Permission operation audit - Dataphin - Alibaba Cloud Documentation Center

Dataphin enables the monitoring and auditing of permission changes for data tables and data sources, facilitating the assessment of the appropriateness of operations such as granting, revoking, and returning permissions. This topic explains how to conduct permission operation audits for data tables and data sources.

Limits

Superusers, system administrators, and security administrators are authorized to view and audit permission operations.

Permission operation audit entry

Navigate to the Dataphin home page, single click Management Center > Permission Management from the top menu bar.
In the left-side navigation pane, single click Permissions Operation Audit to access the Permissions Operation Audit page.

Data table permission operation audit

On the Data Table tab, you can review detailed permission operation records for a specific data table or export the audit details in Excel format for offline analysis.

Area	Description
①Search and filter area	Perform a fuzzy search using the data object's name keyword, or use My Managed to filter data tables managed by your account. Additional filters include section/project/data source, table type, operation object, account type, permission account, permission type, highest confidentiality level, and operation scope.
②Export area	View Export Records: You can view the export records of permission operation audits. In the Export Records dialog box, single click the export icon to export the permission operation audit details of the target data table to your local device. Only the export records of the last 30 days are displayed. Export Permission Audit Details: Export audit details of permission operations for the data table to your local device as required. Method 1: Hover over Export Permission Audit Details. Depending on your requirements, choose either Full Export or Export Based On Current Filter Conditions. The Full Export option encompasses both User Resource Permission Details and User Resource Operation Details. When choosing User Resource Operation Details, it is necessary to specify a Time Range, which can be Yesterday, Today, Last 30 Days, Last 1 Year, or a custom period. The Export Based On Current Filter Conditions feature exports the details of permission operations audited under the current filter settings. Method 2: Select the data tables from the list area (illustration ③) for which you wish to export audit details. Click the Export button at the bottom to download the selected data table permission operation audit details.
③List area	This section displays the data object's name, table type, associated section/project/data source, operation object, operator, operation time, permission type, operation scope, operation type, validity period, and operation rationale.

Data source permission operation audit

On the Datasource tab, you can review detailed permission operation records for a specific data source or export the audit details in Excel format for offline analysis.

Area	Description
①Filter and search area	Search for data sources using the name keyword, filter by My Managed for those managed by your account, or apply filters based on data source type, environment, operation object, operator, permission type, and operation type.
②Export area	View Export Records: You can view the export records of permission operation audits. In the Export Records dialog box, single click the export icon to export the permission operation audit details of the target data source to your local device. Only the export records of the last 30 days are displayed. Export Permission Audit Details: Export details of permission operations audits for the data source to your local device as required. Method 1: Hover over Export Permission Audit Details. Depending on your requirements, choose either Full Export or Export Based On Current Filter Conditions. The Full Export option encompasses both User Resource Permission Details and User Resource Operation Details. When opting for User Resource Operation Details, selection of a Time Range is required, which can be Yesterday, Today, Last 30 Days, Last 1 Year, or a custom period. The Export Based On Current Filter Conditions feature allows for the export of permission operation audit details that conform to the currently applied filters. Method 2: Select the data sources from the list area (illustration ③) for which you wish to export audit details. Click the Export button at the bottom to download the selected data source permission operation audit details (saved as CSV format).
③List area	This section displays the data source's name, environment, operation object/operator, operation time, permission type, operation type, validity period, and operation rationale.