Analytics for Data Resources
You can review information about data security policies that grant access to a data resource, or about roles and users granted access to that resource.
-
On the Analytics page, click the Database Resources tab.
-
Select the resource that you want to review in the Data Resource field.
-
Click Go.
Results are presented in three tables.
Data Security Policies
The Data Security Policies table documents policies that grant access to the selected data resource.
Each row documents a policy, specifying by default:
-
The data privileges that it grants.
-
The condition that defines how data is selected from the data resource.
-
The policy name and description.
-
A role that includes the policy.
For any given policy, this table might include multiple rows, one for each role in which the policy is used.
Authorized Roles
The Authorized Roles table documents roles with direct or indirect access to the selected data resource. Any given role might include the following:
-
One or more data security policies that grant access to the data resource. The Authorized Roles table includes one row for each policy belonging to the role.
-
Inherit access to the data resource from one or more roles in its hierarchy. The Authorized Roles table includes one row for each inheritance.
By default, each row specifies the following:
-
The name of the role it documents.
-
The name of a subordinate role from which access is inherited, if any. (If the row documents access provided by a data security policy assigned directly to the subject role, this cell is blank.)
-
The data privileges granted to the role.
-
The condition that defines how data is selected from the data resource.
A role's data security policies and hierarchy might grant access to any number of data resources. However, the Authorized Roles table displays records only of access to the data resource you selected.
Authorized Users
The Authorized Users table documents users who are assigned roles with access to the selected data resource.
By default, each row specifies a user name, a role the user is assigned, the data privileges granted to the user, and the condition that defines how data is selected from the data resource. For any given user, this table might include multiple rows, one for each grant of access by a data security policy belonging to, or inherited by, a role assigned to the user.
Manipulating the Results
In any of these three tables, you can do the following actions:
-
Add or remove columns. Select View - Columns.
-
Search among the results. Select View - Query by Example to add a search field on each column in a table.
-
Export results to a spreadsheet. Select the Export to Excel option available for each table.