Managed Access Overview
Oracle Managed Access lets you manage requests for temporary access to your organization's cloud resources from OCI authorized operators.
- Provides the operator temporary user credentials for a specific duration.
- Specifies the access level for the representative.
- Creates logs of all actions, providing an audit trail.
Learn About Oracle Managed Access
Understand key concepts related to the Oracle Managed Access service.
Managed Access allows authorized operators to request access to your organization's resources through a secure workflow. Operators make the request when they need to troubleshoot or fix an issue with a resource. The request is sent to the customer, and is displayed on the Access Requests page. Your organization's approvers can approve or deny a request for access to a resource. You can choose to automatically approve requests, or manually approve a request, by creating a template on the Request Templates page. Managed Access allows up to three levels of approvers.
- A resource that support representatives use to request access to your organization's tenancy.
- Access request
An authorized operator's request to access a resource for troubleshooting and resolving issues.
- Target resource
- The resource that support representatives want to access.
- Resource type
- The type of resource that support representatives want to access.
- Request state
- The access states supported for requests. For a complete list, see Request States
- Access duration
- The amount of time that authorized operators must access a resource.
- Approval template
- The rules that define how requests are processed. You can include up to three approvers in the template.
- Automatic approval
- An approval template option that lets you automatically approve requests from authorized operators. This option automates approval only for your workflow. Oracle has a workflow that it follows before a request is approved and sent to you.
Resources in Oracle Cloud Infrastructure have a unique, Oracle-assigned identifier called an Oracle Cloud ID (OCID).
For information about the OCID format and other ways to identify resources, see Resource Identifiers.
Ways to Use Managed Access
You can use Oracle Managed Access with the Oracle Cloud Console (a browser-based interface).
To access the Console, you must use a supported browser. After you open the Console sign-in page, enter the name of the cloud account (tenancy), the domain (optional), username, and password.
Authentication and Authorization
Each service in Oracle Cloud Infrastructure integrates with Oracle Cloud Infrastructure Identity and Access Management (IAM) for authentication and authorization, for the console.
An administrator in your organization needs to set up groups, compartments , and policies that control which users can access which services and resources, and the type of access. For example, policies control who can create users, create and manage a virtual cloud network (VCN (virtual cloud network) ), create instances, and create buckets .
Getting Started with Oracle Managed Access
After completing some prerequisite steps, you can start using Oracle Managed Access to grant access to authorized operators.
If you're not an administrator, you must be given access to the Managed Access service in a policy (IAM) written by an administrator.