alibabacloud-dataworks-workspace-manage

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

DataWorks Workspace Lifecycle Management

DataWorks 工作空间生命周期管理

Manage the complete lifecycle of Alibaba Cloud DataWorks workspaces, including workspace creation, configuration, deletion, and member role assignment and management.

管理阿里云DataWorks工作空间的完整生命周期，包括工作空间创建、配置、删除，以及成员角色的分配和管理。

Architecture Overview

架构概览

DataWorks Workspace Management
├── Workspace Lifecycle
│   ├── Create Workspace (CreateProject)
│   ├── Update Workspace (UpdateProject)
│   ├── Query Workspace (GetProject / ListProjects)
│   └── Delete Workspace (DeleteProject)
├── Member Role Management
│   ├── Add Member (CreateProjectMember)
│   ├── Remove Member (DeleteProjectMember)
│   ├── Grant Role (GrantMemberProjectRoles)
│   ├── Revoke Role (RevokeMemberProjectRoles)
│   └── Query Member (GetProjectMember / ListProjectMembers)
└── Role Management
    ├── Query Role Details (GetProjectRole)
    └── Query Role List (ListProjectRoles)

DataWorks Workspace Management
├── Workspace Lifecycle
│   ├── Create Workspace (CreateProject)
│   ├── Update Workspace (UpdateProject)
│   ├── Query Workspace (GetProject / ListProjects)
│   └── Delete Workspace (DeleteProject)
├── Member Role Management
│   ├── Add Member (CreateProjectMember)
│   ├── Remove Member (DeleteProjectMember)
│   ├── Grant Role (GrantMemberProjectRoles)
│   ├── Revoke Role (RevokeMemberProjectRoles)
│   └── Query Member (GetProjectMember / ListProjectMembers)
└── Role Management
    ├── Query Role Details (GetProjectRole)
    └── Query Role List (ListProjectRoles)

Prerequisites

前置条件

Pre-check: Aliyun CLI >= 3.3.1 required Run
aliyun version
to verify. If not installed or version too low, see
references/cli-installation-guide.md
for installation instructions.

前置检查：要求Aliyun CLI >= 3.3.1 执行
aliyun version
命令验证版本。如果未安装或版本过低，请参考
references/cli-installation-guide.md
查看安装说明。

1. Enable DataWorks Service

1. 启用DataWorks服务

Before using this Skill, you need to enable the DataWorks service:

Visit DataWorks Console: https://dataworks.console.aliyun.com/
Follow the prompts to complete the service activation

Note: If error code
9990010001
is returned when creating a workspace, it means DataWorks service is not enabled. Please complete the above activation steps first.

使用本Skill前，你需要先开通DataWorks服务：

访问DataWorks控制台：https://dataworks.console.aliyun.com/
按照页面提示完成服务开通

注意：如果创建工作空间时返回错误码
9990010001
，说明DataWorks服务未开通，请先完成上述开通步骤。

2. Install Aliyun CLI

2. 安装Aliyun CLI

bash

undefined

bash

undefined

macOS

brew install aliyun-cli

Linux

curl -fsSL --max-time 30 https://aliyuncli.alicdn.com/install.sh | bash

Verify version (>= 3.3.1)

aliyun version

undefined

aliyun version

undefined

3. Credential Status

3. 凭证状态

bash

undefined

bash

undefined

Confirm valid credentials

aliyun configure list

undefined

aliyun configure list

undefined

4. First-time Configuration

4. 首次配置

bash

undefined

bash

undefined

Enable auto plugin installation

aliyun configure set --auto-plugin-install true

---

aliyun configure set --auto-plugin-install true

---

CLI Calling Specifications

CLI调用规范

IMPORTANT: This Skill uses Aliyun CLI to call cloud services. The following specifications must be followed:

Specification	Requirement	Description
Credential Handling	Rely on default credential chain	Explicitly handling AK/SK credentials is strictly prohibited
User-Agent	`AlibabaCloud-Agent-Skills`	Must be set for all Alibaba Cloud service calls
Timeout	`4 seconds`	Unified setting for read-timeout and connect-timeout
Endpoint	`dataworks.{region}.aliyuncs.com`	Must be specified for each call

重要提示：本Skill使用Aliyun CLI调用云服务，必须遵守以下规范：

规范	要求	说明
凭证处理	依赖默认凭证链	严格禁止显式处理AK/SK凭证
User-Agent	`AlibabaCloud-Agent-Skills`	所有阿里云服务调用都必须设置该值
超时时间	`4 seconds`	读取超时和连接超时统一设置为该值
Endpoint	`dataworks.{region}.aliyuncs.com`	每次调用都必须指定该参数

Parameter Confirmation

参数确认

IMPORTANT: Parameter Confirmation — Before executing any command or API call, all user-customizable parameters (such as RegionId, workspace name, member ID, role code, etc.) must be confirmed by the user. Do not assume or use default values.

