Viewing Categories and Recommendations

This section explains how to view Cloud Advisor categories and recommendations. Recommendations help you reduce costs by finding and adjusting resources that are underutilized. For example, they find underutilized compute instances, overprovisioned Autonomous Database for Analytics and Data Warehousing and Autonomous Database for Transaction Processing and Mixed Workloads instances, and unattached block volumes and boot volumes.

This section contains the following main topics:

Viewing Categories

Viewing Recommendations

Required IAM Policies

This page describes the Identity and Access Management requirements and security policies that Cloud Advisor uses to ensure that your resources are protected.

To use Oracle Cloud Infrastructure, you must be granted security access in a policy  by an administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don't have permission or are unauthorized, verify with your administrator what type of access you have and which compartment  to work in.

To get started with Cloud Advisor, an administrator must grant each user access to Cloud Advisor and to the resources that Cloud Advisor recommendations impact through an IAM policy. Each service in Oracle Cloud Infrastructure integrates with IAM for authentication and authorization, for all interfaces (the Console, SDK or CLI, and REST API).

The resource name for Cloud Advisor is optimizer-api-family. The following is an example policy to grant users access to Cloud Advisor to the resources that Cloud Advisor recommendations impact:

Allow group OptimizerAdmins to manage optimizer-api-family in tenancy

If you're new to policies, see Getting Started with Policies and Common Policies. For more information about Cloud Advisor policies, see Creating Cloud Advisor policies.

Additional Cloud Advisor required permissions

Although the permissions described above let you view the recommendations and some information about them, Cloud Advisor features granular permissions to support compartment and resource based security policies. These permissions are granted at the compartment level rather than the tenancy level as was previously done. If you do not have the correct permissions, you might not be able to view all the recommendation details, or the resource details for the recommendation you are viewing. To view all the recommendation and resource metadata, contact your account administrator to get the permissions for your compartment. For more information, see Additional Required Permissions.