Permissions Required to Enable Database Management for HeatWave
To enable Database Management for HeatWave DB
systems, you must belong to a user group in your tenancy with the
manage permission on the HeatWave service resource-types. When
creating a policy, the aggregate resource-type for the HeatWave service,
mysql-family, can be used.
Here's an example of a policy that grants the
DB-MGMT-MYSQL-ADMIN user group the permission to enable Database Management for all the HeatWave DB systems in the
tenancy:
Allow group DB-MGMT-MYSQL-ADMIN to manage mysql-family in tenancyFor more information on the HeatWave service resource-types and permissions, see IAM Policies.
Database Management Permissions
When enabling Database Management for HeatWave DB systems in Database Management, you must belong to a user group in your tenancy with the required permissions on one of the following Database Management resource-types to view the work requests generated during the enablement process:
dbmgmt-work-requests: This resource-type allows a user group to monitor the work requests generated when Database Management is being enabled.dbmgmt-mysql-family: This aggregate resource-type includes the individual Database Management resource-types for HeatWave and External MySQL and allows a user group to perform tasks such as monitoring work requests and using Database Management.
Here's an example of the policy that grants the
DB-MGMT-MYSQL-ADMIN user group the permission to monitor the
work requests generated when Diagnostics & Management is enabled:
Allow group DB-MGMT-MYSQL-ADMIN to read dbmgmt-work-requests in tenancyFor more information on Database Management resource-types and permissions, see Policy Details for Database Management.