重要提示：参数确认 — 执行任何命令或API调用前，所有用户可自定义参数（如RegionId、工作空间名称、成员ID、角色编码等）都必须经过用户确认，不得默认假设或使用默认值。

Key Parameters List

核心参数列表

Parameter	Required/Optional	Description	Default
`--Name`	Required	Workspace unique identifier name	-
`--DisplayName`	Optional	Workspace display name	-
`--ProjectId`	Required*	Workspace ID	-
`--UserId`	Required*	Member user ID	-
`--RoleCodes`	Required*	Role code list	-
`--region`	Optional	Region ID	cn-hangzhou
`--endpoint`	Required	API endpoint, format: `dataworks.{region}.aliyuncs.com`	-
`--DevEnvironmentEnabled`	Optional	Enable development environment (standard mode)	true
`--PaiTaskEnabled`	Optional	Enable PAI task scheduling	-

*Depends on specific API

Create Workspace Default: If the user does not explicitly specify the
--DevEnvironmentEnabled
parameter, the default is
true
(enable development environment/standard mode).

参数	必填/可选	说明	默认值
`--Name`	必填	工作空间唯一标识名称	-
`--DisplayName`	可选	工作空间展示名称	-
`--ProjectId`	必填*	工作空间ID	-
`--UserId`	必填*	成员用户ID	-
`--RoleCodes`	必填*	角色编码列表	-
`--region`	可选	区域ID	cn-hangzhou
`--endpoint`	必填	API endpoint，格式： `dataworks.{region}.aliyuncs.com`	-
`--DevEnvironmentEnabled`	可选	启用开发环境（标准模式）	true
`--PaiTaskEnabled`	可选	启用PAI任务调度	-

*取决于具体API

创建工作空间默认规则：如果用户未显式指定
--DevEnvironmentEnabled
参数，默认值为
true
（启用开发环境/标准模式）。

Endpoint Parameter Description

Endpoint参数说明

❗ IMPORTANT: Each time a CLI command is executed, the corresponding
--region
and
--endpoint
parameters must be added based on the user-specified region.
Format:
--region {RegionId} --endpoint dataworks.{RegionId}.aliyuncs.com
Region Mapping Table: See references/endpoint-regions.md

❗ 重要提示：每次执行CLI命令时，必须根据用户指定的区域添加对应的
--region
和
--endpoint
参数。
格式：
--region {RegionId} --endpoint dataworks.{RegionId}.aliyuncs.com
区域映射表：参考 references/endpoint-regions.md

RAM Permission Policies

RAM权限策略

Using this Skill requires the following RAM permissions. For details, see references/ram-policies.md

Permission	Description
`dataworks:CreateProject`	Create workspace
`dataworks:UpdateProject`	Update workspace
`dataworks:DeleteProject`	Delete workspace
`dataworks:GetProject`	Query workspace details
`dataworks:ListProjects`	Query workspace list
`dataworks:CreateProjectMember`	Add workspace member
`dataworks:DeleteProjectMember`	Remove workspace member
`dataworks:GrantMemberProjectRoles`	Grant member role
`dataworks:RevokeMemberProjectRoles`	Revoke member role
`dataworks:GetProjectMember`	Query member details
`dataworks:ListProjectMembers`	Query member list
`dataworks:GetProjectRole`	Query role details
`dataworks:ListProjectRoles`	Query role list

使用本Skill需要以下RAM权限，详情参考 references/ram-policies.md

权限	说明
`dataworks:CreateProject`	创建工作空间
`dataworks:UpdateProject`	更新工作空间
`dataworks:DeleteProject`	删除工作空间
`dataworks:GetProject`	查询工作空间详情
`dataworks:ListProjects`	查询工作空间列表
`dataworks:CreateProjectMember`	添加工作空间成员
`dataworks:DeleteProjectMember`	移除工作空间成员
`dataworks:GrantMemberProjectRoles`	授予成员角色
`dataworks:RevokeMemberProjectRoles`	撤销成员角色
`dataworks:GetProjectMember`	查询成员详情
`dataworks:ListProjectMembers`	查询成员列表
`dataworks:GetProjectRole`	查询角色详情
`dataworks:ListProjectRoles`	查询角色列表

