Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Situation Awareness
Managed Threat Detection
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive

Configuring Directory Permissions

Updated on 2025-02-18 GMT+08:00

This section describes how to configure directory permission policies to control permissions on script and job directories in DataArts Factory, API directories in DataArts DataService Exclusive, and physical and logical models in DataArts Architecture based on users, user groups, or roles.

  • If no directory permission policy has been configured for DataArts Factory, DataArts DataService, and DataArts Architecture in a workspace, all users can view and operate the directories and resources in them by default.
  • If permission policies have been configured for the script or job directories in DataArts Factory in a workspace, all script and job directories in DataArts Factory are unavailable for common users who are not the DAYU Administrator, Tenant Administrator, data security administrator, or preset workspace administrator. These users cannot create, edit, view, delete, import, or export jobs or scripts in directories. However, they can perform operations such as creating directories, associating jobs with scripts, selecting dependent jobs, configuring alarms for jobs, viewing the operation history, backing up jobs, and monitoring jobs.
  • If permission policies have been configured for the API directories in DataArts DataService in a workspace, all API directories in DataArts DataService are unavailable for common users who are not the DAYU Administrator, Tenant Administrator, data security administrator, or preset workspace administrator. These users cannot create, edit, view, delete, import, or export APIs in directories, but can perform operations such as creating directories, viewing events and logs, and reviewing applications.
  • If permission policies have been configured for the directories of physical and logical models in DataArts Architecture in a workspace, all models in DataArts Architecture are unavailable for common users who are not the DAYU Administrator, Tenant Administrator, data security administrator, or preset workspace administrator. These users cannot create, edit, view, or delete tables in models, but can perform operations such as creating models and reviewing applications.

Prerequisites

  • Before configuring directory permission policies for DataArts Factory, DataArts DataService, or DataArts Architecture, you must create directories in the corresponding module.
  • Only the DAYU Administrator, Tenant Administrator, data security administrator, and preset workspace administrator have the permission to create, edit, or delete directory permission policies.

Notes and Constraints

  • After directory permission policies are configured for DataArts Factory, DataArts DataService, or DataArts Architecture, common users who are not the DAYU Administrator, Tenant Administrator, data security administrator, or preset workspace administrator cannot view or operate the directories and resources in the directories in DataArts Factory or DataArts DataService.
  • Only the DAYU Administrator, Tenant Administrator, data security administrator, and preset workspace administrator have the permission to create, edit, or delete directory permission policies.
  • Multiple directories can be configured in a directory permission policy, but a user, user group, or role can exist in only one policy.

Creating a Directory Permission Policy

  1. On the DataArts Studio console, locate a workspace and click DataArts Security.
  2. In the left navigation pane, choose DataArts Resource Permission.

    Figure 1 Directory Permission page

  3. On the Directory Permission page, click Create. In the slide-out panel, set the parameters listed in Table 1 and click Submit.

    Table 1 Parameters for configuring a directory permission policy

    Parameter

    Description

    *Policy Name

    Enter the name of the directory permission policy. To facilitate policy management, you are advised to include the resource object and authorization object in the name.

    Authorization Content

    DataArts Factory (DLF)

    Select the level-1 script and job directories in DataArts Factory to be authorized.

    NOTE:
    • Even if you select only script directories or job directories, all script and job directories in DataArts Factory are unavailable for common users who are not the DAYU Administrator, Tenant Administrator, data security administrator, or preset workspace administrator after the policy is configured.
    • If you select only script directories or job directories in DataArts Factory, permissions on the directories in DataArts DataService are not affected by this policy.

    DataArts DataService (DLM)

    Select the level-1 API directories in DataArts DataService to be authorized.

    NOTE:

    If you select only API directories in DataArts DataService, permissions on the directories in DataArts Factory are not affected by this policy.

    DataArts Architecture (DS)

    Select the physical or logical models in DataArts Architecture to be authorized.

    NOTE:
    • Even if you select only physical or logical models, all physical and logical models in DataArts Architecture are unavailable for common users who are not the DAYU Administrator, Tenant Administrator, data security administrator, or preset workspace administrator after the policy is configured.
    • If you select only the physical or logical models in DataArts Architecture, permissions on the directories in DataArts Factory or DataArts DataService are not affected by this policy.

    Authorized Object

    User

    Select the users to be authorized. The workspace users are available for selection.

    User Group

    Select the user groups to be authorized. The workspace user groups are available for selection.

    Role

    Select the roles to be authorized. The preset and custom roles are available for selection.

    Figure 2 Creating a directory permission policy

Related Operations

  • Editing policies: On the Directory Permission page, locate a policy and click Edit in the Operation column to edit the policy.
  • Deleting policies: On the Directory Permission page, locate a policy and click Delete in the Operation column to delete the policy. To delete multiple policies at a time, select the policies and click Delete above the policy list.
    NOTE:

    The deletion operation cannot be undone. Exercise caution when performing this operation.

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback