How to view and manage abnormal Approval Owners for tables in Data Map-DataWorks(DataWorks)-阿里云帮助中心

DataWorks provides permission request and approval workflows for tables and columns, where Approval Owners have the authority to approve these requests. If an Approval Owner's Alibaba Cloud account becomes abnormal, this can block the approval process. You must manage these abnormal accounts promptly to ensure a smooth and compliant approval flow. This topic describes how to view and manage abnormal Approval Owners for tables in Data Map.

Limitations

The approval owner governance feature is in beta. We welcome you to try it and provide feedback.
Currently, you can manage Approval Owners only for MaxCompute tables.

Go to the approval owner governance page

Log on to the DataWorks console. In the target region, click Data Governance > Data Map in the left-side navigation pane. On the page that appears, click Go to Data Map.
In the left-side navigation pane, click My Data. You are directed to the My Data > Owned by Me page by default.
In the left-side navigation pane, click My Tools > Approver Governance to go to the Approver Governance page.

View abnormal approval owners

On the Approver Governance page, you can view a list of current abnormal Approval Owners.

Note

This page displays abnormal Approval Owners only from workspaces where you have workspace administrator permissions.

Name	Description
Table Name	The name of the table. Click the name to go to the table details page.
Project	The name of the MaxCompute project that the table belongs to. If the table is in a different environment, the project name has a suffix. For example, _dev indicates the development environment.
Environment	The environment of the DataWorks workspace to which the table belongs. A DataWorks workspace can be a Development environment or a Production environment.
Abnormal Approver	Approver: The approver for table permission requests, who is considered the Table Owner from a business perspective. You can view the table's Approval Owner on the Basic Information tab of the Table Details Page in Data Map. Note By default, the Approval Owner is the user who created the table. Table Owner: The Table Owner from a technical perspective. You can find the Table Owner information in the output of the DESC command that you run on a MaxCompute table or view.
Exception Cause	Possible reasons detected by the system for an abnormal Approval Owner, listed in descending order of priority: When a table exists in both production and development environments, the Approval Owner of the production table differs from the Approval Owner of the development table. The Alibaba Cloud account of the table's Approval Owner (in the development or production environment) no longer exists. The table's Approval Owner (in the development or production environment) is not a tenant member.
Recommended Owner	The system suggests a target owner based on the reason for abnormality and the recommendation strategy.
Recommendation Reason	The system uses the following recommendation strategies for the target owner, listed in descending order of priority: For a production table, the system recommends the Approval Owner of the corresponding valid development table as the new Approval Owner. The system recommends the owner of the task that generates the current table as the new Approval Owner. Based on the owner of the task that generates the production table, the system recommends the Approval Owner of the corresponding development table. The system recommends an Approval Owner based on the default security policy configured in Security Center. The system recommends the entity recipient as the new Approval Owner based on the workspace-level transfer rules configured in Security Center. The workspace administrator of the table's workspace is set as the Approval Owner. This applies if Security Center is not deployed or activated, or if transfer rules are not configured for the target workspace in Security Center.
Storage	The amount of data stored in the table.
Created At	The time when the table was created.
Last Updated	The time when the table was last updated.
Actions	Available actions include Transfer and Add to Whitelist. For detailed steps, see Transfer abnormal Approval Owners and Manage the whitelist.
Batch Operation	Available batch actions include Transfer and Add to Whitelist. For detailed steps, see Transfer abnormal Approval Owners and Manage the whitelist.

Transfer abnormal approval owners

On the Approval Owner Governance page, select one or more tables and click Transfer.
In the transfer dialog box, select a transfer type:
1. Recommended: Transfers ownership to the recommended owner, which you can preview on the Approval Owner Governance page.
2. Custom: Transfers ownership to a specified user. Make sure that the target owner is a member of the table's workspace. Otherwise, the transfer will fail.
Click Confirm.
To view the transfer status and details, go to the My Tools > Transfer Logs page.

Transfer all abnormal tables in one click

In addition to the batch selection workflow described above, when the governance list contains abnormal tables, you can also use the One-click Transfer button to transfer all abnormal tables in the current list in a single batch. The system automatically determines the target owner for each table based on the recommendation strategy.

At the top of the Approver Governance page, click One-click Transfer.

Note
This button appears only when abnormal tables exist in the governance list.
In the confirmation dialog, verify the number of tables to transfer and the target owners, then click Confirm to submit.
After the transfer is complete, go to the My Tools > Transfer Logs page to view task execution status and failure details.

Manage the whitelist

Add tables to the whitelist

After you review the list on the Approval Owner Governance page, if you decide that a table's Approval Owner and Table Owner do not require abnormality checks, you can click Add to Whitelist for that table. After a table is added to the whitelist, it will no longer appear in the governance list.
View the whitelist

On the Approval Owner Governance page, click Manage Whitelist to view details of the tables added to the whitelist.
Remove tables from the whitelist

On the Approval Owner Governance page, click Manage Whitelist. In the dialog box that appears, click Remove from Whitelist for a table. This action removes the table from the whitelist and includes it in future governance checks.

View transfer logs

On the My Data page, click My Tools > Transfer Logs to go to the Transfer Logs page.

On the Transfer Logs page, you can view information about each transfer operation:

Name	Description
Transfer Task ID	Each transfer operation, which may involve one or more tables, generates a transfer task with a unique transfer task ID.
Operated By	The user who performed the transfer.
Status	The status of the transfer task. Valid values: Success, Failed, and Transferring.
Start time	The time when the transfer task started.
End Time	The time when the transfer task ended.
Actions	Includes View Details.

In the Actions column for a transfer task, click View Details. In the Transfer Log Details dialog box that appears, you can view information about the transferred tables.

Important

Transfer logs are retained for 15 days only. After 15 days, you can view historical transfer records on the Table Details > Details > Change Records tab.

FAQ

Error: The message "Execution timed out. Please try again." appears during a transfer operation.

Solution: When transferring a large number of tables, we recommend processing them in batches. Alternatively, you can use the Entity Transfer feature.