Data Asset Governance (formerly Data Governance Center) automatically detects issues across data storage, task computing, code development, data quality, and security based on preconfigured governance plans. It quantifies governance effectiveness through health scores and visualizes results via governance reports and leaderboards from global, workspace, and individual perspectives, helping you efficiently meet governance objectives. It also provides business asset management, asset analysis, task resource consumption details, and cost estimation so you can track resource usage.
Limits
-
Editions
Only DataWorks Enterprise Edition or a more advanced edition supports Data Asset Governance. For information about DataWorks editions, see DataWorks: Features by edition. For information about how to activate DataWorks, see Purchase guide.
-
Regions
Data Asset Governance is available in the following regions: China (Hangzhou), China (Shanghai), China (Beijing), China (Zhangjiakou), China (Shenzhen), China (Chengdu), China (Hong Kong), Singapore, Japan (Tokyo),
Malaysia (Kuala Lumpur), Indonesia (Jakarta), Germany (Frankfurt), US (Silicon Valley), and US (Virginia).
-
Permissions
-
The following table describes the permissions of each role in Data Asset Governance.
Role
Permission
References
Tenant-level data governance administrator
A tenant-level data governance administrator can view governance reports, governance issues, and check events from the Global perspective and perform corrective actions.
-
For information about how to grant permissions to users, see the Manage tenant member roles section in the Manage permissions on global-level services topic.
-
For more information about the permissions of a data governance administrator, see the Data Governance section in the Permissions of built-in workspace-level roles topic.
Workspace administrator
A workspace administrator can view governance reports from the Workspace View perspective. To view a specific workspace's governance reports, you must have the workspace administrator role for that workspace.
-
For information about how to grant permissions to users, see the Add a RAM user to a workspace as a member and assign roles to the member section in the Manage permissions on workspace-level services topic.
-
For information about how to view governance reports, see the View the governance assessment report section in the View data governance results topic.
Workspace-level data governance administrator
A workspace-level data governance administrator can view and manage the data governance content of the workspace to which the role belongs.
NoteThis role cannot view data governance status across all workspaces in a region from the global dimension or manage global governance operations, such as enabling check items at the global level. To allow a Resource Access Management (RAM) user to perform global governance operations, assign the Data Governance Administrator role at the tenant level to the RAM user. For more information, see Data Governance Administrator role at the tenant level.
-
For information about how to grant permissions to users, see the Add a RAM user to a workspace as a member and assign roles to the member section in the Manage permissions on workspace-level services topic.
-
For information about the features supported by the workspace-level data governance administrator role, see the Data Governance section in the Permissions of built-in workspace-level roles topic.
Common user
Common users handle detected issues in Data Asset Governance. A common user can view check events and governance issues from the personal dimension and perform rectification operations. To rectify issues detected in a workspace, you must be added to the workspace as a member.
NoteBy default, except for Alibaba Cloud accounts and RAM users to which the AliyunDataWorksFullAccess policy is attached, all other users are common users within a tenant.
For information about how to grant permissions to users, see the Add a RAM user to a workspace as a member and assign roles to the member section in the Manage permissions on workspace-level services topic.
-
-
Only Alibaba Cloud accounts and RAM users with the AliyunDataWorksFullAccess policy can use all features of Data Asset Governance. To use all features as a RAM user, you must apply for the required permissions. For more information, see the Grant the permissions to perform operations in DataWorks to a RAM user section in the Prepare a RAM user topic.
-
-
Compute resources
Currently, Data Asset Governance supports only MaxCompute, E-MapReduce (EMR), and Hologres compute resources.
Note-
To use a Hologres compute resource in Data Asset Governance, you must first collect its metadata with Data Map. For more information, see Metadata collection.
-
Data Asset Governance supports Hologres compute resources only in the China (Beijing), China (Shanghai), China (Hangzhou), and China (Shenzhen) regions.
-
Data governance logic
Data Asset Governance detects check events based on check items before data development tasks are committed and deployed, and detects governance issues based on governance items after deployment. This ensures comprehensive handling of data-related events and issues. If a task fails a check, an event is generated. Severe events may block the subsequent development process. You can view and handle the event in Data Asset Governance, and after the task passes the check, proceed with development. The following flowchart describes the data governance logic:
DataWorks provides workspaces in standard and basic modes. The task development process varies by workspace mode. This topic uses a workspace in standard mode to illustrate the task development process. For more information about the development process in different modes, see DataStudio (legacy).
-
Run checks based on check items.
Check items verify data against rules before tasks are committed and deployed. If the system detects a violation, it generates a check event to block the subsequent development process. You can resolve the issue so that the development process proceeds as expected.
-
Run checks based on governance items.
Governance item detection is a post-deployment governance mechanism. You can use the Global, Individual, or Workspace View perspectives in Data Asset Governance to view outstanding governance items. Governance personnel can use this information to quickly discover and resolve issues, helping the team meet governance goals.
Data governance process
-
Configure governance tools.
-
Enable a governance plan template and configure custom items.
Operation
Description
References
Configure custom check items
If the check items in the template do not meet your business requirements, you can configure custom check items.
-
Create a check item for a registered custom extension.
DataWorks also allows you to create check items in Data Asset Governance for a custom extension. After you create such check items, Data Asset Governance detects the check events triggered by the custom extension.
