Students who use MaxCompute Console may have used MaxCompute security related commands. The official document has a detailed MaxCompute Safety Guide , and gives Summary of safety related statements.

In short, Privilege management,Column level access control,Project space security configuration as well as Resource sharing across project spaces All belong to the category related to MaxCompute security command.

To be more straightforward, commands starting with the following keywords are all MaxCompute security related operation commands:

GRANT/REVOKE ...
SHOW  GRANTS/ACL/PACKAGE/LABEL/ROLE/PRINCIPALS
SHOW  PRIV/PRIVILEGES
LIST/ADD/REOVE  USERS/ROLES/TRUSTEDPROJECTS
DROP/CREATE   ROLE
CLEAR EXPIRED  GRANTS
DESC/DESCRIBE   ROLE/PACKAGE
CREATE/DELETE/DROP  PACKAGE
ADD ... TO  PACKAGE
REMOVE ... FROM  PACKAGE
ALLOW/DISALLOW  PROJECT
INSTALL/UNINSTALL  PACKAGE
LIST/ADD/REMOVE   ACCOUNTPROVIDERS
SET  LABLE  ...

So, how can these commands run on MaxCompute Console run using MaxCompute Java SDK? Do they run the same way as SQL by creating instance s?

Answer: No, these commands are not SQL and cannot be run through SQL Task.

The interface 'SecurityManager.runQuery()' is required to run. Detailed SDK Java Doc stamp here

The SecurityManager class is in ODPs SDK core, so please add a dependency when using it:

<dependency>
  <groupId>com.aliyun.odps</groupId>
  <artifactId>odps-sdk-core</artifactId>
  <version>0.29.11-oversea-public</version>
</dependency>

Here is an example to show how to set the access level of the test label column of the table to 2 through MaxCompute Java SDK, that is, to run the command

SET LABEL 2 TO TABLE test_label(key, value);.

import com.aliyun.odps.Column;
import com.aliyun.odps.Odps;
import com.aliyun.odps.OdpsException;
import com.aliyun.odps.OdpsType;
import com.aliyun.odps.TableSchema;
import com.aliyun.odps.account.Account;
import com.aliyun.odps.account.AliyunAccount;
import com.aliyun.odps.security.SecurityManager;

public class test {
  public static void main(String [] args) throws OdpsException {
    try {
      // init odps
      Account account = new AliyunAccount("<your_accessid>", "<your_accesskey>");
      Odps odps = new Odps(account);
      odps.setEndpoint("http://service-corp.odps.aliyun-inc.com/api");
      odps.setDefaultProject("<your_project>");

      // create test table
      // if u already have a table, skip this
      TableSchema schema = new TableSchema();
      schema.addColumn(new Column("key", OdpsType.STRING));
      schema.addColumn(new Column("value", OdpsType.BIGINT));
      odps.tables().create("test_label", schema);

      // set label 2 to table columns
      SecurityManager securityManager = odps.projects().get().getSecurityManager();
      String res = securityManager.runQuery("SET LABEL 2 TO TABLE test_label(key, value);", false);
      System.out.println(res);
    } catch (OdpsException e) {
      e.printStackTrace();
    }
  }
}

Operation result:

After running the program, run the command 'desc test label;' in MaxCompute Console. You can see that the set label has taken effect.

Other security related commands can be run in this way through the MaxCompute Java SDK. Try it!