Oracle by Example brandingAdminister Roles Using EM Express

section 0Before You Begin

This 10-minute tutorial shows you how to use Enterprise Manager Express to create and manage roles.

Select the Oracle Database release:

Background

In most systems, it is time-consuming and error-prone to grant necessary privileges to each user individually. Oracle software provides for easy and controlled privilege management through roles. Roles are named groups of related privileges that are granted to users or to other roles. Roles are designed to ease the administration of privileges in the database and, therefore, improve security. 

What Do You Need?

  • Oracle Database 18c19c

    Note:Starting with Oracle Database 19c, Oracle EM Express, the default management option for Oracle Database, is based on Java JET technology. Currently, only the Performance menu is available in the 19c JET version. Therefore, we are using the 18c Flash Oracle EM Express in our tutorials. Use the following command to revert to Flash Oracle EM Express:

     SQL> @?/rdbms/admin/execemx emx

    To return to 19c JET Oracle EM Express, use the following command:

     SQL> @?/rdbms/admin/execemx omx

section 1View Roles

  1. Enter the URL for the Enterprise Manager Database Express for PDB in your browser and log in as the SYSTEM user.
    Description of sample-image-1.png follows
    Description of the illustration a1
  2. Select Roles in the Security menu.
    Description of sample-image-1.png follows
    Description of the illustration a2
    Note: If you log in as the Enterprise Manager Database Express for CDB, you will not see Profiles in the Security menu.
  3. The Roles page is displayed.
    Description of sample-image-1.png follows
    Description of the illustration a3
  4. To view the privileges granted to a role, select a role of interest. The CONNECT role is selected in this example. Click View Details in the Actions menu.
    Description of sample-image-1.png follows
    Description of the illustration a4
  5. The Privileges & Roles tab shows the system privileges and roles granted to the CONNECT role. Click the Object Privileges tab.
    Description of sample-image-1.png follows
    Description of the illustration a5
  6. The Object Privileges tab shows the object privileges granted to the role. There are no object privileges granted to the CONNECT role.
    Description of sample-image-1.png follows
    Description of the illustration a6
  7. Click ORCL / ORCLPDB to return to the Database Home page.

section 2Create a Role

  1. Select Roles in the Security menu.
    Description of sample-image-1.png follows
    Description of the illustration b1
  2. Click Create Role.
  3. Enter a name such as appdev for the role. Click the right arrow.
    Description of sample-image-1.png follows
    Description of the illustration b3
  4. Select the privileges to grant to the role by selecting the privilege name and clicking the right arrow. Select CREATE PROCEDURE, CREATE SEQUENCE, CREATE SYNONYM, CREATE TABLE, CREATE TRIGGER, and CREATE VIEW.
  5. Select "With Admin" for each privilege. Click OK.
    Description of sample-image-1.png follows
    Description of the illustration b5
  6. Click OK on the Confirmation page.
    Description of sample-image-1.png follows
    Description of the illustration b6
  7. The new APPDEV role is displayed on the Roles page.
    Description of sample-image-1.png follows
    Description of the illustration b5
  8. Click ORCL / ORCLPDB to return to the Database Home page.

setion 3 Modify a Role

  1. Select Roles in the Security menu.
    Description of sample-image-1.png follows
    Description of the illustration c1
  2. Select the role to modify. In this example, the APPDEV role is modified. Select "Alter Privileges & Roles" in the Actions menu.
    Description of sample-image-1.png follows
    Description of the illustration c2
  3. Select the CONNECT role. Click the right arrow.
  4. Select "With Admin" for the CONNECT role. Click OK.
    Description of sample-image-1.png follows
    Description of the illustration c4
  5. Click OK on the Confirmation page. The Roles page is displayed again.
    Description of sample-image-1.png follows
    Description of the illustration c5
  6. Click ORCL / ORCLPDB to return to the Database Home page.