Data Security Center:Authorize DSC to access Alibaba Cloud resources

Procedure

1. Log on to the DSC console.
2. On the Welcome page, click Authorize Now.
   After you click Authorize Now, Alibaba Cloud automatically creates the AliyunServiceRoleForSDDP role for DSC. You can view the created service-linked role on the RAM Roles page of the Resource Access Management (RAM) console. You can also query the information about the service-linked role for DSC by using the API or command line interface (CLI). For more information, see Service-linked roles.

   After you authorize DSC to access Alibaba Cloud resources, you must authorize DSC to access specific data assets before DSC can scan the data assets for sensitive data and analyze the detected sensitive data. For more information, see Grant access to data assets.

Service-linked role for DSC

Role name: AliyunServiceRoleForSDDP

Policy name: AliyunServiceRolePolicyForSDDP

Delete the service-linked role

If you no longer need to use DSC, you can delete the service-linked role for DSC. You can delete the AliyunServiceRoleForSDDP role in the RAM console. For more information, see Service-linked roles.

Usage notes

Do not confuse the operation of authorizing DSC to access Alibaba Cloud resources with the operation of authorizing DSC to access data assets. The former operation authorizes DSC to access other data services of Alibaba Cloud, whereas the latter operation authorizes DSC to access specific data assets in these data services. After you authorize DSC to access Alibaba Cloud resources, you must authorize DSC to access specific data assets before DSC can scan the data assets for sensitive data and analyze the detected sensitive data. For more information, see Grant access to data assets.