About Permissions to Manage Oracle Analytics Cloud Instances
You use authorization policies to control access to resources in your tenancy. For example, you can create a policy that authorizes users to create and manage Oracle Analytics Cloud instances.
You create policies using the Oracle Cloud Infrastructure Console. For detailed information, see Managing Policies.
Resource Types | Description |
---|---|
analytics-instance |
A single Oracle Analytics Cloud instance. |
analytics-instances |
One or more Oracle Analytics Cloud instances. |
analytics-instance-work-request |
A single work request for Oracle
Analytics Cloud.
Each operation you perform on an Oracle Analytics Cloud instance, creates a work request. For example, operations such as create, start, stop, and so on. |
analytics-instance-work-requests | One or more work requests. |
Supported Variables
The values of these variables are supplied by Oracle Analytics Cloud. In addition, other general variables are supported. See General Variables for All Requests.
Variable | Type | Description | Sample Value |
---|---|---|---|
target.analytics-instance.id | ocid | OCID for the Analytics Cloud instance. | target.analytics-instance.id = 'oci1.analyticsinstance.oc1..abc123' |
target.analytics-instance.name | string | Name of the Analytics Cloud instance. | target.analytics-instance.name = 'myanalytics_1' |
target.analytics-instance.source-compartment.id | ocid | OCID of the source compartment, in a "move compartment" operation. | target.analytics-instance.source-compartment.id = 'ocid1.compartment.oc1..aaa100' |
target.analytics-instance.destination-compartment.id | ocid | OCID of the destination compartment in a "move compartment" operation. | target.analytics-instance.destination-compartment.id = 'ocid1.compartment.oc1..aaa200' |
Details for Verb and Resource-Type Combinations
Oracle Cloud Infrastructure offers a standard set of verbs to define permissions across Oracle Cloud Infrastructure resources (Inspect, Read, Use, Manage). These tables list the Oracle Analytics Cloud permissions associated with each verb. The level of access is cumulative as you go from Inspect to Read to Use to Manage.
INSPECT
Resource- Type | INSPECT Permission |
---|---|
|
|
|
|
READ
Resource- Type | READ Permission |
---|---|
|
|
|
|
USE
Resource- Type | USE Permission |
---|---|
|
|
|
|
MANAGE
Resource- Type | MANAGE Permission |
---|---|
|
|
|
|
Permissions Required for Each API Operation
This table shows the API operations available for Oracle Analytics Cloud, grouped by resource type.
REST API Operation | CLI Command Operation | Permission Required to Use the Operation |
---|---|---|
ListAnalyticsInstances | analytics-instance list | ANALYTICS_INSTANCE_INSPECT |
CreateAnalyticsInstance | analytics-instance create | ANALYTICS_INSTANCE_CREATE |
GetAnalyticsInstance | analytics-instance get | ANALYTICS_INSTANCE_READ |
UpdateAnalyticsInstance | analytics-instance update | ANALYTICS_INSTANCE_UPDATE |
DeleteAnalyticsInstance | analytics-instance delete | ANALYTICS_INSTANCE_DELETE |
StartAnalyticsInstance | analytics-instance start | ANALYTICS_INSTANCE_USE |
StopAnalyticsInstance | analytics-instance stop | ANALYTICS_INSTANCE_USE |
ScaleAnalyticsInstance | analytics-instance scale | ANALYTICS_INSTANCE_MANAGE |
ChangeAnalyticsInstanceCompartment | analytics-instance change-compartment | ANALYTICS_INSTANCE_MOVE |
ChangeAnalyticsInstanceNetworkEndpoint | analytics-instance change-network-endpoint | ANALYTICS_INSTANCE_MANAGE |
GetPrivateAccessChannel | analytics-instance get-private-access-channel | ANALYTICS_INSTANCE_MANAGE |
CreatePrivateAccessChannel | analytics-instance create-private-access-channel | ANALYTICS_INSTANCE_MANAGE |
UpdatePrivateAccessChannel | analytics-instance update-private-access-channel | ANALYTICS_INSTANCE_MANAGE |
DeletePrivateAccessChannel | analytics-instance delete-private-access-channel | ANALYTICS_INSTANCE_MANAGE |
CreateVanityUrl | analytics-instance create-vanity-url | ANALYTICS_INSTANCE_MANAGE |
UpdateVanityUrl | analytics-instance update-vanity-url | ANALYTICS_INSTANCE_MANAGE |
DeleteVanityUrl |
analytics-instance delete-vanity-url | ANALYTICS_INSTANCE_MANAGE |
SetKmsKey | analytics-instance set-kms-key | ANALYTICS_INSTANCE_MANAGE |
ListWorkRequests | work-request list | ANALYTICS_INSTANCE_WR_INSPECT |
GetWorkRequest | work-request get | ANALYTICS_INSTANCE_WR_READ |
DeleteWorkRequest | work-request delete | ANALYTICS_INSTANCE_WR_DELETE |
ListWorkRequestErrors | work-request-error list | ANALYTICS_INSTANCE_WR_INSPECT |
ListWorkRequestLogs | work-request-log list | ANALYTICS_INSTANCE_WR_INSPECT |