Datical DB provides an Oracle only feature that gives DBAs the ability to specify object-level permission schemes. These schemes are automatically applied and enforced on every deployment. This ensures that object permissions are consistent and correct across all databases.
Define permission schemes:
- Specify permission schemes for one or more roles or schemas
- Specify a permission scheme based on types of objects or specific objects – for instance, "All new tables created should have READ/WRITE access for the application user"
- Specify exceptions to an object's permission schemes for edge cases where an individual table, view or other object should be handled differently
Deploy permission schemes:
- Validate and update database object permissions every time you deploy to a database
- Revoke permissions that were applied outside of the standard deployment process if they conflict with your defined permission schemes, eliminating the threat of unauthorized access
- Report on all permission changes including any out-of-process permission changes that violate the defined permission schemes