Configures or adds masking rules.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes ModifyMaskingRules

The operation that you want to perform. Set the value to ModifyMaskingRules.

DBClusterId String Yes pc-*****************

The ID of the cluster.

Note You can call the DescribeDBClusters operation to query the details of the clusters that belong to your Alibaba Cloud account, such as cluster IDs.
RuleName String No testrule

The name of the masking rule. You can specify only one rule name at a time.

Note
  • You can call the DescribeMaskingRules operation to query the details of all the masking rules for a specified cluster, such as the names of the masking rules.
  • If the rule name does not exist in the cluster, the system automatically creates a masking rule based on this name and the value that is set in the RuleConfig parameter.
RuleConfig String No {"auto": {"databases": [db1], "tables": ["tb1"], "columns": ["c1,c2"] }, "description": "This rule will be applied to the columns c1 and c2 in table t1", "enabled": true, "applies_to": [user]}

The parameter that is used to configure the masking rule that you want to modify and the value in the JSON format. All the parameter values are of the string type. For example, {"auto": {"databases": [db1], "tables": ["tb1"], "columns": ["c1,c2"] }, "description": "This rule will be applied to the columns c1 and c2 in table t1", "enabled": true, "applies_to": [user]}. Where:

  • "auto": specifies that the dynamic masking algorithm is supported. This parameter is required.
  • "databases": This parameter is optional. The names of databases to which the masking rule is applied. You can specify multiple names. Separate the names with commas (,). If you leave this parameter empty, the masking rule applies to all the databases in the cluster.
  • "tables": This parameter is optional. The names of tables to which the masking rule is applied. You can specify multiple names. Separate the names with commas (,). If you leave this parameter empty, the rule applies to all the tables in the cluster.
  • "columns": This parameter is required. The names of fields to which the masking rule is applied. You can specify multiple field names. Separate the names with commas (,).
  • "description": This parameter is optional. The description of the masking rule. This parameter is optional. The description must be up to 64 characters in length.
  • "enabled": This parameter is required. Enables or disables a specified masking rule. Valid values: true (enable) and false (disable).
  • "applies_to": The names of database accounts to which the masking rule is applied. You can specify multiple account names. Separate the names with commas (,).
  • "exempted": The names of database accounts to which the masking rule is not applied. You can specify multiple names. Separate the names with commas (,).
Note
  • If the RuleName parameter is set, the RuleConfig parameter is required.
  • You must select at least "applies_to" or "exempted".
RuleNameList String No testrule

The list of masking rule names. You can specify one or more masking rules at a time. Separate the masking rule names with commas (,).

Note You must specify RuleName or RuleNameList.
Enable String No true

Enables or disables specified masking rules. Valid values:

  • true: enables the masking rules.
  • false: disables the masking rules.
Note This parameter takes effect only if the RuleNameList parameter is set.

Response parameters

Parameter Type Example Description
RequestId String 99B355CE-526C-478B-B730-AD9D7C******

The ID of the request.

Message String Message

The message returned for the request.

Note If the request is successful, Successful is returned. If the request fails, an exception that contains an error code is returned.
Success Boolean true

The result of the request.

Examples

Sample requests

http(s)://polardb.aliyuncs.com/?Action=ModifyMaskingRules
&DBClusterId=pc-*****************
&RuleName=testrule
&RuleConfig={"auto": {"databases": [db1], "tables": ["tb1"], "columns": ["c1,c2"]      }, "description": "This rule will be applied to the columns c1 and c2 in table t1", "enabled": true, "applies_to": [user]}
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<ModifyMaskingRulesResponse>
<Message>Successful</Message>
<RequestId>99B355CE-526C-478B-B730-AD9D7C******</RequestId>
<Success>true</Success>
</ModifyMaskingRulesResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "Message" : "Successful",
  "RequestId" : "99B355CE-526C-478B-B730-AD9D7C******",
  "Success" : true
}

Error codes

For a list of error codes, visit the API Error Center.