Creating role analysis policy
In this recipe, you'll create a role analysis policy using SQL*Plus and Enterprise Manager Cloud Control 12c (EM). The usage of directly and indirectly granted privileges to the roles listed in the policy, will be captured if the roles are active for the session.
Getting ready
You'll need an existing user who can create a privilege analysis policy (has a CAPTURE_ADMIN
role and a SELECT ANY DICTIONARY
privilege), for example, SYSTEM
user.
How to do it...
- Connect to the database as system or a user who has appropriate privileges:
$ sqlplus system
- Create a privilege analysis policy that captures all the used privileges granted through roles
DBA
andP1_ROLE
:SQL> BEGIN SYS.DBMS_PRIVILEGE_CAPTURE.CREATE_CAPTURE( name => '<policy_name>', ...
Get Oracle Database 12c Security Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.