All Products
Search

This Product

    Data Security Center:View big data assets

    Document Center

    Data Security Center:View big data assets

    Last Updated:Nov 21, 2025

    After purchasing a Data Security Center (DSC) instance, you must enable the required features to use DSC to detect sensitive data in big data products such as TableStore, MaxCompute, AnalyticDB-MYSQL, and AnalyticDB-PG, or to audit databases.

    Prerequisites

    View asset details

    1. Log on to the Data Security Center console.

    2. In the navigation pane on the left, choose Asset Center.

    3. On the left side of the page, in the Big Data navigation bar, select the data type for which you want to enable features.

      Note

      After you purchase a DSC instance, an asset list sync task runs automatically the first time you log on to the console. You do not need to run this task manually. DSC automatically scans and syncs the asset list at 00:00 every day. Alternatively, you can go to the Asset Center page and manually run an Asset synchronization task. Asset synchronization is not supported for AnalyticDB-PG.

    4. At the top of the Asset Center page, view the Total Assets, Feature Status, and Usage of Instances and Storage for the selected asset type.

      You can click the number below a feature that is not enabled to filter the list.

      image

    Enable features

    The available features vary by product type. To manually enable a feature, you can click the image icon. Some data types also support one-click enablement.

    Enable features with one click

    Only the TableStore and MaxCompute data types support one-click enablement.

    1. On the left side of the page, in the Big Data navigation bar, select the data type for which you want to enable features.

    2. In the Actions column of the target instance, click Enable.

    3. In the Enable dialog box, select Scan assets and identify sensitive data now. if needed, and then click OK.

    Manually enable features

    TableStore

    TableStore supports the Data Classification and Data Auditing features.

    • Data Auditing: Click the image icon for this feature and wait for it to be enabled.

    • Data Classification

      1. Click the image icon for the Data Classification feature.

      2. In the Enable Classification and Grading dialog box, configure Activation Method and Authorization Scope, and then click OK.

        Configuration Item

        Description

        Activation Method

        Only Service-Linked Role Access is supported.

        Authorization Scope

        Only Entire data source is supported.

        Automatically create and start a default scan task

        If you select this option, DSC automatically creates a default scan task after it is connected to the big data service.

        You can go to the Data Classification > Tasks > Identification Tasks tab and click Default Tasks to view the task execution status. For more information, see Use a scan task to detect sensitive data.

    MaxCompute

    MaxCompute supports the Configuration Risks, Data Classification, and Data Auditing features.

    • For the Configuration Risks and Data Auditing features, click the image icon for each feature and wait for it to be enabled.

    • Data Classification

      1. Click the image icon for the Data Classification feature.

      2. In the Enable Classification and Grading dialog box, configure Activation Method and Authorization Scope, and then click OK.

        Configuration Item

        Description

        Activation Method

        Only Service-Linked Role Access is supported.

        Authorization Scope

        Only Entire data source is supported.

        Automatically create and start a default scan task

        If you select this option, DSC automatically creates a default scan task after it is connected to the big data service.

        You can go to the Data Classification > Tasks > Identification Tasks tab and click Default Tasks to view the task execution status. For more information, see Use a scan task to detect sensitive data.

    AnalyticDB-MYSQL

    AnalyticDB-MYSQL supports the Configuration Risks, Data Classification, and Data Auditing features.

    • For the Configuration Risks and Data Auditing features, click the image icon for each feature and wait for it to be enabled.

    • Data Classification

      1. For the Data Classification feature, click the corresponding image icon.

      2. In the Enable Classification and Grading dialog box, configure Activation Method and Authorization Scope. Click OK.

        Configuration Item

        Description

        Activation Method

        Configure the account that is used to connect to the database for data detection. Only Manually enter username and password is supported.

        Database Account

        Configure the username and password that are used to connect to the database.

        Authorization Scope

        The scope of data detection.

        1. Entire data source.

        2. Manage authorization scope in the data source list: Select an authorization scope.

        Automatically create and start a default scan task

        If you select this option, DSC automatically creates a default scan task after it is connected to the database.

        You can go to the Data Classification > Tasks > Identification Tasks tab and click Default Tasks to view the task execution status. For more information, see Use a scan task to detect sensitive data.

      3. After the Data Classification feature is enabled, you can view the total number of authorized databases and the connection status of the database instance to the right of the switch.

        image

      4. Click the number to the right of the switch.

      5. In the Authorization Scope panel, you can perform operations on the databases.

        • Edit databases

          1. Select the check boxes of one or more databases.

          2. Click Bulk Authorize below the list.

          3. In the Bulk Authorize dialog box, modify the Database Account and Database Password, and then click OK.

        • Cancel database connections

          1. Select the check boxes of one or more databases.

          2. Click Bulk Cancel below the list. Then, click OK.

    AnalyticDB-PG

    AnalyticDB-PG supports the Configuration Risks, Data Classification, and Data Auditing features. Before you can enable these features, you must add an asset.

    Add an asset

    1. On the left side of the page, in the Big Data navigation bar, choose ADB-PG and click Add Asset.

    2. In the Add Asset dialog box, configure the following parameters. Then, click Confirm.

      Configuration Item

      Description

      Region

      Select the region where the instance resides.

      Instance Name

      Select the name of an instance that is created in the region.

      Database Name

      Enter the name of the database.

      Username

      Enter the username that is used to connect to the database and configure permissions for the account.

      Password

      Enter the password that is used to connect to the database.

    Enable features

    • For the Configuration Risks and Data Auditing features, click the image icon for each feature and wait for it to be enabled.

    • Data Classification

      1. Click the image icon next to Data Classification.

      2. In the Enable Classification and Grading dialog box, configure Activation Method and Authorization Scope. Click OK.

        Configuration Item

        Description

        Activation Method

        Configure the account that is used to connect to the database for data detection. Only Manually enter username and password is supported.

        Database Account

        Configure the username and password that are used to connect to the database.

        Authorization Scope

        The scope of data detection.

        1. Entire data source.

        2. Manage authorization scope in the data source list: Select an authorization scope.

        Automatically create and start a default scan task

        If you select this option, DSC automatically creates a default scan task after it is connected to the database.

        You can go to the Data Classification > Tasks > Identification Tasks tab and click Default Tasks to view the task execution status. For more information, see Use a scan task to detect sensitive data.

      3. After the Data Classification feature is enabled, you can view the total number of authorized databases and the connection status of the database instance to the right of the switch.

        image

      4. Click the number to the right of the switch.

      5. In the Authorization Scope panel, you can perform operations on the databases.

        • Add a database

          1. Click Add Database.

          2. In the Bulk Authorize dialog box, enter the Database Name, Database Account, and Database Password, and then click OK.

            Note

            You can enter multiple Database Name values.

        • Edit databases

          1. Select the check boxes of one or more databases.

          2. Click Bulk Authorize below the list.

          3. In the Bulk Authorize dialog box, modify the Database Account and Database Password, and then click OK.

        • Cancel database connections

          1. Select the check boxes of one or more databases.

          2. Click Bulk Cancel below the list. Then, click OK.