Threat Intelligence IAM Policies

This topic covers details for writing policies to control access to Oracle Cloud Infrastructure Threat Intelligence.

All Threat Intelligence resources are scoped to your entire tenancy  (the root compartment).

Note

In IAM policies, threat types are referred to as labels. For example, to view threat types you must have permission to read labels.

Resource Types

The following resource types are related to Threat Intelligence.

Individual Resource Types

  • threat
  • label

Aggregate Resource Types

threat-intel-family

A policy that uses <verb> threat-intel-family is equivalent to writing one with a separate <verb> <individual resource-type> statement for each of the individual Threat Intelligence resource types.

Details for Verb + Resource-Type Combinations

For each resource type, identify the permissions and API operations covered by each verb.

threat
Verbs Permissions APIs Fully Covered APIs Partially Covered
read TI_THREAT_READ

ListIndicators

ListIndicatorTypes

GetIndicator

GetIndicatorSummaryCounts

none
labels
Verbs Permissions APIs Fully Covered APIs Partially Covered
read TI_LABEL_READ ListLabels none

Permissions Required for Each API Operation

The following table lists the API operations in a logical order, grouped by resource type.

For more information about permissions, see Permissions.

API Operation Permissions Required to Use the Operation
ListIndicators TI_THREAT_READ
GetIndicator TI_THREAT_READ
ListIndicatorTypes TI_THREAT_READ
GetIndicatorSummaryCounts TI_THREAT_READ
ListLabels TI_LABEL_READ