All Products
Search
Document Center

MaxCompute:Security parameters

Last Updated:Jun 26, 2023

To meet the data security requirements of different MaxCompute projects, MaxCompute allows project owners to configure security parameters for projects and customize security mechanisms based on their business requirements.

MaxCompute allows project owners to configure security parameters for projects and customize security mechanisms based on their business requirements or usage habits. The following table describes the security configurations.

Security configuration

Description

Performed by

Operation platform

set CheckPermissionUsingACL={true|false};

Specifies whether to enable ACL-based access control. The default value is true, which indicates that the feature is enabled.

The project owner or a user that is assigned the project-level Super_Administrator role

set CheckPermissionUsingPolicy={true|false};

Specifies whether to enable policy-based access control. The default value is true, which indicates that the feature is enabled.

set ObjectCreatorHasAccessPermission={true|false};

Specifies whether to allow object creators to access objects. The default value is true, which indicates that object creators can grant permissions on objects to other users.

set ObjectCreatorHasGrantPermission={true|false};

Specifies whether to allow object creators to grant permissions on objects to other users. The default value is true, which indicates that object creators can grant permissions on objects to other users.

Set LabelSecurity={true|false};

Specifies whether to enable label-based access control. The default value is false, which indicates that the feature is disabled.

set ProjectProtection={true|false};

Specifies whether to enable project data protection to allow data outflow to other projects.

To view the security configurations of a project, run the following command:

show SecurityConfiguration;