ACCESS_KEY_ID- NEVER ask the user to input AK/SK directly in the conversation or command line
- NEVER use
with literal credential valuesaliyun configure set- ONLY use
to check credential statusaliyun configure listbashaliyun configure listCheck the output for a valid profile (AK, STS, or OAuth identity).If no valid profile exists, STOP here.
- Obtain credentials from Alibaba Cloud Console
- Configure credentials outside of this session (via
in terminal or environment variables in shell profile)aliyun configure- Return and re-run after
shows a valid profilealiyun configure list
预检查:要求Aliyun CLI >= 3.3.1 运行验证版本 >= 3.3.1。如果未安装或版本过低, 参考aliyun version查看安装指引。 之后【必须】运行references/cli-installation-guide.md开启自动插件安装功能。aliyun configure set --auto-plugin-install true
- Aliyun CLI >= 3.3.1
- jq(用于JSON解析):
brew install jq - 已通过配置凭证
aliyun configure
预检查:需要阿里云凭证安全规则:
- 严禁读取、回显或打印AK/SK值(例如禁止执行
)echo $ALIBABA_CLOUD_ACCESS_KEY_ID- 严禁要求用户在对话或命令行中直接输入AK/SK
- 严禁使用字面量凭证值执行
aliyun configure set- 仅可使用
检查凭证状态aliyun configure listbashaliyun configure list检查输出中是否存在有效配置(AK、STS或OAuth身份)。如果不存在有效配置,请停止操作。
- 从阿里云控制台获取凭证
- 在本次会话之外配置凭证(通过终端执行
或在shell配置文件中设置环境变量)aliyun configure- 待
显示有效配置后,返回重新执行aliyun configure list
RAM Permissions
RAM权限
[MUST] RAM Permission Pre-check: Verify that the current user has the following RAM permissions before execution. Seefor the complete permission list.references/ram-policies.md
[必须] RAM权限预检查: 执行前请确认当前用户拥有所需RAM权限。 完整权限列表参考。references/ram-policies.md
Parameter Confirmation
参数确认
IMPORTANT: Parameter Confirmation — Before executing any command or API call, ALL user-customizable parameters (e.g., database keyword, SQL statement, db-id, etc.) MUST be confirmed with the user. Do NOT assume or use default values without explicit user approval.
| Parameter | Required/Optional | Description | Default |
|---|---|---|---|
| keyword | Required | Database search keyword (1-128 chars, alphanumeric) | - |
| db-id | Required | Database ID (positive integer, obtained from search) | - |
| sql | Required | SQL statement to execute (1-10000 chars) | - |
| logic | Optional | Whether to use logic database mode | false |
| force | Optional | Confirm write operations (INSERT/UPDATE/DELETE) | false |
| dry-run | Optional | Preview write operations without executing | false |
重要提示:参数确认 — 执行任何命令或API调用前, 所有用户可自定义参数(例如数据库关键词、SQL语句、db-id等) 必须与用户确认。未获得用户明确批准前,不得假设或使用默认值。
| 参数 | 必填/可选 | 描述 | 默认值 |
|---|---|---|---|
| keyword | 必填 | 数据库搜索关键词(1-128个字符,字母数字) | - |
| db-id | 必填 | 数据库ID(正整数,从搜索结果中获取) | - |
| sql | 必填 | 待执行的SQL语句(1-10000个字符) | - |
| logic | 可选 | 是否使用逻辑库模式 | false |
| force | 可选 | 确认写操作(INSERT/UPDATE/DELETE) | false |
| dry-run | 可选 | 预览写操作而不实际执行 | false |
Core Workflow
核心工作流
Task 1: Search Target Database
任务1:搜索目标数据库
Search for databases by keyword to get the Database ID:
bash
./scripts/search_database.sh <keyword> --jsonExample:
bash
undefined按关键词搜索数据库获取数据库ID:
bash
./scripts/search_database.sh <keyword> --json示例:
bash
undefinedSearch for databases containing "mydb"
搜索包含"mydb"的数据库
./scripts/search_database.sh mydb --json
The output includes `database_id`, `schema_name`, `db_type`, `host`, `port`, etc../scripts/search_database.sh mydb --json
输出包含`database_id`、`schema_name`、`db_type`、`host`、`port`等信息。Task 2: Execute SQL Query
任务2:执行SQL查询
Execute SQL using the Database ID obtained in the previous step:
bash
./scripts/execute_query.sh --db-id <database_id> --sql "<SQL_statement>"使用上一步获取的数据库ID执行SQL:
bash
./scripts/execute_query.sh --db-id <database_id> --sql "<SQL_statement>"Write Operation Protection
写操作保护
For write operations (INSERT/UPDATE/DELETE), the script implements protective pre-check:
| Parameter | Description |
|---|---|
| Required to confirm and execute write operations |
| Preview write operations without executing |
DDL Operations (DROP/TRUNCATE/ALTER/RENAME) are completely blocked — these must be executed via DMS Console.
