- What's New
- Function Overview
- Service Overview
- Billing
- Getting Started
-
User Guide
- Service Provisioning
- Allowing or Disallowing Access to Cloud Assets
- Asset Map
- Asset Management
- Sensitive Data Identification
- Policy Center
- Data Asset Protection
- Data Security Operations
- Alarm Notifications
- Multi-Account Management
- Permissions Management
- Key DSC Operations
- Best Practices
-
API Reference
- Before You Start
- Calling APIs
-
API Description
- Data Watermarking
- Resource Management
- Dynamic Data Masking
- Alarm Notifications
-
Image Watermarking
- Injecting Invisible Watermarks into Images
- Extracting Invisible Text Watermarks
- Extracting Invisible Watermarks from Images
- Injecting Invisible Watermarks into Images (Image Addresses)
- Extracting Dark Watermarks from Images (Image Addresses)
- Extracting Invisible Image Watermarks from Images (Image Addresses)
- Asset Management
- Document Watermarking
-
Sensitive Data Discovery
- Querying the Identification Task List
- Querying the Result of an Identification Task
- Viewing the Rule List
- Creating a Sensitive Data Scanning Rule
- Modifying a Sensitive Data Scanning Rule
- Deleting a Sensitive Data Scanning Rule
- Querying Sensitive Data Scanning Rule Groups
- Creating a Sensitive Data Scanning Rule Group
- Deleting a Sensitive Data Scanning Rule Group
- Creating a Sensitive Data Scanning Task
- Deleting a Sensitive Data Scanning Task
- Static Data Masking
- API Call Records
- Appendixes
- SDK Reference
-
FAQs
- Product Consulting
- Regions and AZs
- Asset Authorization
-
Sensitive Data Identification and Masking
- What Services Can Use DSC to Scan for Sensitive Data?
- How Long Does It Take for DSC to Identify and Mask Sensitive Data?
- What Are the Built-in Identification Rules of DSC?
- What Are the Identification Rules in the Built-in Identification Template of DSC?
- Does Data Masking Affect My Raw Data?
- Does DSC Have Specific Requirements on the Character Set for Which Sensitive Data Is to Be Identified and Masked?
- Why Cannot I Find a Table in an Existing Database When Creating a Database Data Masking Task?
- Data Watermarking
- Data Usage Audit
- Videos
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Service Provisioning
- Assets
- Overview
- Sensitive Data Identification
- Data Masking
- Data Watermarking
- Alarm Notifications
- Permissions Management
-
FAQs
- Product Consulting
- Adding Data Assets
-
Sensitive Data Identification and Masking
- What Services Can Use DSC to Scan for Sensitive Data?
- How Long Does It Take for DSC to Identify and Mask Sensitive Data?
- Which Types of Sensitive Data Can Be Identified by DSC?
- Does Data Masking Affect My Raw Data?
- Does DSC Have Specific Requirements on the Character Set for Which Sensitive Data Is to Be Identified and Masked?
- How Do I Add Multiple Identification Rule Groups?
- Data Watermarking
- Change History
-
API Reference (ME-Abu Dhabi Region)
- Before You Start
- Calling APIs
-
API Description
- Data Watermarking
- Resource Management
- Dynamic Data Masking
- Alarm Notifications
-
Image Watermarking
- Injecting Invisible Watermarks into Images
- Extracting Invisible Text Watermarks
- Extracting Invisible Watermarks from Images
- Injecting Invisible Watermarks into Images (Image Addresses)
- Extracting Dark Watermarks from Images (Image Addresses)
- Extracting Invisible Image Watermarks from Images (Image Addresses)
- Asset Management
- Document Watermarking
-
Sensitive Data Discovery
- Querying the Identification Task List
- Querying the Result of an Identification Task
- Viewing the Rule List
- Creating a Sensitive Data Scanning Rule
- Modifying a Sensitive Data Scanning Rule
- Deleting a Sensitive Data Scanning Rule
- Querying Sensitive Data Scanning Rule Groups
- Creating a Sensitive Data Scanning Rule Group
- Deleting a Sensitive Data Scanning Rule Group
- Creating a Sensitive Data Scanning Task
- Querying the Database Lineage Graph
- Querying the Table Lineage Graph in Pages
- Querying Data Linage Graph at the Column Level
- Querying the OBS Bucket Lineage Graph
- Querying the OBS File Linage Graph in Pages
- Static Data Masking
- API Call Records
- Appendixes
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Show all
Copied.
(Optional) Configuring GaussDB(DWS) and MRS Hive
Before using database watermarks, you have to:
- Modify GaussDB(DWS) cluster parameters.
To identify sensitive data and enable privacy protection, you must submit a service ticket to adjust the parameter javaudf_disable_feature of the GaussDB(DWS) cluster. If GaussDB(DWS) data is not involved, you do not need to change the value.
- Modify Hive User Rights
To perform data watermark operations on MRS Hive data, you must assign related permissions to Hive users as the administrator Ranger.
Modifying Hive User Rights
- Log in to the management console.
- Click
in the upper left corner and select a region or project.
- In the navigation tree on the left, click
, and choose Analytics > MapReduce Service. The Dashboard page is displayed.
- In the cluster list, click the name of the target cluster. The cluster information page is displayed.
- Click Access Manager next to MRS Manager. In the dialog box that is displayed, click OK. The Manager login page is displayed.
- Enter the default username admin and the password set during cluster creation, and click Log In. The Manager page is displayed.
- Choose Cluster > Service > Ranger. The Ranger service overview page is displayed.
- Click RangerAdmin in the Basic Information area to go to the Ranger web UI. The type of the admin user in the Ranger is User. Therefore, only the Access Manager and Security Zone pages can be viewed. You need to switch to the rangeradmin user or another user who has the Ranger administrator rights.
- On the Ranger WebUI, click the username in the upper right corner and choose Log Out to log out the current user.
- Log in to the system again as user rangeradmin or another user who has the Ranger administrator rights.
- On the home page, click the plug-in name in the HADOOP SQL area, for example, Hive.
- On the Access tab page, click Add New Policy to add a Hive permission control policy.
- Set related parameters based on permission requirements. Set the key parameters described in Table 1. Retain the default values for other parameters.
Table 1 Hive permission parameters Parameter
Description
Example Value
Policy Name
Policy name, which can be customized and must be unique in the service.
dataarts_dsc
Database
Name of the Hive database to which the policy applies
Change database to global. *, the policy takes effect globally.
global: *
Allow Conditions
Policy allowed condition. You can configure permissions and exceptions allowed by the policy. In the Select Role, Select Group, and Select User columns, select the role, user group, or user to which the permission is to be granted, click Add Conditions, add the IP address range to which the policy applies, and click Add Permissions to add the corresponding permission.
You need to configure the Select Group, Select User, and Add Permissions columns.
- Select Group: Select the user group you want to use to watermark MRS Hive data.
- Select User: Select the user you want to use to watermark MRS Hive data. If the user is already in the selected user group, you do not need to select it again.
- Add Permissions: Select Select/Deselect All to select all permissions.
Example:
- Select Group: dayu_user
- Select User: dgc_test
- Add Permissions: All
- Click Add to view the basic policy information.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot