Permission to Access all Resources of an Oracle Data Safe Feature

You can use an Oracle Data Safe family resource to quickly grant a user group permission on all resources for a particular Oracle Data Safe feature. For example, to grant a user group permission to perform all tasks in Data Masking, grant the user group the manage permission on the data-safe-masking-family resource. Family resources that pertain to specific features include data-safe-assessment-family (for Security Assessment and User Assessment), data-safe-discovery-family (for Data Discovery), data-safe-masking-family (for Data Masking), data-safe-alert-family (for Alerts), data-safe-audit-family (for Activity Auditing), and data-safe-family (for all features).

To grant a user group permission to access an Oracle Data Safe feature, create a policy in Oracle Cloud Infrastructure Identity and Access Management (IAM) that allows the group to either list, read, use, or manage resources for the feature.

Here are two examples:

• Example 1: To allow a group to list and view details for all resources for a particular Oracle Data Safe family in a specific compartment, write the policy statement the following way:

  allow group <group-name> to read <data-safe-family-name> in compartment <compartment-name>

• Example 2: To allow a group to perform any and all tasks related to a Oracle Data Safe feature in a specific compartment, write the policy statement the following way:

  allow group <group-name> to manage <data-safe-family-name> in compartment <compartment-name>