Examples:
bash
undefined对于写操作(INSERT/UPDATE/DELETE),脚本实现了保护性预检查:
| 参数 | 描述 |
|---|---|
| 确认并执行写操作时必填 |
| 预览写操作而不实际执行 |
DDL操作(DROP/TRUNCATE/ALTER/RENAME)会被完全拦截 — 此类操作必须通过DMS控制台执行。
示例:
bash
undefinedRead operations (no confirmation needed)
读操作(无需确认)
./scripts/execute_query.sh --db-id 78059000 --sql "SHOW TABLES"
./scripts/execute_query.sh --db-id 78059000 --sql "SELECT * FROM users LIMIT 10" --json
./scripts/execute_query.sh --db-id 78059000 --sql "SHOW TABLES"
./scripts/execute_query.sh --db-id 78059000 --sql "SELECT * FROM users LIMIT 10" --json
Write operations - preview first (recommended)
写操作 - 建议先预览
./scripts/execute_query.sh --db-id 78059000 --sql "INSERT INTO users (name) VALUES ('test')" --dry-run
./scripts/execute_query.sh --db-id 78059000 --sql "INSERT INTO users (name) VALUES ('test')" --dry-run
Write operations - execute with confirmation
写操作 - 确认后执行
./scripts/execute_query.sh --db-id 78059000 --sql "INSERT INTO users (name) VALUES ('test')" --force
./scripts/execute_query.sh --db-id 78059000 --sql "UPDATE users SET name='test' WHERE id=1" --force
./scripts/execute_query.sh --db-id 78059000 --sql "DELETE FROM users WHERE id=1" --force
./scripts/execute_query.sh --db-id 78059000 --sql "INSERT INTO users (name) VALUES ('test')" --force
./scripts/execute_query.sh --db-id 78059000 --sql "UPDATE users SET name='test' WHERE id=1" --force
./scripts/execute_query.sh --db-id 78059000 --sql "DELETE FROM users WHERE id=1" --force
Logic database mode
逻辑库模式
./scripts/execute_query.sh --db-id 78059000 --sql "SELECT 1" --logic
undefined./scripts/execute_query.sh --db-id 78059000 --sql "SELECT 1" --logic
undefinedComplete Example
完整示例
bash
undefinedbash
undefined1. Search database (assuming searching for "order")
1. 搜索数据库(假设搜索"order")
./scripts/search_database.sh order --json
./scripts/search_database.sh order --json
Example output:
示例输出:
[{"DatabaseId": "78059000", "SchemaName": "order_db", ...}]
[{"DatabaseId": "78059000", "SchemaName": "order_db", ...}]
2. Execute query
2. 执行查询
./scripts/execute_query.sh --db-id 78059000 --sql "SELECT COUNT(*) FROM orders"
undefined./scripts/execute_query.sh --db-id 78059000 --sql "SELECT COUNT(*) FROM orders"
undefinedSuccess Verification
成功校验
After executing SQL, check the returned results:
- Script return code is 0
- Output contains query results (column names and row data)
- No error messages
bash
undefined执行SQL后,检查返回结果:
- 脚本返回码为0
- 输出包含查询结果(列名和行数据)
- 无错误信息
bash
undefinedVerify query success
校验查询成功
./scripts/execute_query.sh --db-id <db-id> --sql "SELECT 1" --json
./scripts/execute_query.sh --db-id <db-id> --sql "SELECT 1" --json
Expected output: [{"Success": true, "RowCount": 1, ...}]
预期输出:[{"Success": true, "RowCount": 1, ...}]
undefinedundefinedCleanup
清理
This skill performs read and write operations but does not create persistent resources. No cleanup is required.
本技能执行读写操作,但不会创建持久化资源,无需清理。
Write Operation Safety
写操作安全
| Operation Type | Behavior |
|---|---|
| SELECT / SHOW / DESC | Execute directly |
| INSERT / UPDATE / DELETE | Require |
| DROP / TRUNCATE / ALTER / RENAME | Blocked — use DMS Console |
| 操作类型 | 行为 |
|---|---|
| SELECT / SHOW / DESC | 直接执行 |
| INSERT / UPDATE / DELETE | 需要 |
| DROP / TRUNCATE / ALTER / RENAME | 已拦截 — 请使用DMS控制台执行 |
Available Scripts
可用脚本
| Script | Description |
|---|---|
| Search databases by keyword |
| Execute SQL queries |
Note: Scripts use aliyun-cli credentials configured via.aliyun configure
| 脚本 | 描述 |
|---|---|
| 按关键词搜索数据库 |
| 执行SQL查询 |
注意: 脚本使用通过配置的aliyun-cli凭证。aliyun configure
Best Practices
最佳实践
- Confirm database — Verify the target database before executing SQL
- Use --json parameter — Facilitates programmatic processing of output
- Preview write operations — Always use first for INSERT/UPDATE/DELETE
--dry-run - Explicit confirmation — Use only after reviewing the preview
--force - Avoid DDL operations — DROP/TRUNCATE/ALTER/RENAME are blocked; use DMS Console instead
- 确认数据库 — 执行SQL前校验目标数据库
- 使用--json参数 — 方便对输出进行程序化处理
- 预览写操作 — 执行INSERT/UPDATE/DELETE前始终先使用预览
--dry-run - 显式确认 — 仅在预览确认后使用参数
--force - 避免DDL操作 — DROP/TRUNCATE/ALTER/RENAME已被拦截,请使用DMS控制台执行
Reference Links
参考链接
| Document | Description |
|---|---|
| references/cli-installation-guide.md | CLI Installation Guide |
| references/ram-policies.md | RAM Permission Policies |
| references/related-apis.md | Related API List |
| references/acceptance-criteria.md | Acceptance Criteria |
| 文档 | 描述 |
|---|---|
| references/cli-installation-guide.md | CLI安装指引 |
| references/ram-policies.md | RAM权限策略 |
| references/related-apis.md | 相关API列表 |
| references/acceptance-criteria.md | 验收标准 |