Scanning database schemas
Complete a few steps to start scanning your database schemas with Cloud Compliance.
Quick start
Get started quickly by following these steps or scroll down to the remaining sections for full details.
Review database prerequisites
Ensure that your database is supported and that you have the information necessary to connect to the database.
Deploy the Cloud Compliance instance
Deploy Cloud Compliance in Cloud Manager if there isn't already an instance deployed.
Add the database server
Add the database server that you want to access.
Select the schemas
Select the schemas that you want to scan.
Reviewing prerequisites
Review the following prerequisites to make sure that you have a supported configuration before you enable Cloud Compliance.
Supported databases
Cloud Compliance can scan schemas from the following databases:
-
MongoDB
-
Oracle
-
PostgreSQL
-
SAP HANA
-
SQL Server (MSSQL)
The statistics gathering feature must be enabled in the database. |
Database requirements
Any database with connectivity to the Cloud Compliance instance can be scanned, regardless of where it is hosted. You just need the following information to connect to the database:
-
IP Address or host name
-
Port
-
Service name (only for accessing Oracle databases)
-
Credentials that allow read access to the schemas
When choosing a user name and password, it’s important to choose one that has full read permissions to all the schemas and tables you want to scan. We recommend that you create a dedicated user for the Cloud Compliance system with all the required permissions.
Note: For MongoDB, a read-only Admin role is required.
Adding the database server
Add the database server where the schemas reside.
-
From the Scan Configuration page, click the Add DB Server button.
-
Enter the required information to identify the database server.
-
Select the database type.
-
Enter the port and the host name or IP address to connect to the database.
-
For Oracle databases, enter the Service name.
-
Enter the credentials so that Cloud Compliance can access the server.
-
Click Add DB Server.
-
The database is added to the list of working directories.
Enabling and disabling compliance scans on database schemas
You can stop or start scanning schemas at any time.
-
From the Scan Configuration page, click the Configuration button for the database you want to configure.
-
Select the schemas that you want to scan by moving the slider to the right.
Cloud Compliance starts scanning the database schemas that you enabled. If there are any errors, they’ll appear in the Status column, alongside the required action to fix the error.
Removing a database from Cloud Manager
If you no longer want to scan a certain database, you can delete it from the Cloud Manager interface and stop all scans.
From the Scan Configuration page, click the button in the row for the database, and then click Remove DB Server.