Core Workflows

核心工作流

1. Workspace Lifecycle Management

1. 工作空间生命周期管理

1.1 Create Workspace

1.1 创建工作空间

bash

aliyun dataworks-public CreateProject \
  --Name <workspace-name> \
  --DisplayName "<display-name>" \
  --Description "<workspace-description>" \
  --PaiTaskEnabled true \
  --DevEnvironmentEnabled true \
  --DevRoleDisabled false \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills \
  --read-timeout 4 --connect-timeout 4

Default Value Note: If the user does not explicitly specify
--DevEnvironmentEnabled
, the default is
true
(standard mode).

bash

aliyun dataworks-public CreateProject \
  --Name <workspace-name> \
  --DisplayName "<display-name>" \
  --Description "<workspace-description>" \
  --PaiTaskEnabled true \
  --DevEnvironmentEnabled true \
  --DevRoleDisabled false \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills \
  --read-timeout 4 --connect-timeout 4

默认值说明：如果用户未显式指定
--DevEnvironmentEnabled
，默认值为
true
（标准模式）。

1.2 Query Workspace List

1.2 查询工作空间列表

bash

undefined

bash

undefined

Query all workspaces

aliyun dataworks-public ListProjects
--region <region-id>
--endpoint dataworks.<region-id>.aliyuncs.com
--user-agent AlibabaCloud-Agent-Skills

Query by workspace ID (supports multiple)

aliyun dataworks-public ListProjects
--Ids '[123456, 789012]'
--region <region-id>
--endpoint dataworks.<region-id>.aliyuncs.com
--user-agent AlibabaCloud-Agent-Skills

Query by workspace name (supports multiple)

aliyun dataworks-public ListProjects
--Names '["workspace_name_1", "workspace_name_2"]'
--region <region-id>
--endpoint dataworks.<region-id>.aliyuncs.com
--user-agent AlibabaCloud-Agent-Skills

Filter by status

aliyun dataworks-public ListProjects
--Status Available
--region <region-id>
--endpoint dataworks.<region-id>.aliyuncs.com
--user-agent AlibabaCloud-Agent-Skills

Paginated query

aliyun dataworks-public ListProjects
--PageNumber 1 --PageSize 20
--region <region-id>
--endpoint dataworks.<region-id>.aliyuncs.com
--user-agent AlibabaCloud-Agent-Skills


**Supported Filter Parameters**:

| Parameter | Type | Description |
|-----------|------|-------------|
| `--Ids` | JSON Array | Workspace ID list, for querying specific workspaces |
| `--Names` | JSON Array | Workspace name list, for querying specific workspaces |
| `--Status` | String | Workspace status: Available/Initializing/InitFailed/Forbidden/Deleting/DeleteFailed/Frozen/Updating/UpdateFailed |
| `--DevEnvironmentEnabled` | Boolean | Whether development environment is enabled |
| `--DevRoleDisabled` | Boolean | Whether development role is disabled |
| `--PaiTaskEnabled` | Boolean | Whether PAI task scheduling is enabled |
| `--AliyunResourceGroupId` | String | Resource group ID |
| `--PageNumber` | Integer | Page number, default 1 |
| `--PageSize` | Integer | Items per page, default 10, max 100 |

aliyun dataworks-public ListProjects
--PageNumber 1 --PageSize 20
--region <region-id>
--endpoint dataworks.<region-id>.aliyuncs.com
--user-agent AlibabaCloud-Agent-Skills


**支持的过滤参数**：

| 参数 | 类型 | 说明 |
|-----------|------|-------------|
| `--Ids` | JSON数组 | 工作空间ID列表，用于查询指定工作空间 |
| `--Names` | JSON数组 | 工作空间名称列表，用于查询指定工作空间 |
| `--Status` | 字符串 | 工作空间状态：Available/Initializing/InitFailed/Forbidden/Deleting/DeleteFailed/Frozen/Updating/UpdateFailed |
| `--DevEnvironmentEnabled` | 布尔值 | 是否启用开发环境 |
| `--DevRoleDisabled` | 布尔值 | 是否禁用开发角色 |
| `--PaiTaskEnabled` | 布尔值 | 是否启用PAI任务调度 |
| `--AliyunResourceGroupId` | 字符串 | 资源组ID |
| `--PageNumber` | 整数 | 页码，默认1 |
| `--PageSize` | 整数 | 每页条数，默认10，最大100 |

