20.7.1 Grant Minimal Privileges to a User or Role for DBMS_CLOUD
For a user or role to use DBMS_CLOUD functionality, you have to grant at least minimal access privileges.
The privileges shown in the examples that follows are required for a user or role to
use DBMS_CLOUD
functionality. To make the management of the
necessary privileges easier for multiple users, Oracle recommends that you grant the
necessary privileges through a role.
Example 20-2 Granting Privileges Using a Local Role
This example script uses a local role, CLOUD_USER
, and grants
privileges to a local user, SCOTT
. You can modify this script as
needed for your PDB environment, and run the script within your pluggable database
as a privileged administrator (for example, SYS
or
SYSTEM
).
set verify off
-- target sample role
define userrole='CLOUD_USER'
-- target sample user
define username='SCOTT'
create role &userrole;
grant cloud_user to &username;
REM the following are minimal privileges to use DBMS_CLOUD
REM - this script assumes core privileges
REM - CREATE SESSION
REM - Tablespace quota on the default tablespace for a user
REM for creation of external tables, e.g. DBMS_CLOUD.CREATE_EXTERNAL_TABLE()
grant CREATE TABLE to &userrole;
REM for using COPY_DATA()
REM - Any log and bad file information is written into this directory
grant read, write on directory DATA_PUMP_DIR to &userrole;
REM grant as you see fit
grant EXECUTE on dbms_cloud to &userrole;
grant EXECUTE on dbms_cloud_pipeline to &userrole;
grant EXECUTE on dbms_cloud_repo to &userrole;
grant EXECUTE on dbms_cloud_notification to &userrole;
Example 20-3 Granting Privileges to an Individual User
You can choose to grant DBMS_CLOUD privileges to an individual user. In this example
script, privileges are granted to local user SCOTT
. You can modify
this script as needed for your PDB environment.
set verify off
-- target sample user
define username='SCOTT'
REM the following are minimal privileges to use DBMS_CLOUD
REM - this script assumes core privileges
REM - CREATE SESSIONREM - Tablespace quota on the default tablespace for a user
REM for creation of external tables, e.g. DBMS_CLOUD.CREATE_EXTERNAL_TABLE()
grant CREATE TABLE to &username;
REM for using COPY_DATA()
REM - Any log and bad file information is written into this directory
grant read, write on directory DATA_PUMP_DIR to &username;
REM grant as you see fit
grant EXECUTE on dbms_cloud to &username;
grant EXECUTE on dbms_cloud_pipeline to &username;
grant EXECUTE on dbms_cloud_repo to &username;
grant EXECUTE on dbms_cloud_notification to &username;
Parent topic: Configuring Users or Roles to use DBMS_CLOUD