Guideline for Securing Store Topology

All Oracle NoSQL Database users will be granted a default role public, which cannot be revoked.

Authenticated applications using Oracle NoSQL Database Java direct driver will keep a memory copy of the current topology of the database store for dispatching requests to the right node in the store. All database users can view the content of the current topology of the database store. A topology in Oracle NoSQL Database has the basic information about store layout including zones, storage nodes, shards, replication nodes, and administrative services, as well as hostnames and registry ports of each storage node. For more information on topologies see topologies in the Concepts Guide.

If there is a security and compliance requirement that the access of topology information must be limited to a certain group of users, applications should access Oracle NoSQL Database through Oracle NoSQL Database Proxy using various Oracle NoSQL Database Drivers instead of Java direct driver. For more information on Oracle NoSQL Database Drivers, see Oracle NoSQL Database Drivers in Developer's Guide. Oracle NoSQL Database Proxy should be deployed as an intermediary between applications and Oracle NoSQL Database store in this case. For more information on the Oracle NoSQL Database Proxy, see Oracle NoSQL Database Proxy in the Administrator's Guide.