1.3 Query Workspace Details

1.3 查询工作空间详情

bash

aliyun dataworks-public GetProject \
  --Id <project-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

bash

aliyun dataworks-public GetProject \
  --Id <project-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

1.4 Update Workspace

1.4 更新工作空间

bash

aliyun dataworks-public UpdateProject \
  --Id <project-id> \
  --DisplayName "<new-display-name>" \
  --Description "<new-description>" \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

⚠️ Important Limitation: This Skill does not support enabling development environment via API (upgrading from simple mode to standard mode). To enable development environment, please go to the console to complete the upgrade manually.

bash

aliyun dataworks-public UpdateProject \
  --Id <project-id> \
  --DisplayName "<new-display-name>" \
  --Description "<new-description>" \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

⚠️ 重要限制：本Skill不支持通过API启用开发环境（从简易模式升级到标准模式）。如需启用开发环境，请前往控制台手动完成升级。

1.5 Delete Workspace

1.5 删除工作空间

bash

aliyun dataworks-public DeleteProject \
  --Id <project-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

bash

aliyun dataworks-public DeleteProject \
  --Id <project-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

2. Member Role Management

2. 成员角色管理

2.1 Add Workspace Member and Grant Roles

2.1 添加工作空间成员并授予角色

bash

aliyun dataworks-public CreateProjectMember \
  --ProjectId <project-id> \
  --UserId <user-id> \
  --RoleCodes '["role_project_dev", "role_project_pe"]' \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

bash

aliyun dataworks-public CreateProjectMember \
  --ProjectId <project-id> \
  --UserId <user-id> \
  --RoleCodes '["role_project_dev", "role_project_pe"]' \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

2.2 Query Workspace Member List

2.2 查询工作空间成员列表

bash

aliyun dataworks-public ListProjectMembers \
  --ProjectId <project-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

bash

aliyun dataworks-public ListProjectMembers \
  --ProjectId <project-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

2.3 Query Member Details

2.3 查询成员详情

bash

aliyun dataworks-public GetProjectMember \
  --ProjectId <project-id> \
  --UserId <user-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

bash

aliyun dataworks-public GetProjectMember \
  --ProjectId <project-id> \
  --UserId <user-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

2.4 Grant Member New Roles

2.4 授予成员新角色

bash

aliyun dataworks-public GrantMemberProjectRoles \
  --ProjectId <project-id> \
  --UserId <user-id> \
  --RoleCodes '["role_project_admin", "role_project_dev"]' \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

bash

aliyun dataworks-public GrantMemberProjectRoles \
  --ProjectId <project-id> \
  --UserId <user-id> \
  --RoleCodes '["role_project_admin", "role_project_dev"]' \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

2.5 Revoke Member Roles

2.5 撤销成员角色

bash

aliyun dataworks-public RevokeMemberProjectRoles \
  --ProjectId <project-id> \
  --UserId <user-id> \
  --RoleCodes '["role_project_dev"]' \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

bash

aliyun dataworks-public RevokeMemberProjectRoles \
  --ProjectId <project-id> \
  --UserId <user-id> \
  --RoleCodes '["role_project_dev"]' \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

2.6 Remove Workspace Member

2.6 移除工作空间成员

bash

aliyun dataworks-public DeleteProjectMember \
  --ProjectId <project-id> \
  --UserId <user-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

bash

aliyun dataworks-public DeleteProjectMember \
  --ProjectId <project-id> \
  --UserId <user-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

3. Role Management

3. 角色管理

3.1 Query Workspace Role List

3.1 查询工作空间角色列表

bash

aliyun dataworks-public ListProjectRoles \
  --ProjectId <project-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

bash

aliyun dataworks-public ListProjectRoles \
  --ProjectId <project-id> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

3.2 Query Role Details

3.2 查询角色详情

bash

aliyun dataworks-public GetProjectRole \
  --ProjectId <project-id> \
  --Code <role-code> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

bash

aliyun dataworks-public GetProjectRole \
  --ProjectId <project-id> \
  --Code <role-code> \
  --region <region-id> \
  --endpoint dataworks.<region-id>.aliyuncs.com \
  --user-agent AlibabaCloud-Agent-Skills

