Last updated on: March 26th, 2021
The minimum set of roles and privileges required to scan Oracle Database are:
- Role: SELECT_CATALOG_ROLE
- Why: Allows the user to read information about the database, users and their privileges.
- How to apply: ALTER USER “USERNAME” DEFAULT ROLE “SELECT_CATALOG_ROLE”;
- System Privilege: CREATE SESSION
- Why: Allows the user to connect (create a session) to the database.
- How to apply: GRANT CREATE SESSION TO “USERNAME”;
(Replace USERNAME with the real username.)
This should allow vScope to fully discover the Oracle Database.
Also, make sure to set the correct Connect Descriptor (Instance Name or Service Name) to connect. Here is a more detailed FAQ on how to find this information: https://support.infrasightlabs.com/article/how-to-find-oracle-db-connect-descriptor-parameters/