Queries the records that are generated on a specified date for access to the sensitive data in all the DataWorks workspaces of a tenant.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes GetOpSensitiveData

The operation that you want to perform. Set the value to GetOpSensitiveData.

Name String Yes [ {"dbType":"hologres","instanceName":"ABC","databaseName":"abc"}, {"dbType":"ODPS.ODPS","projectName":"adbc"} ]

The parameters that you can specify to query the access records. Valid values:

  • dbType: the data type
  • instanceName: the name of the instance
  • databaseName: the name of the database
  • projectName: the name of the workspace
  • clusterName: the name of the cluster

The following example shows the parameters configured to query the access records of the sensitive data in the abc database of the ABC Hologres instance:

{"dbType":"hologres","instanceName":"ABC","databaseName":"abc"}

You must specify the parameters based on the compute engine that you use in your business.

PageSize Integer Yes 1

The number of entries to return on each page. Minimum value: 1. Maximum value: 1000.

PageNo Integer Yes 100

The number of the page to return. Minimum value:1. Maximum value: 1000.

Date String Yes 20210116

The date on which access records were generated. Specify the value in the yyyyMMdd format.

OpType String No SQL_SELECT

The operation that is performed on the data. Valid values:

  • SQL_SELECT: indicates that the data is accessed. For example, the SELECT statement is executed to query the data.
  • TUNNEL_DOWNLOAD: indicates that the data is downloaded. For example, a Tunnel command is run to download the data.

Response parameters

Parameter Type Example Description
OpSensitiveData String "opSensDatas": [ { "sensLevel": "L4", "opTime": "2021-02-07 00:14:51", "opAccount": "ALIYUN$dsg_test", "sensType": "Mobile phone number", "sql": "select * from dsg_demo.tbl_phonebook where phone_no = '1331111****';" } ], "totalCount": 6

The information of the access records returned for the sensitive data. The information includes totalCount and opRiskDatas.

opRiskDatas includes the following parameters:

  • sensType: indicates the type of the sensitive data.
  • sensLevel: indicates the sensitivity level of the sensitive data. A larger value of sensLevel indicates a higher sensitivity level.
  • opType: indicates the type of the operation.
  • sql: indicates the SQL statement that is executed.
  • opAccount: indicates the account that is used to perform the operation.
  • opTime: indicates the time when the operation was performed.
RequestId String 0000-ABCD-EFG****

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=GetOpSensitiveData
&Name=[  {"dbType":"hologres","instanceName":"ABC","databaseName":"abc"},  {"dbType":"ODPS.ODPS","projectName":"adbc"}  ]
&PageSize=1
&PageNo=100
&Date=20210116
&OpType=SQL_SELECT
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<GetOpSensitiveDataResponse>
    <OpSensitiveData>"opSensDatas": [       {         "sensLevel": "L4",         "opTime": "2021-02-07 00:14:51",         "opAccount": "ALIYUN$dsg_test",         "sensType": "Mobile phone number",         "sql": "select * from dsg_demo.tbl_phonebook where phone_no = &amp;#39;1331111****&amp;#39;;"       }     ],     "totalCount": 6</OpSensitiveData>
    <RequestId>0000-ABCD-EFG****</RequestId>
</GetOpSensitiveDataResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "OpSensitiveData": "\"opSensDatas\": [       {         \"sensLevel\": \"L4\",         \"opTime\": \"2021-02-07 00:14:51\",         \"opAccount\": \"ALIYUN$dsg_test\",         \"sensType\": \"Mobile phone number\",         \"sql\": \"select * from dsg_demo.tbl_phonebook where phone_no = &#39;1331111****&#39;;\"       }     ],     \"totalCount\": 6"
  "RequestId" : "0000-ABCD-EFG****"
}

Error codes

HTTP status code Error code Error message Description
400 Invalid.Param The request parameter is invalid. The error message returned because the specified parameter is invalid.
403 Forbidden.NoTenant The tenant information cannot be obtained using user ID. The error message returned because the tenant information cannot be obtained.
500 InternalError.DQC.BizError An internal error occurred. The error message returned because an internal server error has occurred.

For a list of error codes, see Service error codes.