My Oracle Support Banner

ORA-28133 When encrypt column if the table has Fine Grained Audit Policy (Doc ID 1326857.1)

Last updated on AUGUST 04, 2018

Applies to:

Oracle Database - Enterprise Edition - Version to [Release 10.2 to 11.2]
Information in this document applies to any platform.


When trying to encrypt a column in a table, if the table already has an FGA Policy with statement type UPDATE. It throws error ora-28133 "full table access is restricted by fine-grained security". This error only occurs when statement_type is UPDATE.

An example of a typical sequence of events is as follows:

SQL> create table scott.test_table(id number,name varchar2(32));

Table created.

SQL> begin
2 dbms_fga.add_policy(
3 object_schema=> 'SCOTT',
4 object_name => 'TEST_TABLE',
5 policy_name => 'FGA_TEST_TABLE',
6 audit_condition => NULL,
7 handler_schema => NULL,
8 handler_module => NULL,
9 statement_types => 'UPDATE');
10 end;
11 /

PL/SQL procedure successfully completed.

SQL> commit;

Commit complete.

SQL> alter table scott.test_table modify (name ENCRYPT 'NOMAC' NO SALT);
alter table scott.test_table modify (name ENCRYPT 'NOMAC' NO SALT)
ERROR at line 1:
ORA-28133: full table access is restricted by fine-grained security



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.