Add IAM Roles on Autonomous Database
Optionally, create global roles to provide additional database roles and privileges to IAM users when multiple IAM users are mapped to the same shared global user.
The use of global roles is optional when using either an exclusive IAM mapping to user (schema) or shared user mapping on Autonomous Database. For example, all privileges and roles can be granted to the shared schema and all IAM users who map to the shared schema would be granted the privileges and roles assigned to the shared schema.
You can use a global role to optionally differentiate users who use the same shared
schema. For example, a set of users can all have the same shared schema and the shared
schema could have the CREATE SESSION
privilege. Then global roles can
be used to provide differentiated privileges and roles assigned to different groups of
users who all use the same shared schema.
Granting additional roles to IAM users in Autonomous Database works by mapping Autonomous Database global roles to IAM groups.
To map Autonomous Database global roles to IAM groups:
If you want to add additional global role mappings for other IAM groups, follow these steps for each IAM group.