Thanks for clarifying. I think I was just looking in the wrong place / expecting this to workm differently. No, I am not aware of a UI for this in non-Cloudron instances, though this would be nice to have of course.
I think in theory we could isolate app containers to access only a specific db by restricting based on IP (which MySQL supports). MySQL already has an IP based rate limit for logins, this is why we haven't implemented it. Meaning, an app trying to guess another app's db credentials won't get very far.