DataWorks provides the user group management feature. You can use the feature to add multiple users that have the same permissions to a user group based on your business requirements. When you configure a data masking rule, you can add the user group to the whitelist of the rule. This way, data that is masked by using the rule is displayed in its original form to the users in the user group. This topic describes how to create and manage a user group.
Create a user group
Log on to the DataWorks console. In the top navigation bar, select the desired region. In the left-side navigation pane, choose . On the page that appears, select the desired workspace from the drop-down list and click Go to Data Development.
Click the icon in the upper-left corner, choose
, and then click Try now.NoteIf your Alibaba Cloud account is granted the required permissions, you can directly access the homepage of Data Security Guard.
If your Alibaba Cloud account is not granted the required permissions, you are redirected to the authorization page of Data Security Guard. You can use the features of Data Security Guard only after your Alibaba Cloud account is granted the required permissions.
In the left-side navigation pane, choose . The User Group Management page appears.
Create a user group.
In the upper-right corner, click Create User Group. In the New User Group dialog box, configure the User Group Name parameter and add users to the user group.
To add users to the user group, you can use the following methods:
Method 1: Upload a text file. You can upload a text file that contains user account information to add users to the user group at a time. This method is suitable for scenarios in which you want to add a large number of users to a user group.
NoteThe text file to be uploaded must be a UTF-8-encoded TXT file. The information about each user account occupies one row. The text file can contain a maximum of 1,000 rows. In other words, a maximum of 1,000 user accounts can be added at a time.
Method 2: Select existing accounts. You can select existing Alibaba Cloud accounts, RAM users, RAM roles, or MaxCompute roles to add them to the user group. This method is suitable for scenarios in which you want to add only a small number of users to a user group.
NoteFor MaxCompute roles, you can only add multiple roles in a MaxCompute project to a user group.
Click OK.
After the user group is created, you can configure a whitelist for a data masking rule and add the user group to the whitelist. This way, data that is masked by using the data masking rule is displayed in its original form to the users in this user group. For information about how to configure a whitelist for a data masking rule, see Create a data masking rule.
Manage user groups
On the User Group Management page, you can manage existing user groups.
View the user groups.
You can view the basic information of all existing user groups, including the user group name, user group owner, and submission time. You can also view the number and names of data masking whitelists that are associated with the user group.
NoteYou can search for a user group by user group name or owner. Fuzzy match is supported. After you enter a keyword in a search field and press the Enter key, DataWorks displays all user groups whose names or owners contain the keyword.
You can sort user groups by submission time in chronological or reverse chronological order. This helps you find a user group by submission time.
If a user group is associated with a data masking whitelist, click the icon in the Associated Data Masking Whitelists column of the user group to view the name of the associated data masking rule.
Manage a user group.
Copy a user group: To copy a user group, click the icon in the Actions column of the user group. You can copy a user group to create a user group that has the same settings.
Modify a user group: To modify the settings of an existing user group, click the icon in the Actions column of the user group. Then, you can add user accounts to or remove user accounts from the user group.
Delete a user group: To delete a user group, click the icon in the Actions column of the user group.