Stratégies pour Oracle Autonomous Database
Indique comment autoriser la récupération après sinistre à gérer les bases de données du service Oracle Autonomous Database, telles qu'Oracle Autonomous Database Serverless et Autonomous Database on Dedicated Exadata Infrastructure (base de données Conteneur Autonomous), qui font partie de la pile d'applications.
Stratégies à configurer à l'aide du principal de ressource
For Member Type: AUTONOMOUS_DATABASE
Allow dynamic-group <Dynamic_group_Name> to manage autonomous-database-family in compartment <compartment_name>
Allow dynamic-group <Dynamic_group_Name> read vaults in compartment <compartment_name>
Allow dynamic-group <Dynamic_group_Name> read secret-family in compartment <compartment_name>
For Member Type: AUTONOMOUS_CONTAINER_DATABASE
Allow dynamic-group <Dynamic_group_Name> to manage autonomous-database-family in compartment <compartment_name>
Allow dynamic-group <Dynamic_group_Name> to update cloud-autonomous-vmclusters in compartment <compartment_name>
Allow dynamic-group <Dynamic_group_Name> to update autonomous-vmclusters in compartment <compartment_name>
Allow dynamic-group <Dynamic_group_Name> to update autonomousContainerDatabaseDataguardAssociations in compartment <compartment_name>Stratégies à configurer à l'aide de l'authentification utilisateur
Allow group group_name to manage autonomous-database-family in compartment compartment_nameVoici un exemple de stratégie plus restrictive qui permet à la récupération après sinistre d'effectuer uniquement des opérations de permutation et de basculement sur les bases de données autonomes :
Allow group group_name to update autonomous-databases in compartment compartment_namePour plus d'informations sur les stratégies IAM (Identity and Access Management) pour Oracle Autonomous Database, reportez-vous à Détails du service Database.
Pour Autonomous Database sans serveur :
Allow group group_name to update AutonomousDatabaseDataguardAssociation in compartment
compartment_namePour Autonomous Database on Dedicated Exadata Infrastructure (base de données Conteneur Autonomous) :
Allow group group_name to manage autonomous-database-family in compartment compartment_name
Allow group group_name to update cloud-autonomous-vmclusters in compartment compartment_name
Allow group group_name to update autonomous-vmclusters in compartment compartment_name
Allow group group_name to update autonomousContainerDatabaseDataguardAssociations in compartment compartment_name