Permission to Access all Resources of an Oracle Data Safe Feature
You can use an Oracle Data Safe family resource to quickly grant a user group permission on all resources for a particular Oracle Data Safe feature. For example, to grant a user group permission to perform all tasks in Data Masking, grant the user group the manage
permission on the data-safe-masking-family
resource. Family resources that pertain to specific features include data-safe-assessment-family
(for Security Assessment and User Assessment), data-safe-discovery-family
(for Data Discovery), data-safe-masking-family
(for Data Masking), data-safe-alert-family
(for Alerts), data-safe-audit-family
(for Activity Auditing), and data-safe-family
(for all features).
To grant a user group permission to access an Oracle Data Safe feature, create a policy in Oracle Cloud Infrastructure Identity and Access Management (IAM) that allows the group to either list
, read
, use
, or manage
resources for the feature.
Here are two examples:
-
Example 1: To allow a group to list and view details for all resources for a particular Oracle Data Safe family in a specific compartment, write the policy statement the following way:
allow group <group-name> to read <data-safe-family-name> in compartment <compartment-name>
-
Example 2: To allow a group to perform any and all tasks related to a Oracle Data Safe feature in a specific compartment, write the policy statement the following way:
allow group <group-name> to manage <data-safe-family-name> in compartment <compartment-name>