You can call the ExecDatamask operation to dynamically de-identify sensitive data.

Background information

You can call the ExecDatamask operation to dynamically de-identify sensitive data. When you call this operation, you must specify the ID of a de-identification template. De-identification templates can be used for both static de-identification and dynamic de-identification. You can view the IDs of de-identification templates on the Desensitization Template page in the SDDP console. You can also create de-identification templates. For more information, see Manage de-identification templates. Desensitization Template page

Limits

When you call the ExecDatamask operation to dynamically de-identify sensitive data, the size of the sensitive data that is specified by the Data parameter must be less than 2 MB.

View the call history of the ExecDatamask operation

  1. Log on to the SDDP console.
  2. In the left-side navigation pane, choose Data desensitization > Dynamic desensitization.
  3. On the Dynamic desensitization page, view the call history of the ExecDatamask operation.
    The following table describes the parameters about each call record.
    Parameter Description
    Operation for Dynamic De-identification The name of the API operation.
    UID The unique identifier (UID) of the Alibaba Cloud account or RAM user that was used to call the API operation.
    IP address The IP address of the user who initiated the call.
    First call time The time when the API operation was first called.
    Last call time The time when the API operation was last called.
    Cumulative number of calls The total number of times the API operation was called.

Note Only one record is generated for calls that were initiated by the same account from the same IP address. In this case, the cumulative number of calls is recorded.