Skip to content

Data Access

Guance allows restricting access to RUM data for workspace members at the application level. By introducing regular expressions and desensitization fields, it effectively enhances security protection for different application data, ensuring information security.

Start Creating

  1. Enter the Create page;
  2. Input the rule name;
  3. Optionally input a description for the rule;
  4. Select the application ID (only applications from the current workspace can be selected). You can apply to all applications or select single/multiple applications, covering Web, iOS, Android, etc.;

  5. Define the access scope for RUM data under the current rule;

  6. Add single or multiple fields that need to be desensitized;

  7. Use regular expressions to desensitize sensitive information in the field content;

  8. Select single or multiple member roles to which the current access rule can be applied, including system default roles and custom roles;
  9. Click Save.

Configuration Notes

When configuring data access rules, pay attention to three major logics:

  • Data Access Scope: Members within the access rule can only access data that matches the filter conditions.
  • Regular Expression Desensitization: If you need to add an additional layer of data protection within the defined data scope, you can set regular expressions or desensitization fields to externally shield sensitive data;
  • Role Scenarios and Query Permissions: Different roles and different rules, whether single or combined, will produce different results for the final presentation of data access rules.

Manage List

For more details, refer to List Operations.

Notes

Cross-Workspace Query: If two workspaces contain the same application, based on the permission settings in the data access rules, specific roles can only view the filtered data of the application in the authorized workspace.

Prerequisite: Workspace A and Workspace B both have the whytest-android application, and Workspace B has authorized RUM application data viewing permissions to Workspace A.

When configuring data access rules (as shown below), Workspace A restricts the "Custom Management" role to only view data under source:kodo for the whytest-android application.

The following scenarios exist:

RUM Explorer

Since the explorer does not currently support cross-workspace queries, the "Custom Management" role can only view RUM data for the whytest-android application in Workspace A in the RUM Explorer.

Dashboard

When selecting both Workspace A and Workspace B for data query, and simultaneously querying data for the whytest-android and whytest-ios applications in DQL. Since the current data access restriction rules limit access for the "Custom Management" role, and the whytest-android application data in Workspace B and the whytest-ios application data in both Workspace A and Workspace B are not configured with access permissions.

Therefore, the "Custom Management" role can only access the whytest-android application data in Workspace A.

Further Reading

Feedback

Is this page helpful? ×