Last Updated: Jun 23, 2016

MaxCompute is a multi-tenant supported data processing platform. Each tenant has corresponding data security requirements. In order to flexibly meet the data security requirements of different tenants, MaxCompute supports the project-level security configuration. ProjectOwner can customize the suitable external account support and authentication model.MaxCompute supports many orthogonal authorization mechanisms, such as ACL authorization and implicit authorization (for example, the object creator is automatically given privilege to access the object). However, these security mechanisms are necessary only for some users. Users can rationally set the authentication model of the project according to their business security requirements or use habits.

  1. show SecurityConfiguration
  2. --view the security configuration of a project.
  3. set CheckPermissionUsingACL=true/false
  4. --Activate/freeze ACL authorization mechanism and the default value is 'true'.
  5. set ObjectCreatorHasAccessPermission=true/false
  6. --Allow/prohibit the object creator with default access privilege. The default is true.
  7. set ObjectCreatorHasGrantPermission=true/false
  8. --Allow/prohibit the object creator with defaut authorization privilege. The default value is true.
  9. set LabelSecurity=true/false
  10. --Open/Close LabelSecurity policy.
  11. set ProjectProtection=true/false
  12. --Open/Close the data protection machanism of project. Prohibit/Allow the data output to the project.
Thank you! We've received your feedback.