Improve shared app account scenario
Some checks failed
Repo Quality / structure (push) Has been cancelled
Some checks failed
Repo Quality / structure (push) Has been cancelled
This commit is contained in:
@@ -14,5 +14,11 @@ GRANT shared_app_session_role TO latam_manager_role;
|
||||
GRANT DATA ROLE seller_role TO alice;
|
||||
GRANT DATA ROLE latam_manager_role TO bruno;
|
||||
|
||||
CREATE USER dds_app IDENTIFIED BY "Welcome1_DDS_App!" ACCOUNT UNLOCK;
|
||||
CREATE USER dds_app IDENTIFIED BY "AppPool#2026Lab!" ACCOUNT UNLOCK;
|
||||
GRANT CREATE SESSION TO dds_app;
|
||||
|
||||
-- Vulnerable baseline: this broad legacy role simulates a shared application
|
||||
-- account or connection pool that can query the full table before DDS is enforced.
|
||||
CREATE ROLE shared_app_legacy_access_role;
|
||||
GRANT SELECT ON dds_orders TO shared_app_legacy_access_role;
|
||||
GRANT shared_app_legacy_access_role TO dds_app;
|
||||
|
||||
Reference in New Issue
Block a user