Oracle 12C+: Create ACL

I don’t often have to create ACL’s (Access Control List) and as such whenever I do I have to have a bit of a search to find out how to do so. Unfortunately for me, it always seems to provide the old way for creating ACL’s in Oracle. So this is a record for myself (and others) that this is how to create a basic ACL in Oracle 12C and above.

BEGIN
  DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE(
    host       => 'rosshenderson.dev', 
    lower_port => 80,
    upper_port => 80,
    ace        => xs$ace_type(privilege_list => xs$name_list('http'),
                              principal_name => 'RossHenderson',
                              principal_type => xs_acl.ptype_db)); 
end;

If there is not a pre-existing ACL, this code block will create an ACL. If there is a pre-existing ACL for this host, it will append a new user to that ace.

  • Host: The domain you need the ACL for. *required
  • Lower Port: Lowest port number in the range.
  • Upper Port: Highest port number in the range.
  • Privilege List: A list of privileges you want to give to the ace (i.e. ‘http’, ‘resolve’, ‘connect’). *required
  • Principal Name: Database user. *required
  • Principal Type: The user/role type. I believe this will always be the same. *required

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s