Permission to Mask Sensitive Data

A tenancy administrator can grant permissions on specific Data Masking resources in specified compartments in Oracle Cloud Infrastructure Identity and Access Management to allow a user group to perform certain tasks.

Here are some examples.

Example 2-13 Mask sensitive data on target databases in a specified compartment using a precreated masking policy

allow group <user-group> to manage data-safe-masking-policies in compartment <compartment-name>
allow group <user-group> to manage data-safe-masking-reports in compartment <compartment-name>
allow group <user-group> to read data-safe-work-requests in compartment <compartment-name>
allow group <user-group> to read target-databases in compartment <compartment-name>

Example 2-14 Create and manage masking policies in a specified compartment

allow group <user-group> to manage data-safe-masking-policies in compartment <compartment-name>

Example 2-15 Create and manage library masking formats in a specified compartment

allow group <user-group> to manage data-safe-library-masking-formats in compartment <compartment-name>