SurendranathKS

Tech Tip : Authorizations for the Oracle database - a justification

Discussion created by SurendranathKS Employee on Nov 5, 2014
Latest reply on Feb 5, 2015 by limro02

The Capacity Command Center database user requires the following permissions:

• READ access to Oracle dictionary objects, including user_table and dual.

• CONNECT, ANALYZE ANY, CREATE VIEW, CREATE JOB, and RESOURCE privileges to the CCC database user name.

• EXECUTE permission on the DBMS_RANDOM package.

• EXECUTE permission for the DBMS_XMLGEN package.

• EXECUTE permission for the DBMS_OUTPUT package.

• EXECUTE permission on the DBMS_SCHEDULER package.

 

Please find below the justification for each permissions

 

READ access to Oracle dictionary objects, including user_table and dual : We need this because we look at some of the meta tables in Oracle while creating objects. Dual is used in lot of queries to get static content

 

CONNECT, ANALYZE ANY, CREATE VIEW, CREATE JOB, and RESOURCE privileges to the CCC database user name : We create tables, views,  execute packages , creates dbms_scheduler jobs etc as part of data management. Hence we need these privileges for the objects in
our schema

 

EXECUTE permission on the DBMS_RANDOM package : We use this package to generate random numbers. Hence we need this.

 

EXECUTE permission for the DBMS_XMLGEN package : We create hierarchical XML structure of group definitions we store when we pass on this information to CCR. Hence we need this.

    

EXECUTE permission for the DBMS_OUTPUT package :  Used for printing messages for debug purposes

 

EXECUTE permission on the DBMS_SCHEDULER package : Used to create jobs that runs in the background such as purge job of staging tables.

Outcomes