Security
Singdata Lakehouse security capabilities cover six areas: user permissions, data masking, network access control, audit compliance, identity authentication, and data recovery.
I Want to Manage Users and Permissions
| Scenario | Reference |
|---|---|
| Onboard a new colleague, add them to a workspace | User Authorization Getting Started Guide · Quick Start: Manage Users |
| Design a role system (RBAC) | Access Control Overview · Role Management |
| View what permissions built-in roles have | Built-in Role Permission List |
| Grant / revoke permissions for a user | GRANT Privileges · REVOKE Privileges |
| Audit and clean up the permission system | Permission System Inventory Best Practices |
I Want to Protect Sensitive Data
| Scenario | Approach | Reference |
|---|---|---|
| Mask specific columns (phone numbers / ID numbers / amounts) | Dynamic Data Masking policy | Dynamic Data Masking |
| Encrypt data at rest | Storage encryption | Storage Encryption |
| Use your own encryption keys (BYOK) | BYOK | BYOK Model Integration |
I Want to Control Network Access
| Scenario | Approach | Reference |
|---|---|---|
| Restrict access to company IP addresses only | Network Policy (IP allowlist) | Network Policy |
| Connect via private network (no public internet) | Private Link | Private Network Connection Overview · Alibaba Cloud Configuration · Tencent Cloud Configuration |
| Use your own object storage (BYOS) | Private Storage | Private Storage Overview · Alibaba Cloud Configuration |
I Want to Meet Audit and Compliance Requirements
| Scenario | Reference |
|---|---|
| View who did what and when | Job History Analysis |
| Complete security compliance audit guide | Security Compliance Audit Guide |
| Overview of all security features | Security Features Overview |
I Want to Strengthen Identity Authentication
| Scenario | Reference |
|---|---|
| Enable multi-factor authentication (MFA) | Bind a Virtual MFA Device |
| Configure Single Sign-On (SSO) | SSO Configuration |
I Want to Recover Accidentally Deleted or Modified Data
| Scenario | Reference |
|---|---|
| View historical versions of a table | Time Travel Concept |
| Restore to a specific point in time | RESTORE TABLE |
| Recover a dropped table | UNDROP TABLE |
| Data backup and recovery overview | Backup and Recovery |