Service Operations Insight

  • 1.  Tech Tip : Authorizations for the Oracle database - a justification

    Posted Nov 05, 2014 05:40 AM

    The Capacity Command Center database user requires the following permissions:

    • READ access to Oracle dictionary objects, including user_table and dual.

    • CONNECT, ANALYZE ANY, CREATE VIEW, CREATE JOB, and RESOURCE privileges to the CCC database user name.

    • EXECUTE permission on the DBMS_RANDOM package.

    • EXECUTE permission for the DBMS_XMLGEN package.

    • EXECUTE permission for the DBMS_OUTPUT package.

    • EXECUTE permission on the DBMS_SCHEDULER package.

     

    Please find below the justification for each permissions

     

    READ access to Oracle dictionary objects, including user_table and dual : We need this because we look at some of the meta tables in Oracle while creating objects. Dual is used in lot of queries to get static content

     

    CONNECT, ANALYZE ANY, CREATE VIEW, CREATE JOB, and RESOURCE privileges to the CCC database user name : We create tables, views,  execute packages , creates dbms_scheduler jobs etc as part of data management. Hence we need these privileges for the objects in
    our schema

     

    EXECUTE permission on the DBMS_RANDOM package : We use this package to generate random numbers. Hence we need this.

     

    EXECUTE permission for the DBMS_XMLGEN package : We create hierarchical XML structure of group definitions we store when we pass on this information to CCR. Hence we need this.

        

    EXECUTE permission for the DBMS_OUTPUT package :  Used for printing messages for debug purposes

     

    EXECUTE permission on the DBMS_SCHEDULER package : Used to create jobs that runs in the background such as purge job of staging tables.



  • 2.  Re: Tech Tip : Authorizations for the Oracle database - a justification

    Broadcom Employee
    Posted Feb 05, 2015 08:28 AM

    Could you add to this tech-tip, by providing an Oracle SQL script that would create the user and tablespaces, with appropriate permissions?