Object Storage Access
To be able to access your data, your Data Flow SQL Endpoints need to have access to your Object Storage where your data is stored. To be able to store your metadata, your Data Flow SQL Endpoint needs to have access to Metastore, where the metadata of the data is stored.
Allow your newly created SQL Endpoint to read buckets, manage objects, and read data.
Create a dynamic group and add the following
rules:
ALL {resource.compartment.id = '<compartment_id>'}
ALLOW DYNAMIC-GROUP <dynamic-group-name> to {CATALOG_METASTORE_EXECUTE, CATALOG_METASTORE_INSPECT, CATALOG_METASTORE_READ}
in tenancy WHERE ALL {request.principal.type='dataflowsqlendpoint'}
ALLOW DYNAMIC-GROUP <dynamic-group-name> TO MANAGE objects IN TENANCY WHERE ALL {request.principal.type='dataflowsqlendpoint'}
ALLOW DYNAMIC-GROUP <dynamic-group-name> TO MANAGE buckets IN TENANCY WHERE ALL {request.principal.type='dataflowsqlendpoint'}