Improve Deep Data Security lab scenarios
Some checks failed
Repo Quality / structure (push) Has been cancelled
Terraform Validate / validate (push) Has been cancelled

This commit is contained in:
2026-05-13 16:11:12 -03:00
parent 8314351c98
commit db3d68af10
134 changed files with 401 additions and 273 deletions

8
scenarios/01-ai-prompt-injection/sql/02_identities.sql Normal file → Executable file
View File

@@ -14,6 +14,14 @@ GRANT ai_prompt_session_role TO sales_rep_role;
GRANT ai_prompt_session_role TO regional_manager_role;
GRANT ai_prompt_session_role TO hr_global_role;
-- Vulnerable baseline: this broad legacy role simulates an application or AI
-- integration that grants direct object access before Deep Data Security is enforced.
CREATE ROLE ai_prompt_legacy_access_role;
GRANT SELECT ON dds_ai_customers TO ai_prompt_legacy_access_role;
GRANT ai_prompt_legacy_access_role TO sales_rep_role;
GRANT ai_prompt_legacy_access_role TO regional_manager_role;
GRANT ai_prompt_legacy_access_role TO hr_global_role;
GRANT DATA ROLE sales_rep_role TO alice;
GRANT DATA ROLE regional_manager_role TO bruno;
GRANT DATA ROLE hr_global_role TO carla;