When you create an Amazon RDS for Oracle DB instance, the default master user has most of the maximum user permissions on the DB instance. Use the master user account for any administrative tasks, such as creating additional user accounts in your database. Because RDS is a managed service, you aren't allowed to log in as SYS and SYSTEM, and thus don't have SYSDBA privileges.
In the database, a role is a collection of privileges that you can grant to or revoke from a user. An Oracle database uses roles to provide security. For more information, see Configuring Privilege and Role Authorization in the Oracle Database documentation.
The predefined role DBA normally allows all administrative privileges on an Oracle database. When you create a DB instance, your master user account gets DBA privileges (with some limitations). To deliver a managed experience, an RDS for Oracle database doesn't provide the following privileges for the DBA role:
ALTER DATABASE
ALTER SYSTEM
CREATE ANY DIRECTORY
DROP ANY DIRECTORY
GRANT ANY PRIVILEGE
GRANT ANY ROLE
For more RDS for Oracle system privilege and role information, see Master user account privileges.
How to manage privileges on SYS objectsYou can manage privileges on SYS objects by using the rdsadmin.rdsadmin_util package. For example, if you create the database user myuser, you could use the rdsadmin.rdsadmin_util.grant_sys_object procedure to grant SELECT privileges on V_$SQLAREA to myuser. For more information, see the following topics:
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4