Preset Role Description

预设角色说明

Role Code	Role Name	Description
`role_project_owner`	Project Owner	Has all workspace permissions, cannot be removed
`role_project_admin`	Workspace Admin	Manages all workspace configurations and members
`role_project_dev`	Developer	Data development and task debugging permissions
`role_project_pe`	Operator	Task operations and monitoring permissions
`role_project_deploy`	Deployer	Task publishing permissions
`role_project_guest`	Guest	Read-only permissions
`role_project_security`	Security Admin	Data security configuration permissions

角色编码	角色名称	说明
`role_project_owner`	项目所有者	拥有所有工作空间权限，不可移除
`role_project_admin`	工作空间管理员	管理所有工作空间配置和成员
`role_project_dev`	开发人员	数据开发和任务调试权限
`role_project_pe`	运维人员	任务操作和监控权限
`role_project_deploy`	发布人员	任务发布权限
`role_project_guest`	访客	只读权限
`role_project_security`	安全管理员	数据安全配置权限

Verification Methods

验证方法

For verification steps after successful execution, see references/verification-method.md

执行成功后的验证步骤参考 references/verification-method.md

API and Command Reference

API和命令参考

For the complete list of APIs and CLI commands, see references/related-apis.md

完整的API和CLI命令列表参考 references/related-apis.md

Business Scenarios and Handling

业务场景与处理

Scenario 1: Access After Creating Workspace

场景1：创建工作空间后访问

After a workspace is successfully created, it can be accessed via the following URL:

https://dataworks.data.aliyun.com/{regionId}/sc?defaultProjectId={projectId}

Example (Hangzhou region):

https://dataworks.data.aliyun.com/cn-hangzhou/sc?defaultProjectId=12345

工作空间创建成功后，可通过以下URL访问：

https://dataworks.data.aliyun.com/{regionId}/sc?defaultProjectId={projectId}

示例（杭州区域）：

https://dataworks.data.aliyun.com/cn-hangzhou/sc?defaultProjectId=12345

Scenario 2: Adding RAM Role as Workspace Member

场景2：添加RAM角色作为工作空间成员

UserId Format Description:

Account Type	UserId Format	Example
Alibaba Cloud Account (Main)	Use UID directly	`123456789012345678`
RAM Sub-account	Use UID directly	`234567890123456789`
RAM Role	Add `ROLE_` prefix	`ROLE_345678901234567890`

Important Limitation: Newly created RAM roles cannot be directly added as workspace members via API. They need to be refreshed and synced in the console first.

Steps:

Visit workspace console:

https://dataworks.data.aliyun.com/{regionId}/sc?defaultProjectId={projectId}

Go to Workspace Members and Roles page
Click Add Member button
In the popup, click Refresh in the prompt "You can go to RAM console to create a sub-account, and click refresh to sync to this page"
After sync is complete, you can add the RAM role as a member via API

bash

undefined

UserId格式说明：

账号类型	UserId格式	示例
阿里云主账号	直接使用UID	`123456789012345678`
RAM子账号	直接使用UID	`234567890123456789`
RAM角色	添加 `ROLE_` 前缀	`ROLE_345678901234567890`

重要限制：新创建的RAM角色无法直接通过API添加为工作空间成员，需要先在控制台刷新同步。

操作步骤：

访问工作空间控制台：

https://dataworks.data.aliyun.com/{regionId}/sc?defaultProjectId={projectId}

进入工作空间成员与角色页面
点击添加成员按钮
在弹出窗口中，点击提示「您可以前往RAM控制台创建子账号，点击刷新同步到本页面」中的刷新按钮
同步完成后，即可通过API添加RAM角色为成员

bash

undefined

Example of adding RAM role member

aliyun dataworks-public CreateProjectMember
--ProjectId 12345
--UserId ROLE_345678901234567890
--RoleCodes '["role_project_dev"]'
--user-agent AlibabaCloud-Agent-Skills

undefined

aliyun dataworks-public CreateProjectMember
--ProjectId 12345
--UserId ROLE_345678901234567890
--RoleCodes '["role_project_dev"]'
--user-agent AlibabaCloud-Agent-Skills

undefined

Scenario 3: Workspace Configuration Update Limitations

场景3：工作空间配置更新限制

When using the

UpdateProject

API to update workspace configuration, there are the following limitations:

Configuration	Limitation
Development Role (DevRoleDisabled)	Once development role is enabled, cannot be disabled
Development Environment (DevEnvironmentEnabled)	Once development environment is enabled, cannot be disabled

Recommendation: Plan development role and development environment configurations carefully when creating a workspace, as these configurations cannot be reverted once enabled.

