OCI Access Rule Policies

Allow Group "group 1, 2, 3..." to "action" "resource name" in compartment "compartment_name"
Action options: inspect (list only), read (read metadata and and list resources), use (access resources), manage (full access)

Resource names: objects, load balancers, virtual network family (vcn, subnet, route tables, security lists), instance family, and volume family)

You can use this feature to create multiple sub accounts with in your account/tenancy. The second highest level of access within your Oracle cloud is compartment. The compartments are typically used to separate your production, test, etc. environment. This level allows you to completely separate firewall, network, storage, and servers.

Here are some examples on how to separate your Oracle cloud account into multiple sub accounts:

  • Allow Group SubCompany1ProdFull to manage instance-family in compartment SubCompany1Prod

  • Allow Group SubCompany1QAFull to manage instance-family in compartment SubCompany1QA

  • Allow Group SubCompany1QAView to read all in compartment SubCompany1QA
Google meet iconteams iconDemo iconVast Edge free trial icon
Copyrights © 13 July 2024 All Rights Reserved by Vast Edge Inc.