Common Resources
The following resources are optional for multiple Oracle Data Safe features.
data-safe Resource
The data-safe resource represents the global settings for paid usage and audit data retention for Oracle Data Safe.
The following table describes the permissions available for the data-safe resource.
| Permission | Description |
|---|---|
read or use |
The user group can view global settings for paid usage and details for audit data retention. |
manage |
The user group can set global settings for paid usage and audit data retention. |
data-safe-report-definitions Resource
The data-safe-report-definitions resource represents
Oracle predefined and custom Activity Auditing and Alert reports.
The following table describes the permissions available for the
data-safe-report-definitions resource.
| Permission | Description |
|---|---|
inspect |
The user group can list Oracle predefined and custom Activity Auditing and Alert reports. |
read or use |
The user group can list and view details for Oracle predefined and custom Activity Auditing and Alert reports. |
manage |
The user group can perform all tasks with Oracle predefined and custom Activity Auditing and Alert reports, including the following:
|
data-safe-reports Resource
The data-safe-reports resource represents generated PDF
and XLS reports. This resource applies only to Oracle predefined and custom Activity
Auditing and Alert reports.
The following table describes the permissions available for the
data-safe-reports resource.
| Permission | Description |
|---|---|
inspect |
The user group can list generated PDF and XLS reports. |
read or use |
The user group can list and view details for generated PDF and XLS reports. |
manage |
The user group can perform the following tasks with generated PDF and XLS reports:
|
data-safe-work-requests Resource
The data-safe-work-requests resource represents all the work requests that correspond to Oracle Data Safe in Oracle Cloud Infrastructure. For example, when a user creates an Oracle Data Safe private endpoint or generates a comparison report in Security Assessment, Oracle Data Safe issues a work request.
Note:
read permission on the data-safe-work-requests resource is required for a user to be able to set baselines and compare assessments in User Assessment and Security Assessment.
The information about the work request is available through Oracle Data Safe 's API. For more information about the API, see WorkRequest Reference.
The following table describes the permissions available for the data-safe-work-requests resource.
| Permission | Description |
|---|---|
inspect |
The user group can list Oracle Data Safe work requests without access to any confidential information or user-specific metadata that may be part of the work request. |
read or use |
The user group has inspect permission plus can do the following:
|
manage |
The user group has all permissions on Oracle Data Safe work requests (create, update, move, and so on). |
Example 2-8 Allow a user group to compare assessments in Security Assessment
The following policy statements allow a user group named
IT-Security to compare security assessments in the compartment
named Info-Tech.
allow group IT-Security to manage security-assessments in compartment Info-Tech
allow group IT-Security to read data-safe-work-requests in compartment Info-Techdata-safe-attribute-sets Resource
The data-safe-attribute-sets resource represents
attribute sets which can be used throughout Data Safe.
The following table describes the permissions available for the
data-safe-attribute-sets resource.
| Permission | Description |
|---|---|
inspect |
The user group can list attribute set resources in the specified compartment. |
read or use |
The user group can list and view all the properties of attribute set resources in the compartment. |
manage |
The user group can create, update, delete, list, view all the properties and move (to another compartment) attribute set resources in the compartment. |