All Products
Search

This Product

    Data Security Center:Authorize DSC to access OSS

    Document Center

    Data Security Center:Authorize DSC to access OSS

    Last Updated:Aug 12, 2024

    If you purchase Data Security Center (DSC) and you want to use DSC to detect sensitive data or monitor unusual operations in buckets of Object Storage Service (OSS), you must authorize DSC to access OSS.

    Prerequisites

    DSC is purchased and authorized to access cloud services. For more information, see Purchase DSC and Authorize DSC to access Alibaba Cloud resources.

    Step 1: Authorize DSC to access OSS

    1. Log on to the DSC console.

    2. In the left-side navigation pane, choose Asset Center > Authorization Management.

    3. On the Authorization Management tab, click OSS in the left-side pane.

    4. Click Asset Authorization Management.

    5. Optional. In the Asset Authorization Management panel, click Asset synchronization.

      After you purchase DSC and complete authorization on the Welcome page, DSC automatically synchronizes data assets in the cloud. In this case, you do not need to synchronize data assets. DSC scans for new data assets at 00:00 every day and automatically synchronizes them to the lists of unauthorized assets. If you want to authorize DSC to access assets that are created on the current day, you must manually synchronize the assets.

    6. Find the asset that you want to manage and click Authorization in the Actions column.

      If you want to authorize DSC to access multiple assets, select the assets and click Batch Authorize.

    Step 2: Connect a bucket to DSC

    Return to the Authorization Management tab, find the bucket that you want to manage, and then click Connect in the Actions column. If Connected is displayed in the Connection Status column, the bucket is connected.

    image

    What to do next

    After you connect DSC to a bucket, DSC automatically creates a default data identification task.

    • If you click Connect on the Authorization Management tab and select Immediately scan database assets and identify data., DSC immediately runs the default data identification task.

    • If you click Connect on the Authorization Management tab and do not select Immediately scan database assets and identify data., you must manually run the default data identification task. To run the task, choose Data Insights > Tasks. On the Identification Tasks tab, click Default Tasks, find the task, and then click Rescan.

      Note

      Only DSC Enterprise supports the rescan operation. DSC Basic does not support the rescan operation.

    The system automatically uses the main identification template and the common identification template to scan the connected MaxCompute assets. By default, the main template is the Internet industry classification template. You can check the status of a default data identification task to confirm the completion time of the task.

    1. View the completion time of a default data identification task. For more information, see View the default data identification task.

    2. View data identification results. For more information, see View sensitive data identification results.

    References

    Best practices for protecting data stored in OSS