SQL Firewall Resources
An administrator in Oracle Cloud Infrastructure Identity and Access Management (IAM) can grant permissions as needed on the following SQL Firewall resources.
data-safe-sql-firewall-family
Resource
The data-safe-sql-firewall-family
resource represents all Oracle Data
Safe resources that pertain to SQL Firewall. The resources are as follows:
Common resources for which information can be found in the Administering Oracle Data Safe guide:
- data-safe
- data-safe-private-endpoints
- onprem-connectors
- data-safe-work-requests
- target-databases
- data-safe-audit-policies
- data-safe-reports
- data-safe-report-definitions
- data-safe-attribute-sets Resource
SQL Firewall resources:
- data-safe-database-security-configs
- data-safe-security-policies
- data-safe-security-policy-deployments
- data-safe-sql-collections
- data-safe-sql-firewall-policies
- data-safe-sql-firewall-allowed-sqls
- data-safe-sql-firewall-violations
The following table describes the permissions that you can assign to a group for the
data-safe-sql-firewall-family
resource.
Permission | Description |
---|---|
inspect |
The user group can list all SQL Firewall resources in a specified compartment. |
read or use |
The user group can list and view properties for all SQL Firewall resources in a specified compartment |
manage |
The user group can do the following:
|
data-safe-database-security-configs
Resource
The data-safe-database-security-configs
resource represents security
configurations for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-database-security-configs
resource.
Permission | Description |
---|---|
inspect |
The user group can list database security configurations. |
read or use |
The user group can list and view details for database security configurations. |
manage |
The user group can list, view details for, update, and move (to another compartment) database security configurations. |
data-safe-security-policies
Resource
The data-safe-security-policies
resource represents the security
policies for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-security-policies
resource.
Permission | Description |
---|---|
read or use |
The user group can list and view details for database security policies. |
inspect |
The user group can list database security policies. |
manage |
The user group can list, view details for, create, update, delete, and move (to another compartment) database security policies. |
data-safe-security-policy-deployments
Resource
The data-safe-security-policy-deployments
resource represents the state
of the deployment of a security policy on a target. This resource provides mapping for
all target databases to all security policies, such as a SQL Firewall policy.
The following table describes the permissions available for the
data-safe-security-policy-deployments
resource.
Permission | Description |
---|---|
inspect |
The user group can list database security policy deployments. |
read or use |
The user group can list and view details for database security policy deployments. |
manage |
The user group can list, view details for, create, update, refresh, deploy, delete, and move (to another compartment) database security policy deployments. |
data-safe-sql-collections
Resource
The data-safe-sql-collections
resource represents the SQL collections
for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-sql-collections
resource.
Permission | Description |
---|---|
inspect |
The user group can list the SQL collections. |
read or use |
The user group can list and view details for the SQL collections. |
manage |
The user group can list, view details for, create, update, delete, and move (to another compartment) the SQL collections. |
data-safe-sql-firewall-policies
Resource
The data-safe-sql-firewall-policies
resource represents the SQL Firewall
policies for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-sql-firewall-policies
resource.
Permission | Description |
---|---|
inspect |
The user group can list the SQL Firewall policies. |
read or use |
The user group can list and view details for the SQL Firewall policies. |
manage |
The user group can list, view details for, create, update, delete, and move (to another compartment) the SQL Firewall policies. |
data-safe-sql-firewall-allowed-sqls
Resource
The data-safe-sql-firewall-allowed-sqls
resource represents the list of
allowed SQL statements for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-sql-firewall-allowed-sqls
resource.
Permission | Description |
---|---|
inspect |
The user group can list the allowed SQL statements. |
read |
The user group can list and view details for the allowed SQL statements. |
data-safe-sql-firewall-violations
Resource
The data-safe-sql-firewall-violations
resource represents the SQL and
context violations for target databases in SQL Firewall.
The following table describes the permissions available for the
data-safe-sql-firewall-violations
resource.
Permission | Description |
---|---|
inspect |
The user group can list the SQL and context violations. |
read |
The user group can list and view details for the SQL and context violations. |