Enhance audit evidence and Data Safe scenario
Some checks failed
Repo Quality / structure (push) Has been cancelled
Some checks failed
Repo Quality / structure (push) Has been cancelled
This commit is contained in:
@@ -14,5 +14,12 @@ GRANT CREATE SESSION TO audit_session_role;
|
||||
GRANT audit_session_role TO audit_read_role;
|
||||
GRANT audit_session_role TO payment_operator_role;
|
||||
|
||||
-- Vulnerable baseline: this broad legacy role simulates an operational payment
|
||||
-- application that grants direct table access before DDS is enforced.
|
||||
CREATE ROLE audit_legacy_broad_access_role;
|
||||
GRANT SELECT ON dds_audit_payments TO audit_legacy_broad_access_role;
|
||||
GRANT audit_legacy_broad_access_role TO audit_read_role;
|
||||
GRANT audit_legacy_broad_access_role TO payment_operator_role;
|
||||
|
||||
GRANT DATA ROLE audit_read_role TO auditor;
|
||||
GRANT DATA ROLE payment_operator_role TO payment_operator;
|
||||
|
||||
Reference in New Issue
Block a user