The security administrator role in Data Management (DMS) is responsible for data security governance — configuring sensitive data protection, auditing user operations, and managing access permissions across your organization's databases.
Get started
Two pages in the DMS console are central to the security administrator's daily work:
Sensitive Data Assets: Configure data masking and encryption algorithms for sensitive and confidential fields.
Operation Audit: View and audit user operations across your DMS tenant.
Supported features
The following table lists all features available to security administrators, organized by category.
Category | Feature | Description |
SQL Window | Manually write SQL statements to query a single database. This feature is useful for verifying data for online business code, analyzing product performance, and troubleshooting online issues. | |
The logical data warehouse provides fast data analytics, access services, and cross-database queries. | ||
Cross-database query provides timely join query services for online disparate data sources across different environments. | ||
Database Development | Change data to meet requirements such as data initialization for online services, historical data cleanup, issue fixing, and testing. | |
In scenarios such as new projects, new requirements, or optimizations, you often need to change schemas, such as creating or modifying tables. You can use the schema design feature of Data Management Service (DMS) for these operations. | ||
The database and table synchronization feature lets you compare table schemas between different environments, such as staging and production environments, to ensure schema consistency. | ||
The SQL review feature helps you avoid SQL statements without indexes and non-standard SQL statements to reduce the risk of SQL injection. | ||
Use the data import feature to import data to a database in batches. | ||
Use the data export feature when you need to perform large-scale data analytics or extract relevant data. | ||
If data does not meet expectations due to incorrect operations, use data tracking to quickly restore the data to a normal state. | ||
Test data generation can ensure data security, guarantee data discreteness, and improve production efficiency during frequent data preparation. | ||
The database clone feature lets you clone MySQL databases. | ||
Integration and Development (DTS) | Data warehouse development uses databases as the primary computing engine and integrates various tools and services from the database ecosystem, such as Data Transmission Service (DTS) and Data Lake Analytics (DLA). This allows users to easily have a data warehouse for development and management. | |
Task orchestration is mainly used to orchestrate various tasks for scheduling and execution. Create a task stream composed of one or more task nodes to implement complex task scheduling and improve data development efficiency. | ||
Offline integration is a low-code data development tool. You can combine various task nodes to form a data stream and run it on a recurring schedule to achieve data transformation and data synchronization. | ||
Data analytics provides typical datasets, dashboards, and large-screen models. It offers a rich set of visual charts and components in dashboards or large screens to display data. | ||
DataService Studio provides features such as minimum granularity data output, visualization creation, and sales on Alibaba Cloud Marketplace. | ||
Security and Specifications | Operation logs save data change records. You can trace information such as the change time, the person who made the change, and the operation performed at any time. | |
In sensitive data management, you can perform operations on sensitive data in tables, such as adding algorithms and adjusting security levels. | ||
Data Security Guard can periodically assess the security of data assets from multiple perspectives and generate security reports. | ||
You can embed a watermark in a file or extract a watermark from a file to trace the source during data distribution. | ||
You can request permissions on instances, databases, tables, and sensitive columns. You can also view the permissions you have. | ||
Solutions | The data archiving feature supports scheduled archiving of data from large tables to other databases. It also supports source table data deletion, and tablespace organization and reclamation. | |
Create a real-time synchronized data warehouse with one click. Data is synchronized to an AnalyticDB for MySQL database with a latency of seconds. | ||
Implement a closed-loop operation of database migration, checksum, and cleanup by creating a ticket. | ||
Operations Management | Quickly load all databases in a created database group during a SQL change or schema design. | |
In intelligent O&M, you can view overall information about the number of tickets, queries, users, and metadata. | ||
Tickets | DMS provides in-product ticket approval and ticket execution status notification features. Notifications can be sent through DingTalk and email. |