SQL Firewall Resources
An administrator in Oracle Cloud Infrastructure Identity and Access Management (IAM) can grant permissions as needed on the following SQL Firewall resources.
data-safe-sql-firewall-family
Resource
The data-safe-sql-firewall-family
resource represents all Oracle Data
Safe resources that pertain to SQL Firewall. The resources are as follows:
Common resources for which information can be found in the Administering Oracle Data Safe guide:
data-safe
data-safe-private-endpoints
onprem-connectors
data-safe-work-requests
target-databases
data-safe-audit-policies
data-safe-reports
data-safe-report-definitions
SQL Firewall resources:
data-safe-database-security-configs
data-safe-security-policies
data-safe-security-policy-deployments
data-safe-sql-collections
data-safe-sql-firewall-policies
data-safe-sql-firewall-allowed-sqls
data-safe-sql-firewall-violations
The following table describes the permissions that you can assign to a group for the
data-safe-sql-firewall-family
resource.
Permission | Description |
---|---|
inspect |
The user group can list all SQL Firewall resources in a specified compartment. |
read or use |
The user group can list and view properties for all SQL Firewall resources in a specified compartment |
manage |
The user group can do the following:
|
data-safe-database-security-configs
Resource
The data-safe-database-security-configs
resource represents security
configurations for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-database-security-configs
resource.
Permission | Description |
---|---|
inspect |
The user group can list database security configurations. |
read or use |
The user group can list and view details for database security configurations. |
manage |
The user group can list, view details for, update, and move (to another compartment) database security configurations. |
data-safe-security-policies
Resource
The data-safe-security-policies
resource represents the security
policies for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-security-policies
resource.
Permission | Description |
---|---|
read or use |
The user group can list and view details for database security policies. |
inspect |
The user group can list database security policies. |
manage |
The user group can list, view details for, create, update, and move (to another compartment) database security policies. |
data-safe-security-policy-deployments
Resource
The data-safe-security-policy-deployments
resource represents the state
of the deployment of a security policy on a target. This resource provides mapping for
all target databases to all security policies, such as a SQL Firewall policy.
The following table describes the permissions available for the
data-safe-security-policy-deployments
resource.
Permission | Description |
---|---|
inspect |
The user group can list database security policy deployments. |
read or use |
The user group can list and view details for database security policy deployments. |
manage |
The user group can list, view details for, create, update, and move (to another compartment) database security policy deployments. |
data-safe-sql-collections
Resource
The data-safe-sql-collections
resource represents the SQL collections
for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-sql-collections
resource.
Permission | Description |
---|---|
inspect |
The user group can list the SQL collections. |
read or use |
The user group can list and view details for the SQL collections. |
manage |
The user group can list, view details for, create, update, delete, and move (to another compartment) the SQL collections. |
data-safe-sql-firewall-policies
Resource
The data-safe-sql-firewall-policies
resource represents the SQL Firewall
policies for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-sql-firewall-policies
resource.
Permission | Description |
---|---|
inspect |
The user group can list the SQL Firewall policies. |
read or use |
The user group can list and view details for the SQL Firewall policies. |
manage |
The user group can list, view details for, create, update, delete, and move (to another compartment) the SQL Firewall policies. |
data-safe-sql-firewall-allowed-sqls
Resource
The data-safe-sql-firewall-allowed-sqls
resource represents the list of
allowed SQL statements for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-sql-firewall-allowed-sqls
resource.
Permission | Description |
---|---|
inspect |
The user group can list the allowed SQL statements. |
read |
The user group can list and view details for the allowed SQL statements. |
data-safe-sql-firewall-violations
Resource
The data-safe-sql-firewall-violations
resource represents the SQL and
context violations for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-sql-firewall-violations
resource.
Permission | Description |
---|---|
inspect |
The user group can list the SQL and context violations. |
read |
The user group can list and view details for the SQL and context violations. |