Language Policies

Learn about the resource policies including API permissions.

To control who has access to Language and the type of access for each group of users, you must create policies. By default, only the users in the Administrators group have access to all Language resources. For everyone else who's using the service, you must create new policies that assign them proper rights to Language resources. For a complete list of OCI policies, see Policy Reference.

Resource Types

Language offers both aggregate and individual resource-types for writing policies. You can use aggregate resource types to write fewer policies. For example, instead of allowing a group to manage all of the individual resource types, you can have a policy that allows the group to manage the aggregate resource type, ai-service-language-family.

Individual Resource Types

ai-service-language-entities

ai-service-dominant-language

ai-service-language-sentiments

ai-service-language-keyphrases

ai-service-language-text-classification

ai-service-language-pii-entities

ai-service-language-translation

Aggregate Resource Type

ai-service-language-family

Example Policies

allow group <language-group> to use ai-service-language-family in tenancy <tenancy-name>

allow group <group-name> to manage ai-service-language-family in compartment <compartment-name>

Required IAM Policy

To work with Language, an administrator must grant you access in an IAM policy.

If you get a message that you don't have permission or are unauthorized, verify with your administrator what type of access you have.

Create a policy with one of the following policies:

allow <subject> to manage ai-service-language-family in tenancy, where subject can be:
group <group-name> | group id <group-ocid> | dynamic-group <dynamic-group-name> | dynamic-group id <dynamic-group-ocid> | any-user

Example Policies

Allow users to manage all Language resources using the aggregate resource:

allow any-user to manage ai-service-language-family in tenancy

These policies control user access by theLanguage resources:

allow any-user to manage ai-service-language-project in tenancy
allow any-user to manage ai-service-language-model in tenancy
allow any-user to manage ai-service-language-data-asset in tenancy
allow any-user to manage ai-service-language-endpoint in tenancy

Resource Types and Permissions


Resource Family	Resource Kind	Permissions
`ai-service-language-family`	`ai-service-language-entities`	`AI_SERVICE_LANGUAGE_ENTITIES_USE`
	`ai-service-dominant-language`	`AI_SERVICE_DOMINANT_LANGUAGE_USE`
	`ai-service-language-sentiments`	`AI_SERVICE_LANGUAGE_SENTIMENTS_USE`
	`ai-service-language-keyphrases`	`AI_SERVICE_LANGUAGE_KEYPHRASES_USE`
	`ai-service-language-text-classification`	`AI_SERVICE_LANGUAGE_TEXT_CLASSIFICATION_USE`
	`ai-service-language-moderation`	`AI_SERVICE_LANGUAGE_MODERATION_USE`
	`ai-service-language-translation`	`AI_SERVICE_LANGUAGE_TRANSLATION_USE`
	`ai-service-language-pii-entities`	`AI_SERVICE_LANGUAGE_PII_ENTITIES_USE`
	`ai-service-language-project`	`AI_SERVICE_LANGUAGE_PROJECT_INSPECT`
		`AI_SERVICE_LANGUAGE_PROJECT_CREATE`
		`AI_SERVICE_LANGUAGE_PROJECT_READ`
		`AI_SERVICE_LANGUAGE_PROJECT_UPDATE`
		`AI_SERVICE_LANGUAGE_PROJECT_DELETE`
		`AI_SERVICE_LANGUAGE_PROJECT_MOVE`
	`ai-service-language-model`	`AI_SERVICE_LANGUAGE_MODEL_INSPECT` `AI_SERVICE_LANGUAGE_MODEL_CREATE` `AI_SERVICE_LANGUAGE_MODEL_READ` `AI_SERVICE_LANGUAGE_MODEL_UPDATE` `AI_SERVICE_LANGUAGE_MODEL_DELETE` `AI_SERVICE_LANGUAGE_MODEL_MOVE`
	`ai-service-language-endpoint`	`AI_SERVICE_LANGUAGE_ENDPOINT_INSPECT` `AI_SERVICE_LANGUAGE_ENDPOINT_CREATE` `AI_SERVICE_LANGUAGE_ENDPOINT_READ` `AI_SERVICE_LANGUAGE_ENDPOINT_UPDATE` `AI_SERVICE_LANGUAGE_ENDPOINT_DELETE` `AI_SERVICE_LANGUAGE_ENDPOINT_MOVE`
	`ai-service-language-work-request`	`AI_SERVICE_LANGUAGE_WORK_REQUEST_INSPECT` `AI_SERVICE_LANGUAGE_WORK_REQUEST_READ`
	`ai-service-language-job`	`AI-SERVICE-LANGUAGE-JOB-INSPECT` `AI-SERVICE-LANGUAGE-JOB-READ` `AI-SERVICE-LANGUAGE-JOB-CREATE` `AI-SERVICE-LANGUAGE-JOB-UPDATE` `AI-SERVICE-LANGUAGE-JOB-DELETE` `AI-SERVICE-LANGUAGE-JOB-CANCEL` `AI-SERVICE-LANGUAGE-JOB-MOVE`

Permissions Required for Each API Operation

You can use the individual resource types with API calls to interact with the service.

