Securing Data Catalog
Oracle Cloud Infrastructure Data Catalog provides a collaborative data discovery and governance solution in accordance with industry-leading security best practices.
- Assign least privilege access for IAM users and groups to resource types in
- To minimize loss of data due to inadvertent deletes by an authorized user or malicious deletes, Oracle recommends to giving
CATALOG_DELETEpermission to a minimum possible set of IAM users and groups. Give
CATALOG_DELETEpermissions only to tenancy and compartment admins.
- To protect your data sources from any security vulnerability, provide credentials to read-only accounts only. Data Catalog only needs read access to harvest data assets.
Security Policy Examples
Prevent Delete of Data Catalogs
Create this policy to allow group
DataCatalogUsers to perform all actions on data catalogs, except deleting them.
Allow group DataCatalogUsers to manage data-catalog-family in tenancy where request.permission!='CATALOG_DELETE'
For more information on creating policies, see Data Catalog Policies.