Describes prerequisites for creating a refreshable clone.

To create a refreshable clone you must define the required access using OCI Identity and Access Management policy statements written by an administrator, whether you're using the Console, the REST API, the CLI, or another tool.

The following policies allow you to create a refreshable clone:

Allow group Group_Name to read autonomous-databases in compartment Compartment_Name
      where target.id = 'oc1.autonomousdatabase.oc1..unique_ID'

Allow group Group_Name to manage autonomous-databases in compartment Compartment_Name

The where clause is optional and provides a more fine grained way to grant access to a specific database.

You can limit cloning permissions so that the group can only clone Autonomous Databases but cannot create Autonomous Databases, or further limit permission to only create a particular type of clone: Full Clone, Metadata Clone, or Refreshable Clone. See IAM Permissions and API Operations for Autonomous Database for more information and examples.

This shows the policies for cloning within a tenancy. See Prerequisites for Cross Tenancy Cloning for cross tenancy cloning policies.

See IAM Policies for Autonomous Database and Getting Started with Policies for more information.