使用

UpdateProject

API更新工作空间配置时，存在以下限制：

配置项	限制
开发角色（DevRoleDisabled）	开发角色一旦启用，无法禁用
开发环境（DevEnvironmentEnabled）	开发环境一旦启用，无法禁用

建议：创建工作空间时请谨慎规划开发角色和开发环境配置，这些配置启用后无法回退。

Scenario 3.1: Workspace Upgrade Blocking

场景3.1：工作空间升级拦截

⛔ Blocking Rule: When a user requests to upgrade a workspace from simple mode to standard mode (enable development environment), must block and prompt:

"Workspace upgrade capability is currently not available. Please go to the console to complete the upgrade manually."

Console Upgrade Path:

Visit DataWorks Console: https://dataworks.console.aliyun.com/
Find the target workspace
Go to Workspace Configuration → Basic Properties
Click Upgrade to Standard Mode

API Limitation Reason: Workspace mode upgrade involves complex operations such as environment isolation configuration and resource initialization. Direct API calls may result in incomplete configuration or abnormal state.

⛔ 拦截规则：当用户请求将工作空间从简易模式升级为标准模式（启用开发环境）时，必须拦截并提示：

「工作空间升级功能当前暂不支持，请前往控制台手动完成升级。」

控制台升级路径：

访问DataWorks控制台：https://dataworks.console.aliyun.com/
找到目标工作空间
进入工作空间配置 → 基础属性
点击升级为标准模式

API限制原因：工作空间模式升级涉及环境隔离配置、资源初始化等复杂操作，直接调用API可能导致配置不完整或状态异常。

Scenario 4: Delete Workspace and Recycle Bin Mechanism

场景4：删除工作空间与回收站机制

After a workspace is deleted, it is not permanently deleted immediately but goes to the recycle bin:

Stage	Description
After deletion	Workspace goes to recycle bin, status becomes pending cleanup
Silent period	Workspace is retained in recycle bin for 14 days
Permanent deletion	After 14 days, workspace is permanently deleted and cannot be recovered

Warning: Please ensure necessary data backup is completed before deletion. Data cannot be recovered after the 14-day silent period.

工作空间删除后不会立即永久删除，而是进入回收站：

阶段	说明
删除后	工作空间进入回收站，状态变为待清理
静默期	工作空间在回收站保留14天
永久删除	14天后工作空间被永久删除，无法恢复

警告：删除前请确保已完成必要的数据备份，14天静默期结束后数据无法恢复。

Scenario 5: DataWorks Service Not Enabled

场景5：DataWorks服务未开通

If error code

9990010001

is returned when creating a workspace, it means DataWorks service is not enabled.

Solution:

Log in to Alibaba Cloud official website
Visit DataWorks Console: https://dataworks.console.aliyun.com/
Follow the prompts to complete service activation
After activation, retry the workspace creation operation

如果创建工作空间时返回错误码

9990010001

，说明DataWorks服务未开通。

解决方案：

登录阿里云官网
访问DataWorks控制台：https://dataworks.console.aliyun.com/
按照提示完成服务开通
开通后重试工作空间创建操作

Best Practices

最佳实践

Principle of Least Privilege — Assign members the minimum necessary permissions
Use Standard Mode — For production environments, use standard mode to achieve development and production isolation
Standardized Naming — Use meaningful naming, such as
```
finance_tax_report
```
Use RAM Users — Do not use the main account for daily operations

最小权限原则 — 为成员分配必要的最小权限
使用标准模式 — 生产环境建议使用标准模式，实现开发生产隔离
标准化命名 — 使用有意义的命名，例如
```
finance_tax_report
```
使用RAM用户 — 日常操作不要使用主账号

Reference Links

参考链接

Document	Description
references/related-apis.md	Complete list of APIs and CLI commands
references/ram-policies.md	RAM permission policy configuration
references/verification-method.md	Operation verification methods
references/acceptance-criteria.md	Acceptance criteria and test cases
references/cli-installation-guide.md	CLI installation and configuration guide

文档	说明
references/related-apis.md	完整的API和CLI命令列表
references/ram-policies.md	RAM权限策略配置
references/verification-method.md	操作验证方法
references/acceptance-criteria.md	验收标准和测试用例
references/cli-installation-guide.md	CLI安装和配置指南