Oracle Cloud Infrastructure Documentation

Individual Resource-Types

Use individual resource-types to control access to MySQL HeatWave Service resources.

mysql-instances

Use instance-specific policies of MySQL HeatWave Service to view and manage the DB systems.

Table 20-6 INSPECT

Permission APIs Fully Covered APIs Partially Covered

MYSQL_INSTANCE_INSPECT

ListDbSystems

ListReplicas

ListShapes

ListVersions

ListWorkRequests

 None

Table 20-7 READ

Permission APIs Fully Covered APIs Partially Covered

MYSQL_INSTANCE_READ

GetDbSystem

GetReplica

GetWorkRequest

 None

Table 20-8 USE

Permission APIs Fully Covered APIs Partially Covered

MYSQL_INSTANCE_USE

StopDbSystem

StartDbSystem

RestartDbSystem

StopHeatWaveCluster

StartHeatWaveCluster

RestartHeatWaveCluster

CreateChannel (also requires MYSQL_CHANNEL_CREATE and MYSQL_INSTANCE_CONTENT_WRITE)

UpdateChannel (also requires MYSQL_CHANNEL_UPDATE and MYSQL_INSTANCE_CONTENT_WRITE)

ResetChannel (also requires MYSQL_CHANNEL_RESET and MYSQL_INSTANCE_CONTENT_WRITE)

ResumeChannel (also requires MYSQL_CHANNEL_RESUME)

DeleteChannel (also requires MYSQL_CHANNEL_DELETE and MYSQL_INSTANCE_CONTENT_WRITE)

AddHeatWaveCluster (also requires MYSQL_HEATWAVE_CREATE)

DeleteHeatWaveCluster (also requires MYSQL_HEATWAVE_DELETE)

UpdateHeatWaveCluster (also requires MYSQL_HEATWAVE_CREATE and MYSQL_HEATWAVE_DELETE)

MYSQL_INSTANCE_STOP

StopDbSystem

StopHeatWaveCluster

RestartDbSystems (also requires MYSQL_INSTANCE_START)

RestartHeatWaveCluster (also requires MYSQL_INSTANCE_START)

MYSQL_INSTANCE_START

StartDbSystem

StartHeatWaveCluster

RestartDbSystems (also requires MYSQL_INSTANCE_STOP)

RestartHeatWaveCluster (also requires MYSQL_INSTANCE_STOP)

Table 20-9 MANAGE

Permission APIs Fully Covered APIs Partially Covered

MYSQL_INSTANCE_CREATE

 None

CreateDbSystem (also requires SUBNET_ATTACH, SUBNET_READ, SUBNET_DETACH, MYSQL_CONFIGURATIONS_READ if a custom configuration is used, and MYSQL_BACKUP_READ if it is a clone operation)

CreateReplica (also requires SUBNET_ATTACH, SUBNET_READ, SUBNET_DETACH, and MYSQL_CONFIGURATIONS_READ if a custom configuration is used)

MYSQL_INSTANCE_DELETE

DeleteDbSystem (also requires MYSQL_CHANNEL_DELETE if a replication channel is associated with the DB System)

DeleteReplica

DeleteHeatWaveCluster

 None

MYSQL_INSTANCE_UPDATE
UpdateDbSystem
  • Also requires MYSQL_CONFIGURATIONS_READ if the configuration is updated to use a custom configuration
  • Also requires PRIVATE_IP_UPDATE if the Hostname is updated

UpdateReplica (also requires MYSQL_CONFIGURATIONS_READ if the configuration is updated to use a custom configuration)

None

MYSQL_INSTANCE_CONTENT_WRITE

 None

CreateChannel (also requires MYSQL_CHANNEL_CREATE and MYSQL_INSTANCE_USE)

UpdateChannel (also requires MYSQL_CHANNEL_UPDATE and MYSQL_INSTANCE_USE)

ResetChannel (also requires MYSQL_CHANNEL_RESET and MYSQL_INSTANCE_USE)

DeleteChannel (also requires MYSQL_CHANNEL_DELETE and MYSQL_INSTANCE_USE)

MYSQL_INSTANCE_CONTENT_READ

 None

GetHeatWaveClusterMemoryEstimate (also requires MYSQL_HEATWAVE_USE)

GenerateHeatWaveClusterMemoryEstimate (also requires MYSQL_HEATWAVE_USE)

mysql-configurations

Use configuration-specific policies of MySQL HeatWave Service to view and manage the configurations.

