Review Oracle Cloud Tools Report Security
Following information must be reviewed from a data security point of view when deploying/using and adding new users to SQL Connect.
OracleCloudTools' SQLConnect uses standard Oracle BI roles for allowing data access.
Once you establish a new connection to your Oracle Cloud Environment as a BI Administrator, SQLConnect will automatically create BI Catalog files for you to run SQL Queries. This will allow SQL Connect users to run the SQL Queries in your environment. As an administrator, however, you should review the Security Settings in BI Publisher to make sure this folder is accessible to the intended users only. You can restrict which users have access to this folder.
By default following roles would have access to SQLConnect:
- BI Administrator Role - Full Control
- BI Platform Author Role - Full Control
- BI Consumer Role - Open
You may want to remove BI Consumer and Payable Invoice Management Duty Role or add your custom role to provide access to limited users. This is by design how Oracle BI administrator/user access works.
Request BI Administrator to Create Connection
To establish a connection to your Cloud Environment for the first time, you must have a BI Administrator Role. If you try to connect /create connection using a Non BI Administrator role, you will get the following message. In such cases your administrator must perform the following steps so that you can run SQL Queries with Oracle SAAS Cloud / ERP Cloud / HCM Cloud.
- Login to SQL Connect
- Go to Help => Catalog File. This will download a Catalog File to your machine.
- Login to BI Catalog. This is your Oracle Cloud Environment
- Navigate to Shared Folders/ Custom
- Unarchive the Catalog File
- Make sure you have CloudTools Folder created after you unarchive the Catalog File