Database Reference
In-Depth Information
Figure 4-13.
Resource allocation
6.
Click Next. On the following screen, review the administrator creation. Then click Finish.
Creating a Role for Access Control
Once you have your administrator accounts set up correctly and have tested login access for the users themselves,
you should use Enterprise Manager roles to configure role-based access control. On the Role Management home
page, you will see the built-in EM12c roles and the various management operations that you can carry out.
A
role
is a named set of privileges, both on targets and on Enterprise Manager functionality. Thus, a role could
define, for example, the rights necessary to manage a particular target type, or to perform an Enterprise Manager
operation such as requesting a new self-service database. In addition, roles can contain other roles. Role design
is, therefore, a core part of any effective Cloud Control deployment, but will be dependent on the specifics of your
enterprise.
You will walk through an example by creating a database administrator role that will have rights appropriate for
this job role. You can follow along in the next exercise. As you will see, the wizard allocates privileges in the following
order: Roles, Target, Resource.
â–
In general, try to define roles that match job roles or tasks in your organization. In addition, use an appropriate
naming convention—for example, you might use the lDap directory group names that define your operating system
security.
Tip
