Home > Operation and Maintenance > Safety > What is the overall architecture of MaxCompute access control?

What is the overall architecture of MaxCompute access control?

PHPz
Release: 2023-05-12 13:22:06
forward
1434 people have browsed it

Basic terminology

  • project: Project space, the basic unit that MaxCompute provides users with self-service management.

  • Access control: Check whether a request is credible and legal.

  • ACL: Access control list, an expression of authorization.

  • Policy: A rule-based authorization expression.

  • Role: A collection of permissions, used to implement role-based permission management.

  • LabelSecurity: Label-based access control, used to implement column-level permission management.

  • ProjectProtection: Project space protection, used to enable data flow access control.

  • TruestedProject: Trusted project space, used for access control authorization of project space data flow.

  • ExceptionPolicy: A description of exceptions to the project space protection mechanism, project space data flow to access control authorization.

  • Package: A medium for resource sharing between project spaces.

Overall architecture of MaxCompute access control

What is the overall architecture of MaxCompute access control?

  • Identity authentication: access MaxCompute first Identity authentication is required.

  • Request source check (IP whitelist): Check the IP that submitted the access request and ensure that the IP is in the IP whitelist before you can access MaxCompute.

  • Project space status check: often used for operations or maintenance. If MaxCompute is in arrears and the project is frozen, no requests can be passed to MaxCompute at this time.

  • LabelSecurity check: Access control of column-level sensitive data.

  • Role/Policy/ACL: Finally, check the permissions of the role, as well as the Policy and ACL permissions.

DataWorks permission management and MaxCompute permission management

What is the overall architecture of MaxCompute access control?

The above is the detailed content of What is the overall architecture of MaxCompute access control?. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:yisu.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template