Required IAM Policy to Publish Community Applications

Create, update, move or delete community applications using the IAM policies.

If you're new to policies, see Getting Started with Policies and Common Policies.

For administrators, the following policies enable the creation of community applications in Marketplace for community use and provide access to community applications to users. For any policies, if you want to reduce the scope of access to a particular compartment, specify the compartment instead of the tenancy.

• The following policy gives the specified example group the ability to list, view, create, update, delete, or move community applications.

  Allow group PublicationAdmins to manage marketplace-publications in tenancy where listing.type='Community'

• The following policy gives the Marketplace service the ability to do everything with Compute custom images, including listing, viewing, creating, updating, deleting, and moving them.

  Allow service Marketplace to manage instance-images in tenancy
  

• The following policy gives the specified example group the ability to list community applications when selecting an image while launching an instance and to see the terms of use agreements associated with the images:

  Allow group CommunityApplicationLaunchers to read marketplace-community-listings in tenancy
  Allow group CommunityApplicationLaunchers to inspect compartments in tenancy
  Allow group CommunityApplicationLaunchers to read app-catalog-listing in tenancy

If you need to write more restrictive policies, see the policy reference on which these policies were based, Details for the Marketplace Service and Details for the Core Services, as needed.