Security configuration

Last Updated: Oct 31, 2017

MaxCompute is a data processing platform that supports multiple tenants. Different tenants have different data security requirements. MaxCompute offers project-level security configuration to satisfy the flexible data security requirements of different tenants. Project owners can customize their external account support and authentication model as required.

MaxCompute provides multiple ways of orthogonal authorization, such as ACL-based authorization and implicit authorization (an object creator is automatically granted the object access permission). However, not all users need these security mechanisms. Users can properly configure the project authentication model based on their service security needs and usage habit.

  1. show SecurityConfiguration
  2. --View the project security configuration.
  3. set CheckPermissionUsingACL=true/false
  4. --Enable/Disable the ACL authorization mechanism. The default value is true.
  5. set ObjectCreatorHasAccessPermission=true/false
  6. --Enable/Disable automatic access permission granting to object creators. The default value is true.
  7. set ObjectCreatorHasGrantPermission=true/false
  8. --Enable/Disable automatic authorization permission granting to object creators. The default value is true.
  9. set ProjectProtection=true/false
  10. --Enable/Disable project data protection to enable/disable data transfer from the project.

Note: You can also complete the security configuration of the project in a visualized manner using DataWorks. For more information, see Project Management.

Thank you! We've received your feedback.