About Oracle NoSQL Database Cloud Service Roles

Learn about the different Oracle NoSQL Database Cloud Service roles.

When you initially subscribe to Oracle Cloud, by default, you are assigned the ACCOUNT_ADMIN_ROLE, and you become the account administrator. This role provides you with complete access to all the Oracle Cloud services, including the Oracle NoSQL Database Cloud Service. After signing in to the Oracle Cloud account, you can further create other users and assign specific roles.

Oracle NoSQL Database Cloud Service provides two level roles to users, the entitlement-level role and the table-level role. Let us learn about these roles in more detail.

Entitlement-Level Roles

Entitlement-level roles are service level roles assigned to you. Granting an entitlement-level role provides you read/write or administrator access (depending on the role granted) to all tables that exist within the entitlement.

Role Description

ANDC_FullAccessRole

With this role, you are granted with complete access to all Oracle NoSQL Database Cloud Service tables. You can:

  • Create, alter, and drop any table within the entitlement.

  • Read and write records to any table within the entitlement.

  • Create, alter, and drop indexes in any table within the entitlement.

  • Assign or revoke entitlement-level roles to other users.

Note:

To create, alter, or drop a table in Oracle NoSQL Database Cloud Service, you should also be assigned the application administrator or the identity administrator role along with the ANDC_FullAccessRole role.

ANDC_ReadOnlyRole

With this role, you can read records from any Oracle NoSQL Database Cloud Service table that is a part of the entitlement.

ANDC_ReadWriteRole

With this role, you can read and write records to any Oracle NoSQL Database Cloud Service table that is a part of the entitlement.

Table-Level Roles

Table-level roles are table-specific roles assigned to a user. With these privileges, you have specific access to perform one or more operations on a single Oracle NoSQL Database Cloud Service table.

Role Description

READ_TABLE

With this role, you can read records from a table.

READ_WRITE

This role is a superset of the READ_TABLE, INSERT_TABLE, and DELETE_TABLE roles.

INSERT_TABLE

With this role, you can insert or update records in a table.

DELETE_TABLE

With this role, you can delete records from a table.

ALTER_TABLE

With this role, you can alter the table schema.

Note:

Having the ALTER_TABLE privilege does not allow you to alter a table throughput or storage limits. Only a user with the ANDC_FullAccessRole has access to do that.

INDEX_CREATE

With this role, you can create an index on a table.

INDEX_DROP

With this role, you can drop an index from a table.

TABLE_ADMIN

This role is a superset of the ALTER_TABLE, INDEX_CREATE, and INDEX_DROP roles.

If you are an account administrator, and have signed in to Oracle NoSQL Database Cloud Service for the first time, use the Oracle Cloud Identity Console to create one or more users. See Create Users.

If you have already created users, then you can assign user roles to the Oracle NoSQL Database Cloud Service entitlement or tables by using the Identity Console. See Granting User Roles in the Identity Console.