Help Center> Data Security Center> User Guide> Asset Management> Asset Center> Authorizing Access to Big Data Assets
Updated on 2024-04-11 GMT+08:00
View PDF

Authorizing Access to Big Data Assets

If your asset is a self-built big data type, perform Adding a Big Data Instance and then authorize big data.

If your assets are cloud big data, perform authorization by referring to Authorizing Access to Big Data Assets.

If you need to authorize access to DLI databases, perform Adding a DLI Database first.

Prerequisites

  • DSC has been allowed to access the database assets. For details, see Allowing or Disallowing Access to Cloud Assets.
  • You have subscribed to DLI and CSS, and have assets in them. There are available IP addresses in the corresponding subnets.
  • You have obtained the version, server, and index information of the self-built ES, HBase, and Hive data sources, and there are available IP addresses in the subnets of these data sources.

Authorizing Access to Big Data Assets

The Elasticsearch big data type is used as an example to describe how to authorize access to big data assets. To authorize access to other types of big data assets, click the corresponding big data type.

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation tree on the left, click . Choose Security and Compliance > Data Security Center .
  4. In the navigation tree on the left, choose Asset Management > Asset Center. The Asset Center page is displayed.
  5. Click Elasticsearch and choose the ElasticSearch Instances tab.
  6. Click Authorize in the Operation column of the ElasticSearch instance list, and enter the Elasticsearch index information to perform authorization.

    Figure 1 Performing authorization based on ES indexes

  7. You can also click an instance name to go to the instance details page and view the status of all indexes of the instance.

    Click Authorize in the Operation column to authorize unauthorized indexes.

    Click Set as Default Database. The metadata task creates a connection with the default database and draws the metadata of the instance.

  8. Click the Index tab to view the connection status of authorized assets.

    Figure 2 Connectivity
    After the asset authorization is complete, the Connection Status of the asset is Checking, which means DSC is checking the database connectivity.
    • DSC can access the added database normally if the Connection Status of the database is Succeeded.
    • DSC cannot access the added database normally if the Connection Status of the database is Failed. Move the cursor to Failed to view the failure cause or rectify the fault by referring to section How Do I Troubleshoot the Failure in Connecting to the Added Database?

Adding a Big Data Instance

Instances of self-built big data types need to be manually added. This section uses Elasticsearch as an example to describe how to add instances of self-built big data types.

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation tree on the left, click . Choose Security and Compliance > Data Security Center .
  4. In the navigation tree on the left, choose Asset Management > Asset Center. The Asset Center page is displayed.
  5. Click ElasticSearch and choose the ElasticSearch Instances tab.

    Figure 3 ES instance list

  6. Click Adding an instance in the upper left corner of the instance list. The Add Instance dialog box is displayed.
  7. Set the related parameters according to the Table 1, and then click OK.

    Table 1 Parameters for adding an ES instance

    Parameter

    Description

    ECS

    Select an ECS from the drop-down list box.

    Big Data Type

    Big data instance type to be added. In this case, select Elasticsearch.

    Security Group

    Select a security group from the drop-down list.

    Version

    Select a version from the drop-down list box. For details about the supported asset types and versions, see section Constraints.

    Database Server Address

    Select a server address from the drop-down list box.

    Database Port

    Enter an integer from 0 to 65535.

    Index

    Enter an index name, which can contain only letters, digits, underscores (_), and hyphens (-).

    Username/Password

    Enter the username and password of the index.

    Asset

    Enter a user-defined asset name containing 4 to 255 characters.

    Thrift Port

    When Big Data Type is set to HBase, select a value from the drop-down list box.

Adding a DLI Database

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation tree on the left, click . Choose Security and Compliance > Data Security Center .
  4. In the navigation tree on the left, choose Asset Management > Asset Center. The Asset Center page is displayed.
  5. Click DLI. The Database tab page is displayed.

    Figure 4 DLI database list

  6. Click Adding a database in the upper left corner of the database list. The Add Database dialog box is displayed.
  7. Set parameters according to Table 2 and click OK.

    Table 2 Parameters for adding a database

    Parameter

    Description

    Asset

    Enter a user-defined asset name containing 4 to 255 characters.

    Big Data Type

    Select DLI from the drop-down list box.

    Queue

    Select a queue from the drop-down list box.

    DLI Database

    Select the DLI database to be added from the drop-down list box.
    After the asset authorization is complete, the Connection Status of the asset is Checking, which means DSC is checking the database connectivity.
    • DSC can access the added database normally if the Connection Status of the database is Succeeded.
    • DSC cannot access the added database normally if the Connection Status of the database is Failed. Move the cursor to Failed to view the failure cause or rectify the fault by referring to section How Do I Troubleshoot the Failure in Connecting to the Added Database?

Drawing Metadata of an Instance

  • If the number of authorized databases in the MRS_Hive instance is greater than 0, click More > Refresh in the Operation column of the Hive instance list to automatically create a metadata task to obtain the database, table, and column information of the instance.
  • If you enable the function of automatically creating a metadata task when adding a Hive instance, the system automatically creates a metadata task to obtain all metadata of the instance after the instance is created.
  • For details about the big data types that support metadata collection, see section Creating a Metadata Collection Task.

Related Operations

  • Deleting a DB instance

    A big data instance can be deleted only when the big data instance is a self-built instance and the number of authorized databases in it is 0.

    Select multiple self-built instances and click Batch Delete in the upper left corner of the instance list to delete the instances. You can also click Delete in the Operation column of the instance list to delete a single instance.

  • Creating an identification task

    On the Databases tab page, click Create Identification Task in the Operation column of the asset list to create an identification task for an asset. For details, see section Creating an Identification Task.

Parent topic: Asset Center