The Datapump concept in Oracle database is very much useful for different usecases like taking backup, migrating the database from on-prem to cloud and more. Another advantage is it can directly push the dump into the OCI Object Storage
If we want to upload the dump into OCI object storage, we can use different authentication mechanism like authToken, basic credential based authentication, Resource Principal based authentication.
In this post, we will see how we can enable the resource principal and in particular how we can grant necessary roles to the non admin database user
EXEC DBMS_CLOUD_ADMIN.ENABLE_RESOURCE_PRINCIPAL();
EXEC DBMS_CLOUD_ADMIN.ENABLE_RESOURCE_PRINCIPAL(username => 'USER1');
However if we want non-admin user to enable the resource principal for USER1 then the following needs to be granted to that non-admin user
GRANT EXECUTE ON DBMS_CLOUD_ADMIN TO PROXY_ADMIN_USER;
EXEC DBMS_CLOUD_ADMIN.enable_resource_principal(username => 'PROXY_ADMIN_USER');
GRANT EXECUTE ON ADMIN.OCI$RESOURCE_PRINCIPAL TO PROXY_ADMIN_USER WITH GRANT OPTION;
References:
https://www.oreilly.com/library/view/oracle-database-administration/1565925165/ch06s01s05s01.html
No comments:
Post a Comment