Add legacy AI, RAG vector and Data Safe audit scenarios
Some checks failed
Repo Quality / structure (push) Has been cancelled

This commit is contained in:
Rodrigo Pace
2026-05-08 12:21:47 -03:00
parent 5cd8752a90
commit 703e072682
37 changed files with 686 additions and 23 deletions

View File

@@ -0,0 +1,11 @@
WHENEVER SQLERROR EXIT SQL.SQLCODE
CREATE TABLE dds_audit_payments (
payment_id NUMBER GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
customer_name VARCHAR2(100) NOT NULL,
country VARCHAR2(40) NOT NULL,
payment_amount NUMBER(12,2) NOT NULL,
card_token VARCHAR2(80),
risk_flag VARCHAR2(20) NOT NULL
);

View File

@@ -0,0 +1,13 @@
WHENEVER SQLERROR EXIT SQL.SQLCODE
INSERT INTO dds_audit_payments (customer_name, country, payment_amount, card_token, risk_flag)
VALUES ('Acme Brasil', 'Brazil', 15000, 'tok_live_001', 'HIGH');
INSERT INTO dds_audit_payments (customer_name, country, payment_amount, card_token, risk_flag)
VALUES ('Varejo Sol', 'Brazil', 3500, 'tok_live_002', 'LOW');
INSERT INTO dds_audit_payments (customer_name, country, payment_amount, card_token, risk_flag)
VALUES ('Northwind US', 'USA', 48000, 'tok_live_003', 'HIGH');
COMMIT;

View File

@@ -0,0 +1,14 @@
WHENEVER SQLERROR EXIT SQL.SQLCODE
CREATE USER dds_audit_analyst IDENTIFIED BY "Welcome1_Audit!" ACCOUNT UNLOCK;
GRANT CREATE SESSION TO dds_audit_analyst;
CREATE END USER auditor IDENTIFIED BY "Welcome1_DDS!";
CREATE END USER payment_operator IDENTIFIED BY "Welcome1_DDS!";
CREATE DATA ROLE audit_read_role;
CREATE DATA ROLE payment_operator_role;
GRANT DATA ROLE audit_read_role TO auditor;
GRANT DATA ROLE payment_operator_role TO payment_operator;

View File

@@ -0,0 +1,15 @@
WHENEVER SQLERROR EXIT SQL.SQLCODE
CREATE OR REPLACE DATA GRANT audit_payments_read_all
AS SELECT
ON dds_audit_payments
TO audit_read_role;
CREATE OR REPLACE DATA GRANT audit_payments_operator
AS SELECT (payment_id, customer_name, country, payment_amount, risk_flag)
ON dds_audit_payments
WHERE country = 'Brazil'
TO payment_operator_role;
SET USE DATA GRANTS ONLY ON dds_audit_payments ENABLED;

View File

@@ -0,0 +1,11 @@
WHENEVER SQLERROR EXIT SQL.SQLCODE
CREATE AUDIT POLICY dds_payments_select_policy
ACTIONS SELECT ON dds_audit_payments;
CREATE AUDIT POLICY dds_security_admin_policy
ACTIONS CREATE USER, ALTER USER, DROP USER, CREATE ROLE, DROP ROLE, GRANT, REVOKE;
AUDIT POLICY dds_payments_select_policy;
AUDIT POLICY dds_security_admin_policy;

View File

@@ -0,0 +1,22 @@
SET PAGESIZE 100
SET LINESIZE 220
PROMPT Generate auditable activity.
SELECT payment_id, customer_name, country, payment_amount, card_token, risk_flag
FROM dds_audit_payments
ORDER BY payment_id;
PROMPT Review local audit trail. Data Safe should collect equivalent activity after target auditing is enabled.
SELECT event_timestamp,
dbusername,
action_name,
object_schema,
object_name,
unified_audit_policies
FROM unified_audit_trail
WHERE object_name = 'DDS_AUDIT_PAYMENTS'
ORDER BY event_timestamp DESC
FETCH FIRST 20 ROWS ONLY;

View File

@@ -0,0 +1,27 @@
BEGIN EXECUTE IMMEDIATE 'NOAUDIT POLICY dds_payments_select_policy'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'NOAUDIT POLICY dds_security_admin_policy'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'DROP AUDIT POLICY dds_payments_select_policy'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'DROP AUDIT POLICY dds_security_admin_policy'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'SET USE DATA GRANTS ONLY ON dds_audit_payments DISABLED'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'DROP DATA GRANT audit_payments_read_all'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'DROP DATA GRANT audit_payments_operator'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'DROP TABLE dds_audit_payments PURGE'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'DROP USER dds_audit_analyst CASCADE'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'DROP DATA ROLE audit_read_role'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'DROP DATA ROLE payment_operator_role'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'DROP END USER auditor'; EXCEPTION WHEN OTHERS THEN NULL; END;
/
BEGIN EXECUTE IMMEDIATE 'DROP END USER payment_operator'; EXCEPTION WHEN OTHERS THEN NULL; END;
/