The purpose of the SQL privileges script (
dscs_privileges.sql) is to grant or revoke access to Oracle Data Safe features for a target database. When running this script, you can specify one or more of the following features: audit collection, activity auditing, data discovery, data masking, security assessment, and user assessment.
Before you can register a target database, you need to create a least privileged user on the target database specifically for the Oracle Data Safe service and then run the SQL privileges script (
dscs_privileges.sql) to grant only the required privileges for the features that you intend to use. You can download the script during target database registration.
You can run the SQL privileges script on your target database as many times as you need. For example, suppose that in the beginning you only need to use the Activity Auditing feature in Oracle Data Safe. You can run the SQL privileges script to grant the target database access to only Activity Auditing. Later, you decide you want to use the Data Discovery feature too. You can run the SQL privileges script again on the target database to grant the database access to Data Discovery.