This topic provides answers to some frequently asked questions about security configurations of MaxCompute.

Category FAQ
Data security
Project security

How does MaxCompute ensure data security?

MaxCompute provides comprehensive measures to ensure data security.
  • In multi-user scenarios, unauthorized users, except project owners or administrators, cannot access MaxCompute projects.
  • MaxCompute provides multiple authorization methods to ensure that only authorized users can access MaxCompute projects.
  • MaxCompute provides sandboxes to effectively prevent malicious users from performing unauthorized operations. For more information about sandboxes, see Java sandbox.
  • An AccessKey pair is used to verify the identity of a user. If user information leaks, you can immediately disable the AccessKey pair without affecting the use of other AccessKey pairs.
  • If an urgent data security risk occurs in a project, you can run the set ProjectProtection=true; command to enable data protection for the project. This prohibits users from exporting data from the project and prevents data leaks.

Is data in MaxCompute reliable?

MaxCompute uses the triplicate storage mode to ensure data reliability.

If you configure lifecycle rules for a table in MaxCompute, MaxCompute automatically deletes the table when the rules are met. If you do not configure lifecycle rules for a table, the table is permanently stored.

Can I add CIDR blocks to an IP address whitelist of a VPC?

Yes, you can add CIDR blocks to an IP address whitelist of a virtual private cloud (VPC). For more information, see Configure IP address whitelists.

What do I do if the error message "AllMachineInBlackList" appears when I run a job?

  • Problem description
    When a job is run in MaxCompute, the following error message appears:
    FAILED: ODPS-0010000:System internal error - fuxi task failed, AllMachineInBlackList.
  • Cause

    Security hardening is performed on MaxCompute.

  • Solution

    Fill in an application form to join the MaxCompute DingTalk group for technical support.

When data protection is enabled for a MaxCompute project, I cannot export data from the MaxCompute project to a MySQL database. What do I do?

The project owner or administrator can run the set projectProtection=false; command to disable data protection for the project. The project owner or administrator can also configure exception policies to allow you to export data. For more information about project data protection, see Project data protection.

How do I restore data of deleted tables?

You can use the backup and restoration feature that is provided by MaxCompute to restore data of deleted tables. For more information about the backup and restoration feature, see Backup and restoration.