Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

How create another RDS oracle master account

0

Is it possible to create a second master account in ORACLE RDS with same DBA permissions? If not, can I create a regular oracle account and assign it a DBA role or privileges similar to master RDS account?

Topics
AnalyticsMigration & ModernizationDatabase
Tags
Amazon RDS Database Preview EnvironmentAmazon Relational Database ServiceOracleRDS Custom for SQL OracleDatabase
Language
English
asked a year ago337 views
3 Answers
1
Accepted Answer

Hi

From the Amazon RDS Oracle database system, you can grant similar privileges to another user as the master user and perform administrative operations. However, there are certain RDS Managed service infrastructure-level actions that are tied to the master user account and cannot be replicated.

To create a new admin user with similar privileges as the default master, you will be able to create and grant the necessary permissions.

For more details, please refer to the AWS knowledge article on RDS Oracle user privileges and roles.

Additionally, as a best practice, it is recommended to grant only the required permissions for specific tasks based on the requirement and minimize granting elevated permissions unless necessary.

AWS
answered a year ago
  • User-5446406
    a year ago

    Hi What privileges would you grant the account to become similar to master? I think are also saying there are other infrastruture-level actions that cannot be replicated? What are those?

1

Hi,

You can create another user and grant DBA role in RDS for Oracle database, but please be aware that the DBA role does not have the following privileges.

ALTER DATABASE
ALTER SYSTEM
CREATE ANY DIRECTORY
DROP ANY DIRECTORY
GRANT ANY PRIVILEGE
GRANT ANY ROLE

Please refer to the below document for Limitations for Oracle DBA role privileges in RDS for Oracle, https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.MasterAccounts.html

Please refer to the below document for the master user privileges, https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.MasterAccounts.html

Most of the common DBA tasks can be achieved using the rdsadmin.rdsadmin_util package, https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.CommonDBATasks.Database.html

AWS
answered a year ago
EXPERT
reviewed a year ago
  • User-5446406
    a year ago

    Hi

    I understand that DBA role is restricted in RDS.

    However, would creating another account and granting it DBA role give you exactly same permissions granted to a default RDS master account or not?

    Thanks,

0

Hi,

The RDS for Oracle master account privileges are available in the below documentation https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.MasterAccounts.html.

Also, you can collect the master user privileges from RDS for Oracle DB directly using the Oracle Dictionary views like below,

DBA_SYS_PRIVS / USER_SYS_PRIVS DBA_TAB_PRIVS / USER_TAB_PRIVS DBA_ROLE_PRIVS / USER_ROLE_PRIVS DBA_COL_PRIVS / USER_COL_PRIVS ROLE_SYS_PRIVS / ROLE_ROLE_PRIVS

AWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content