Permissions to Register an Autonomous AI Database with Oracle Data Safe

To register an Autonomous AI Database with Oracle Data Safe, a user group requires permissions in Oracle Cloud Infrastructure Identity and Access Management (IAM) to do the following:

• Access the Autonomous AI Database: The user group requires at least the use permission on the autonomous-database resource in Oracle Cloud Infrastructure, for example:

  allow group <group-name> to use autonomous-database in compartment <compartment-name>

• Register a target database with Oracle Data Safe: The user group requires the manage permission on the target-databases resource, for example:

  allow group <group-name> to manage target-databases in compartment <compartment-name>

• For an Autonomous AI Database that has a private IP address: The user group requires at least the use permission on an Oracle Data Safe private endpoint and on the underlying virtual networking resources of the private endpoint for the relevant compartments. For example, the following statements allow a group to create a private endpoint:

  allow group <group-name> to manage data-safe-private-endpoints in compartment <compartment-name>
  allow group <group-name> to manage virtual-network-family in compartment <compartment-name>

  If the group already has an Oracle Data Safe private endpoint and wants to reuse it, then replace manage with use in the statements above.

For more information about the resources and their permissions, see OCI Resources for Oracle Data Safe.