Data source privileges for producing assessments

Producing vulnerability assessments in IBM® Security Guardium® Analyzer requires access to your data sources and specific data source privileges. The scripts provided in this topic can be used to create groups or roles with these privileges. Once created, these groups or roles can be assigned to the data source users that you will use when creating connectors.

Download: Data source scriptsDownloads an archive file

The scripts that are provided in this archive file cover most supported data source types and are designed to be run in the data source tool itself. After downloading and extracting the file, locate the script for your data source. The file names for these scripts are:

  • DB2®: db2.sql
  • DB2 for i: db2i.sql
  • Oracle: oracle.sql
  • Oracle container data source: oracle-container.sql
  • MS SQL: sql-server.sql
  • MS SQL with sysadmin privileges: sql-server-SA.sql
  • MySQL: mysql.sql

Once you have downloaded the scripts required for your data source server, closely review and follow the instructions in the script headers. The privileges granted for each data source type can be seen in the script.

Important: Before running any scripts, database administrators should read the instructions in the script headers and review the data source actions that will be taken by the script.
Note:
  • For MS SQL, there are a number of tests performed by Guardium Analyzer that require sysadmin privileges. If you can create a user with these privileges, use the sql-server-SA.sql script. If you cannot create a user with these privileges, use sql-server.sql. However, when sql-server.sql is used, the tests that require sysadmin privileges will result in an error resulting from lack of privilege.
  • If the data source scriptsDownloads an archive file file does not automatically download, right-click the link and save the file to your hard disk.