Improve Deep Data Security lab scenarios
This commit is contained in:
8
scenarios/01-ai-prompt-injection/sql/02_identities.sql
Normal file → Executable file
8
scenarios/01-ai-prompt-injection/sql/02_identities.sql
Normal file → Executable file
@@ -14,6 +14,14 @@ GRANT ai_prompt_session_role TO sales_rep_role;
|
||||
GRANT ai_prompt_session_role TO regional_manager_role;
|
||||
GRANT ai_prompt_session_role TO hr_global_role;
|
||||
|
||||
-- Vulnerable baseline: this broad legacy role simulates an application or AI
|
||||
-- integration that grants direct object access before Deep Data Security is enforced.
|
||||
CREATE ROLE ai_prompt_legacy_access_role;
|
||||
GRANT SELECT ON dds_ai_customers TO ai_prompt_legacy_access_role;
|
||||
GRANT ai_prompt_legacy_access_role TO sales_rep_role;
|
||||
GRANT ai_prompt_legacy_access_role TO regional_manager_role;
|
||||
GRANT ai_prompt_legacy_access_role TO hr_global_role;
|
||||
|
||||
GRANT DATA ROLE sales_rep_role TO alice;
|
||||
GRANT DATA ROLE regional_manager_role TO bruno;
|
||||
GRANT DATA ROLE hr_global_role TO carla;
|
||||
|
||||
Reference in New Issue
Block a user