Getting ready

To complete this recipe, you'll need an existing common user who has create role privilege granted commonly.

How to do it...

How it works...

When you create a common role, that role exists in all containers in that database (including a root container and existing and future pluggable databases).

Figure 12

c##zoran@CDB1> select * from dba_roles where role='C##ROLE1';
ROLE PASSWORD AUTHENTICAT COM O
---------------- -------- ----------- --- -
C##ROLE1 NO NONE YES N
 c##zoran@CDB1> connect c##zoran/oracle@pdb1
Connected.
c##zoran@PDB1> select * from dba_roles where role='C##ROLE1'; 
 ROLE PASSWORD AUTHENTICAT COM O
---------------- -------- ----------- --- -
C##ROLE1 NO NONE YES N 
 c##zoran@PDB1> connect c##zoran/oracle@pdb2 
 Connected. 
 c##zoran@PDB2> select * from dba_roles where role='C##ROLE1'; 
 ROLE PASSWORD AUTHENTICAT COM O
---------------- -------- ----------- --- -
C##ROLE1 NO NONE YES N

There's more...

You can also create common roles by using Oracle Enterprise Manager Cloud Control (OEM) 12c.

How to create a common role using OEM 12c

You should connect to the root (CDB$ROOT) as a common user who has create role privilege granted commonly (for example, c##zoran or system user). From the Administration menu, select Security (drop-down menu) and then Roles (see Figure 13):

Figure 13

On the Roles page, click on the Create button and the Create Role page appears (Figure 14):

Figure 14

On the Create Role page, you name the role on the General tab (for example, c##role2). Also, you may grant other roles and privileges to c##role2 (using the tabs Roles, System Privileges, and Object Privileges). After choosing the options and granting privileges to the role, click on the OK button to create it.