Groups in Oracle Data Safe require privileges so that they can access and utilize resources and features in Oracle Data Safe. On the Security tab in the Oracle Data Safe Console, an Oracle Data Safe administrator can create authorization policies that define which groups can access each resource group. There is one authorization policy per resource group. In the policy, each group is assigned a privilege of
none for each of the four main Oracle Data Safe feature categories. An instance administrator cannot create more privileges.
The main feature categories are as follows:
- Assessment (includes User Assessment and Security Assessment features)
- Discovery and Masking (includes Data Discovery and Data Masking features)
- Activity Auditing
The following table describes the privileges in Oracle Data Safe.
|Privileges in Oracle Data Safe||More Information|
|The group has no privilege||
The group can read the list of resources for a feature.
The group can create, read, update, delete, and delegate feature-related resources.
A group that does not have permission to
inspectgroups in a tenancy cannot configure authorization policies in Oracle Data Safe, even if the group is granted the
managepermission for a feature in Oracle Data Safe.