The following table lists the API operations for the Language service in a logical order, grouped by resource type, and the permissions required for resource types:


API Operation	Permissions
BatchDetectDominantLanguage	`AI_SERVICE_DOMINANT_LANGUAGE_USE`
BatchDetectLanguageEntities	`AI_SERVICE_LANGUAGE_ENTITIES_USE`
BatchDetectLanguageKeyPhrases	`AI_SERVICE_LANGUAGE_KEYPHRASES_USE`
BatchDetectLanguageSentiments	`AI_SERVICE_LANGUAGE_SENTIMENTS_USE`
BatchLanguageTranslation	`AI_SERVICE_LANGUAGE_TRANSLATION_USE`
https://docs.oracle.com/iaas/api/#/en/language/20221001/BatchDetectLanguagePiiEntities/BatchDetectLanguagePiiEntities	`AI_SERVICE_LANGUAGE_PII_ENTITIES_USE`
DetectLanguageEntities	`AI_SERVICE_LANGUAGE_ENTITIES_USE`
BatchDetectLanguageTextClassification	`AI_SERVICE_LANGUAGE_TEXT_CLASSIFICATION_USE`
DetectDominantLanguage	`AI_SERVICE_DOMINANT_LANGUAGE_USE`
DetectLanguageEntities	`AI_SERVICE_LANGUAGE_ENTITIES_USE`
DetectLanguageKeyPhrases	`AI_SERVICE_LANGUAGE_KEYPHRASES_USE`
DetectLanguageSentiments	`AI_SERVICE_LANGUAGE_SENTIMENTS_USE`
DetectLanguageTextClassification	`AI_SERVICE_LANGUAGE_TEXT_CLASSIFICATION_USE`
ChangeProjectCompartment	`AI_SERVICE_LANGUAGE_PROJECT_MOVE`
CreateProject	`AI_SERVICE_LANGUAGE_PROJECT_CREATE`
ListProjects	`AI_SERVICE_LANGUAGE_PROJECT_INSPECT`
GetProject	`AI_SERVICE_LANGUAGE_PROJECT_READ`
UpdateProject	`AI_SERVICE_LANGUAGE_PROJECT_UPDATE`
DeleteProject	`AI_SERVICE_LANGUAGE_PROJECT_DELETE`
ChangeModelCompartment	`AI_SERVICE_LANGUAGE_MODEL_MOVE`
CreateModel	`AI_SERVICE_LANGUAGE_MODEL_CREATE`
ListModels	`AI_SERVICE_LANGUAGE_MODEL_INSPECT`
GetModel	`AI_SERVICE_LANGUAGE_MODEL_READ`
UpdateModel	`AI_SERVICE_LANGUAGE_MODEL_UPDATE`
DeleteModel	`AI_SERVICE_LANGUAGE_MODEL_DELETE`
ChangeEndpointCompartment	`AI_SERVICE_LANGUAGE_ENDPOINT_MOVE`
CreateEndpoint	`AI_SERVICE_LANGUAGE_ENDPOINT_CREATE`
ListEndpoint	`AI_SERVICE_LANGUAGE_ENDPOINT_INSPECT`
GetEndpoint	`AI_SERVICE_LANGUAGE_ENDPOINT_READ`
UpdateEndpoint	`AI_SERVICE_LANGUAGE_ENDPOINT_UPDATE`
ChangeEndpoint	`AI_SERVICE_LANGUAGE_ENDPOINT_MOVE`
ListWorkRequests	`AI_SERVICE_LANGUAGE_PROJECT_INSPECT` `AI_SERVICE_LANGUAGE_MODEL_INSPECT` `AI_SERVICE_LANGUAGE_ENDPOINT_INSPECT` `AI_SERVICE_LANGUAGE_WORK_REQUEST_INSPECT`
GetWorkRequest	`AI_SERVICE_LANGUAGE_WORK_REQUEST_READ`
ListWorkRequestErrors	`AI_SERVICE_LANGUAGE_WORK_REQUEST_READ`
ListWorkRequestLogs	`AI_SERVICE_LANGUAGE_WORK_REQUEST_READ`