-
Disable check items.
If a check item in the governance plan template is unnecessary for a workspace, you can disable it. After you disable the check item, Data Asset Governance no longer detects its check events in that workspace.
Configure custom governance item
If a governance item in the governance plan template is unnecessary for a workspace, you can create a rule to disable it. After you disable the governance item, Data Asset Governance no longer detects governance issues based on that item in the workspace. Detected governance issues are not displayed on the Governance Issue tab.
NoteYou can disable only optional governance items. You cannot disable mandatory governance items or create governance items.
-
-
Optional. Configure a governance unit.
You can perform data governance on multiple workspaces in a centralized manner by creating a governance unit. Then, you can view aggregated statistics on health scores, governance issues, and check events for the workspaces within the governance unit. For more information, see Configure governance units.
-
Optional. Configure issue notification methods.
To have the system notify specified personnel of detected issues through system messages, emails, DingTalk group messages, or webhook URLs, configure issue notification methods. This ensures that personnel can view and handle issues promptly. For more information, see Alert settings.
-
-
Start a check and handle detected governance issues.
-
Check data for violations against check items before the data is committed and deployed.
Before data is committed and deployed, DataWorks checks it against the configured check items. If the data violates any check items, check events are generated. You can then view and handle these events. For more information, see Handle check events.
-
Run checks after task deployment.
After data is committed and deployed, DataWorks detects governance issues based on the configured governance items. You can then view and handle these issues. For more information, see Handle check events.
-
Run asset 360 checks.
You can use the asset 360 feature to detect, view, and handle governance issues on specified tasks and tables. For more information, see Asset 360.
-
Perform automated governance of materialized views.
Data Asset Governance supports materialized views with automated governance and intelligent recommendations. This is an intelligent, automated solution for big data computing tasks that frequently handle large numbers of similar subqueries. For more information, see Materialized views.
If invalid issues are detected, you can add them to a whitelist or undeploy the related tasks or tables. For more information, see Add an issue to a whitelist and Graceful undeployment.
-
-
Select an analytical dimension.
-
Based on use scenarios: DataWorks provides multiple dimensions such as data production, data usage, and data management to help you analyze governance effectiveness and govern data efficiently.
-
Based on rational use of resources: DataWorks provides statistics on resource consumption, task running status, MaxCompute table count and storage, and resource usage overview and details. Data developers and administrators can analyze overall workspace resource usage and optimize resource allocation based on these statistics. For more information, see Asset analysis
-
-
View governance results.
After you handle the governance issues, you can go to the page to view governance results from different perspectives. By analyzing the results, you can quickly identify the dimensions and categories with the most issues, helping you drive resolution and achieve governance goals.
Data Asset Governance calculates health scores based on governance items by using a health assessment model. You can view health scores on governance reports and leaderboards to understand governance results. A higher health score indicates better governance effectiveness. For more information, see the Quantitative assessment: health scores section in the Overview topic.
Quantitative assessment: health scores
A health score is a composite score that reflects the state of your data assets. The system calculates it by applying data processing and machine learning techniques to metadata such as user behavior, data characteristics, and task properties across data production, distribution, and management. The health score system is built on five key domains: storage, compute, R&D, quality, and security, with five corresponding health score metrics. The health score page displays a radar chart with governance scores for five dimensions: R&D, storage, compute, quality, and security. It also provides month-over-month trend information.
Health scores range from 0 to 100. A higher score indicates healthier data assets. This helps you use data securely, efficiently, and reliably while ensuring data production and business operations. Data Asset Governance uses a built-in health assessment model to perform a quantitative assessment of governance effectiveness and generates an overall health score and a score for each governance dimension. The following table describes the assessment grades and score ranges.
-
Excellent: [90, 100]
-
Good: [75, 90)
-
Pass: [60, 75)
-
Improvement required: [30, 60)
-
Poor: [0,30)
Terms
-
Check item: A proactive governance mechanism applied during the data production workflow. It performs pre-checks at critical stages, such as task execution and deployment, to identify potential issues like a full table scan or a missing scheduling dependency. If the system detects a non-compliant item, it generates a check event and automatically blocks the process. This enforces standardization and normalizes data processing.
-
Governance Item: A governance item defines a potential issue or area for optimization identified during data governance. It covers areas such as development standards, data quality, security compliance, and resource utilization. Governance items are divided into mandatory and optional items. Mandatory items are enabled by default and cannot be changed, while optional items can be enabled as needed. Examples include Task running time is too long, Continuous error nodes, and No one visits leaf nodes.
-
Governance Issue: An issue detected by a governance item scan that requires resolution.
-
Governance unit: A governance unit consists of one or more workspaces. You can view statistics on the overall health score, governance issues, and check events of the workspaces within a governance unit.
-
Governance plan: Data Asset Governance provides governance plan templates for different scenarios, designed to achieve predetermined objectives within specific periods. A governance plan template helps you quickly identify relevant governance items and check items and discover optimization opportunities. This helps governance owners track effectiveness and assists the team in efficiently meeting governance objectives through quantitative assessments.
-
Knowledge Base: Contains definitions of the built-in check items and governance items in Data Asset Governance. It helps governance personnel quickly identify and understand specific issues and provides reference information and practical guidance to improve efficiency.
Related documentation
For more information about using check items during data development, see Diagnose and govern node development issues.