For Database API Gateway Configurations
Database API Gateway Configuration Administrators
The Database API Gateway Configuration Administrator is responsible for creating, updating, and managing Database API Gateway configurations.
To grant the required permissions in a specific compartment, add the following IAM policies. Replace <group_name> and <compartment_name> with your values.
Table 9-17 Administrator Policies
| Policy | Access Level |
|---|---|
|
To read Database Tools connections. |
|
Create, update, and delete Database API Gateway configurations in the specified compartment. |
Database Tools connections are required when you define connection pools in a Database API Gateway configuration. See Creating a Connection
Database API Gateway Configuration Users
The Database API Gateway Configuration User must belong to the Configuration Users group and needs read-only access to the Database API Gateway configuration at runtime. This role also requires read access to the related Database Tools connections and the Vault secrets those connections use.
Add the following IAM policies in the compartment that contains your resources. Replace <group_name> and <compartment_name> with your values.
Table 9-18 User Policies
| Policy | Access Level |
|---|---|
|
To read secrets from Vault. |
|
To read Database Tools connections. |
|
To use Database API Gateway configurations. |
|
To retrieve the wallet from Autonomous Database |
Database Tools connections must reference secrets stored in Vault (for example, database credentials). For more information, see Database Tools Prerequisites