Oracle

Overview

Oracle relational database is available at different platforms (Oracle cloud, onprem, dedicated infrastructure, AWS RDS etc). Oracle calls databases as schemas. A database user owns a database schema, which has the same name as the user name. Inside it there are tables and columns.

Onboarding Oracle Data Source

1. Login to your LightBeam Instance.

2. Click on DATASOURCES on the Top Navigation Bar.

3. Click on “Add a data source”.

1. Search for Oracle and select it.

5. Configure Basic Details

In the Basic Details section, enter the following information:

• Instance Name: Provide a unique name for the Oracle data source (e.g., oracle-datasource).

• Primary Owner: Enter the email address of the individual responsible for this data source (e.g., demo@lightbeam.ai).

• Source of Truth (Optional): Toggle this option on if this database serves as a single source of truth for entity validation.

• Description (Optional): Add a brief description of the database (e.g., "Oracle Datasource Instance").

1. Enter Connection Details

Provide the following details in the Connection section:

• Username: The username for database authentication.

• Password: The corresponding password for the username.

• Host: The Oracle database server address (e.g., oracle-db.mycompany.com).

• Port: The port number used for Oracle connections (default 1521).

• Service Name: The Oracle Service Name or SID to connect to.

• Encryption Mode: Select between:

  • Encrypted (Recommended for secure connections).

  • Unencrypted (For non-secure connections).

• SSL Certificate (Optional): If using an SSL connection, click Upload SSL Certificate to provide the certificate file.

1. Click Test Connection to validate the credentials. If successful, you will see a Test Connection Success message.

8. Additional Details (Optional)

In this section, you can specify metadata attributes related to the data source:

• Location: The location of the data source.

• Purpose: The purpose of the data being collected/processed.

• Stage: The stage of the data source. Example: Source, Processing, Archival, etc.

1. Verify that you get the message Connection Success! on the screen. Click on Next.

2. In the next step, you'll see a list of databases presented from your Oracle database server.

Displayed Databases: By default, all databases to which you have access permissions will be shown.

Custom Selection: If you wish not to scan certain databases, simply deselect them from the list.

Please select the list of databases that you wish to scan.. Ensure you've made your desired selections before connecting the datasource.

APPENDIX

Minimal permissions setup

A database user is needed with minimal read only permissions for connecting and scanning the datasource.

1. Create a new database user with a password

CREATE USER <username> IDENTIFIED BY <password>

1. Grant connect permission to the user.

GRANT CONNECT TO <username>

1. Grant following select permissions.

GRANT SELECT ON sys.dba_segments TO <username>

BEGIN

FOR R IN (SELECT owner, table_name FROM all_tables WHERE owner in (‘ADMIN’, ‘TEST’))

LOOP

EXECUTE IMMEDIATE 'grant select on '||R.owner||'.'||R.table_name||' to <username>;

END LOOP;

(‘ADMIN’, ‘TEST’) <- Replace this list with names of database to be scanned.

<username> <- Replace username.

Use the user just created to register Oracle datasource.

Validate permissions to the database

Next, the user needs to validate these permissions to the database. This ensures authorized access to the database by the credentials provided by the user. After validating the permissions to the database, the user can configure LightBeam Spectra on the system.

Steps

2. Go into sql_user_check_oracle directory

3. Please refer to the README.md file in the directory for detailed instructions.

About LightBeam

LightBeam automates Privacy, Security, and AI Governance, so businesses can accelerate their growth in new markets. Leveraging generative AI, LightBeam has rapidly gained customers’ trust by pioneering a unique privacy-centric and automation-first approach to security. Unlike siloed solutions, LightBeam ties together sensitive data cataloging, control, and compliance across structured and unstructured data applications providing 360-visibility, redaction, self-service DSRs, and automated ROPA reporting ensuring ultimate protection against ransomware and accidental exposures while meeting data privacy obligations efficiently. LightBeam is on a mission to create a secure privacy-first world helping customers automate compliance against a patchwork of existing and emerging regulations.