Oracle Cloud Infrastructure GoldenGate provides a secure and easy to use data replication solution in accordance with industry-leading security best practices.
- Assign least privilege access for IAM users and
groups to resource types in
- To minimize loss of data from inadvertent deletes by an authorized user or malicious
deletes, Oracle recommends giving the
GOLDENGATE_DATABASE_REGISTRATION_DELETEpermissions to the minimum possible set of IAM users and groups. Give these permissions only to tenancy and compartment administrators.
- GoldenGate only needs
USElevel access to capture data from database registrations.
Security Policy Examples
Prevent deletion of deployments
Create this policy to allow the group
ggs-users to perform all
actions on deployments, except deleting them:
Allow group ggs-users to manage goldengate-family in tenancy where request.permission!='GOLDENGATE_DEPLOYMENT_DELETE'
For more information on creating policies, see Oracle Cloud Infrastructure GoldenGate Policies.