On 2016/11/02 12:47, Jeff Chirco wrote:
I have developers that are always asking for production query access. I was
thinking I could setup an Active Data Guard instance, and since one of the
benefits is to use ADG as a read only reporting database. However I don't
want users to have select permissions on the tables in primary, only the
standby. Unless I am wrong I don't believe you can issues grants in a
physical standby database.
Does anybody have some other creative solution to this? I was thinking maybe
issuing the grants to a non default role and if possible attach a some kind
of trigger that would run on a SET ROLE command and then check if the
instance was primary or not and then allow or not the set role command. You
think this is possible? Or something else?