Queries the access records of the sensitive data in all DataWorks workspaces of a tenant on a specified date.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes GetOpSensitiveData

The operation that you want to perform.

Date String Yes 20210116

The date on which the access records were queried. Specify the value in the yyyyMMdd format.

Name String Yes [ {"dbType":"hologres","instanceName":"ABC","databaseName":"abc"}, {"dbType":"odps","projectName":"adbc"} ]

The parameters that you can specify to query the access records. Valid values:

  • dbType: the data type
  • instanceName: the name of the instance
  • databaseName: the name of the database
  • projectName: the name of the workspace
  • clusterName: the name of the cluster

The following example shows the parameters configured to query the access records of the sensitive data in the abc database of the ABC Hologres instance:

{"dbType":"hologres","instanceName":"ABC","databaseName":"abc"}

You must specify the parameters based on the compute engine that you use in your business.

PageNo Integer Yes 100

The number of the page to return. Minimum value:1. Maximum value: 1000.

PageSize Integer Yes 1

The number of entries to return on each page. Minimum value:1. Maximum value: 1000.

RegionId String Yes cn-shenzhen

The region ID. For example, the ID of the China (Shanghai) region is cn-shanghai, and that of the China (Zhangjiakou) region is cn-zhangjiakou. The system automatically determines the value of this parameter based on the endpoint used to call the operation.

OpType String No SELECT

The operation that is performed on the data. Valid values:

  • SQL_SELECT: indicates that the data is accessed. For example, the SELECT statement is executed to query the data.
  • TUNNEL_DOWNLOAD: indicates that the data is downloaded. For example, a Tunnel command is run to download the data.

Response parameters

Parameter Type Example Description
OpSensitiveData String "opSensDatas": [ { "sensLevel": "L4", "opTime": "2021-02-07 00:14:51", "opAccount": "ALIYUN$dsg_test", "sensType": "Phone number", "sql": "select * from dsg_demo.tbl_phonebook where phone_no = '13336125599';" } ], "totalCount": 6

The information of the access records returned for the sensitive data. The information includes totalCount and opRiskDatas.

opRiskDatas includes the following parameters:

  • sensType: the type of the sensitive data
  • sensLevel: the sensitivity level of the sensitive data
  • opType: the type of the operation
  • sql: the SQL statement that is executed
  • opAccount: the account that is used to perform the operation
  • opTime: the time when the operation was performed
RequestId String 0000-ABCD-EFG****

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=GetOpSensitiveData
&Date=20210116
&Name=[  {"dbType":"hologres","instanceName":"ABC","databaseName":"abc"},  {"dbType":"odps","projectName":"adbc"}  ]
&PageNo=100
&PageSize=1
&RegionId=cn-shenzhen
&<Common request parameters>

Sample success responses

XML format

<RequestId>0000-ABCD-EFG****</RequestId>
<OpSensitiveData>"opSensDatas": [       {         "sensLevel": "L4",         "opTime": "2021-02-07 00:14:51",         "opAccount": "ALIYUN$dsg_test",         "sensType": "Phone number",         "sql": "select * from dsg_demo.tbl_phonebook where phone_no = &amp;#39;13336125599&amp;#39;;"       }     ],     "totalCount": 6</OpSensitiveData>

JSON format

{
    "RequestId": "0000-ABCD-EFG****",
    "OpSensitiveData": "\"opSensDatas\": [       {         \"sensLevel\": \"L4\",         \"opTime\": \"2021-02-07 00:14:51\",         \"opAccount\": \"ALIYUN$dsg_test\",         \"sensType\": \"Phone number\",         \"sql\": \"select * from dsg_demo.tbl_phonebook where phone_no = &amp;#39;13336125599&amp;#39;;\"       }     ],     \"totalCount\": 6"
}

Error codes

Http status code Error code Error message Description
403 Forbidden.NoTenant The tenant information cannot be obtained using user ID. The error message returned because the tenant information cannot be obtained.
400 Invalid.Param The request parameter is invalid. The error message returned because one or more request parameters are invalid.
500 InternalError.DQC.BizError An internal error occurred. The error message returned because an internal server error has occurred.

For a list of error codes, visit the API Error Center.