CreateScanTask - Data Security Center - Alibaba Cloud Documentation Center

You can call the CreateScanTask operation to create a custom scan task to detect sensitive data in authorized assets.

Operation description

This operation creates custom scan tasks for authorized assets. You can control the run interval and runtime of each scan task.

QPS limits

The queries per second (QPS) limit for this operation is 10 calls per second for a single user. If you exceed this limit, API calls are throttled. This may impact your business. Plan your calls accordingly.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

yundun-sddp:CreateScanTask

create

*All Resource

*

None

Request parameters

Parameter	Type	Required	Description	Example
DataLimitId	integer	Yes	The unique ID of the data asset. The asset can be an instance, a database, or a bucket. Call the DescribeDataLimits operation to obtain this ID.	1
IntervalDay	integer	Yes	The interval in days between two consecutive custom scan tasks. The value must be between 1 and 2147483648.	1
RunHour	integer	Yes	The hour at which the next scan task runs.	12
RunMinute	integer	Yes	The minute at which the next scan task runs.	30
TaskName	string	Yes	The name of the scan task.	scan-test-sample****
TaskUserName	string	No	The account that creates the scan task.	demo
OssScanPath	string	No	The scan scope for OSS assets. You can specify a prefix, a suffix, or a regular expression to match objects.	/test/test
ScanRange	integer	Yes	The matching rule for the scan scope of the custom scan task. This parameter takes effect only when you configure the ScanRangeContent parameter. Valid values: 0: full match. 1: prefix match. 2: suffix match. 3: regular expression match.	0
ScanRangeContent	string	Yes	The content to match for the scan of structured data assets. This parameter is used with the ScanRange parameter. Note If you set ScanRange to 0, the scan matches the exact value of this parameter. If you set ScanRange to 1, the scan matches items that have the prefix specified by this parameter. For example, if you set this parameter to `test/abc`, file paths that start with `test/abc` are matched. If you set ScanRange to 2, the scan matches items that have the suffix specified by this parameter. If you set ScanRange to 3, the scan matches items that match the regular expression specified by this parameter.	datamask/
ResourceType	integer	Yes	The type of resource to query. Valid values: 1: MaxCompute. 2: OSS. 3: AnalyticDB. 4: Tablestore. 5: RDS. 6: a self-managed database.	2
SourceIp	string	No	This parameter is deprecated.	106.11.XX.XX
FeatureType	integer	No	This parameter is deprecated.	1
Lang	string	No	The language of the request and response. zh: Chinese. en: English.	zh

Response elements

Element	Type	Description	Example
	object
Id	integer	The resource ID of the custom scan task.	100
RequestId	string	The ID of the request.	B1F2BB1F-04EC-5D36-B136-B4DE17FD8DE0

Examples

Success response

JSON format

{
  "Id": 100,
  "RequestId": "B1F2BB1F-04EC-5D36-B136-B4DE17FD8DE0"
}

Error codes

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.