This topic describes the limits on using Data Security Center (DSC) resources.
Free specifications
ApsaraDB for Redis does not consume the authorization quota. Only security baseline checks are supported. For more information about the authorization quota, see Authorization quota management.
By default, DSC Enterprise provides 200 GB of log storage for each database instance and 50 GB of log storage for each TB of Object Storage Service (OSS) storage. You can expand the log storage and delete all logs in the storage. For more information, see Log storage management.
If you enable the data detection and response feature, the data audit feature is enabled for OSS. In each month, 50 GB of log storage is provided free of charge for each TB of purchased OSS protection capacity.
Limits
Module | Item | Limit |
Asset center | The maximum number of database credentials that can be added. | 500 |
Data insights | The maximum number of custom identification templates that can be added. | 10 |
The default number of data samples for data identification tasks for relational databases. | 10 | |
The maximum number of databases that DSC can be authorized to access. | 5,000 | |
The maximum number of templates that can be enabled in DSC. | 3 | |
The maximum number of main templates that can be enabled in DSC. | 1 | |
The maximum number of identification models that can be included in a single identification template. | 1,000 | |
The maximum number of data samples in a single export task in DSC. | 5 | |
The maximum number of data entries in a single export task in DSC. | 1,000,000 | |
The maximum number of databases that can be concurrently scanned in a data identification task | 2 | |
The maximum number of data tables that can be concurrently scanned in a single database in a data identification task. | 4 | |
The maximum number of sub-files that can be scanned for a single compressed file or a single archived file in a data identification task. No limits are imposed on the hierarchy depth of compressed package files. | 1,000 | |
The maximum size of a single file that can be scanned in a data identification task. | 200 MB | |
The maximum size of a single field that can be scanned in a data identification task for structured data. If a field is greater than 10 KB in size, only the first 10 KB of data is identified. | 10 KB | |
Data masking | The OSS file types that are supported by static data masking. |
|
The image types that are supported by static data masking. |
| |
The maximum value of the Data request parameter when you call the ExecDatamask operation in dynamic data masking. | 2 MB |
Feature limits
For more information about the file types that are supported by sensitive data identification tasks, see Supported OSS files.
For more information about the database types that are supported by the data insights, data audit, data masking, exception alerting, and security baseline check features of DSC, see Supported database types.
For more information about the sensitive data types that can be identified by DSC, see Supported sensitive data types.
For more information about the built-in identification templates that are supported by the data insights feature of DSC, see Supported industry-specific classification templates.
For more information about the built-in audit rules that are supported by the audit alerting feature of DSC, see Configure and enable an audit alert rule.
For more information about the algorithms that are supported by the data masking feature, see Supported data masking algorithms.
DSC allows you to add or extract watermarks only for ApsaraDB RDS data sources. For more information, see Limits on using watermarks.