Oracle Cloud Infrastructure Documentation

Typical Workflow to Set Up Policies to Manage Analytics Cloud Instances (Oracle Identity Cloud Service)

If your cloud account federates with Oracle Identity Cloud Service and you're setting up policies for the first time, take some time to understand what's required before you start.

Description of policy_flow.jpg follows

High-level steps:

  1. Create users in the federated Oracle Identity Cloud Service (IDCS).
  2. Create one or more groups and assign users to each group, as required.

    Give the groups suitable names and include only those users that you want to manage Oracle Analytics Cloud instances in Oracle Cloud Infrastructure (Gen 2). For example, prefix them with OCI and indicate the level of access for users in the group: OCI_Users, OCI_Power_Users, OCI_Analytics_Admins, and so on.

  3. Create groups in Oracle Cloud Infrastructure (OCI).

    Give the groups suitable names. For example, prefix them with analytics and mirror the naming convention that you used in Oracle Identity Cloud Service: analytics_users, analytics_power_users, analytics_service_admins, and so on.

  4. Map the groups you created in OCI to the groups in Oracle Identity Cloud Service.
  5. Create one or more polices, as required.

    Give users in OCI groups suitable access permissions to compartments and Oracle Analytics Cloud instances.

For more detailed steps, see the next topic.