Permissions to Discover Sensitive Data

A tenancy administrator can grant permissions on specific Data Discovery resources in specified compartments in Oracle Cloud Infrastructure Identity and Access Management to allow a user group to perform certain tasks.

Here are some examples.

Example 2-9 Run data discovery jobs (create sensitive data models)

allow group <user-group> to manage data-safe-sensitive-data-models in compartment <compartment-name>
allow group <group-name> to read target-databases in compartment <compartment-name>

Example 2-10 Run incremental data discovery jobs on target databases

allow group <user-group> to manage data-safe-discovery-jobs in compartment <compartment-name>
allow group <user-group> to read data-safe-sensitive-data-models in compartment <compartment-name>
allow group <user-group> to read data-safe-work-requests in compartment <compartment-name>

Example 2-11 Create sensitive types

allow group <user-group> to manage data-safe-sensitive-types in compartment <compartment-name>

Example 2-12 Perform all tasks in Data Discovery

allow group <user-group> to manage data-safe-discovery-family in compartment <compartment-name>