Table 20-10 INSPECT

Permission APIs Fully Covered APIs Partially Covered
MYSQL_CONFIGURATIONS_INSPECT ListConfigurations None

Table 20-11 READ

Permission APIs Fully Covered APIs Partially Covered
MYSQL_CONFIGURATIONS_READ GetConfiguration CreateConfiguration if copying from a custom configuration (also requires MYSQL_CONFIGURATIONS_CREATE)

Table 20-12 USE

Permission APIs Fully Covered APIs Partially Covered
MYSQL_CONFIGURATIONS_UPDATE UpdateConfiguration None

Table 20-13 MANAGE

Permission APIs Fully Covered APIs Partially Covered
MYSQL_CONFIGURATIONS_CREATE CreateConfiguration CreateConfiguration (also requires MYSQL_CONFIGURATIONS_READ if copying from a custom configuration)
MYSQL_CONFIGURATIONS_DELETE DeleteConfiguration None

mysql-backups

Use backup-specific policies of MySQL HeatWave Service to view and manage the backups.

Table 20-14 INSPECT

Permission APIs Fully Covered APIs Partially Covered
MYSQL_BACKUP_INSPECT ListBackups None

Table 20-15 READ

Permission APIs Fully Covered APIs Partially Covered
MYSQL_BACKUP_READ GetBackup CopyBackup (also requires MYSQL_BACKUP_COPY in the source region and MYSQL_BACKUP_CREATE in the destination region)

Table 20-16 USE

Permission APIs Fully Covered APIs Partially Covered
MYSQL_BACKUP_COPY CopyBackup (also requires MYSQL_BACKUP_READ in the source region and MYSQL_BACKUP_CREATE in the destination region) None
MYSQL_BACKUP_UPDATE UpdateBackup

CancelDeletion

ValidateBackup

 None
Note

The aggregate resource type mysql-family does not include the MYSQL_BACKUP_COPY permission.

Table 20-17 MANAGE

Permission APIs Fully Covered APIs Partially Covered
MYSQL_BACKUP_CREATE CreateBackup CopyBackup (also requires MYSQL_BACKUP_READ and MYSQL_BACKUP_COPY in the source region)
MYSQL_BACKUP_DELETE DeleteBackup None
MYSQL_BACKUP_MOVE ChangeBackupCompartment None

mysql-channels

Use channel-specific policies of MySQL HeatWave Service to view and manage the replication channels.

Table 20-18 INSPECT

Permission APIs Fully Covered APIs Partially Covered

MYSQL_CHANNEL_INSPECT

ListChannels

 None

Table 20-19 READ

Permission APIs Fully Covered APIs Partially Covered

MYSQL_CHANNEL_READ

GetChannel

 None

Table 20-20 USE

Permission APIs Fully Covered APIs Partially Covered

MYSQL_CHANNEL_RESUME

 None

ResumeChannel (also requires MYSQL_INSTANCE_USE)

Table 20-21 MANAGE

Permission APIs Fully Covered APIs Partially Covered

MYSQL_CHANNEL_CREATE

 None

CreateChannel (also requires MYSQL_INSTANCE_USE and MYSQL_INSTANCE_CONTENT_WRITE)

MYSQL_CHANNEL_DELETE

 None

DeleteChannel (also requires MYSQL_INSTANCE_USE and MYSQL_INSTANCE_CONTENT_WRITE)

MYSQL_CHANNEL_UPDATE

 None

UpdateChannel (also requires MYSQL_INSTANCE_USE and MYSQL_INSTANCE_CONTENT_WRITE)

MYSQL_CHANNEL_RESET

 None

ResetChannel (also requires MYSQL_INSTANCE_USE and MYSQL_INSTANCE_CONTENT_WRITE)

mysql-heatwave

Use HeatWave cluster policies of MySQL HeatWave Service to view and manage HeatWave cluster.

Table 20-22 READ

Permission APIs Fully Covered APIs Partially Covered

MYSQL_HEATWAVE_READ

GetHeatWaveCluster

 None

Table 20-23 USE

Permission APIs Fully Covered APIs Partially Covered
MYSQL_HEATWAVE_USE

StopHeatWaveCluster

StartHeatWaveCluster

RestartHeatWaveCluster

GetHeatWaveClusterMemoryEstimate (also requires MYSQL_INSTANCE_CONTENT_READ)

GenerateHeatWaveClusterMemoryEstimate (also requires MYSQL_INSTANCE_CONTENT_READ)

Table 20-24 MANAGE

Permission APIs Fully Covered APIs Partially Covered
MYSQL_HEATWAVE_CREATE None

AddHeatWaveCluster (also requires MYSQL_INSTANCE_USE)

UpdateHeatWaveCluster (also requires MYSQL_INSTANCE_USE and MYSQL_HEATWAVE_DELETE)

MYSQL_HEATWAVE_DELETE None

DeleteHeatWaveCluster (also requires MYSQL_INSTANCE_USE)

UpdateHeatWaveCluster (also requires MYSQL_INSTANCE_USE and MYSQL_HEATWAVE_CREATE)

MYSQL_HEATWAVE_START StartHeatWaveCluster RestartHeatWaveCluster (also requires MYSQL_HEATWAVE_STOP)
MYSQL_HEATWAVE_STOP StopHeatWaveCluster RestartHeatWaveCluster (also requires MYSQL_HEATWAVE_START)

mysql-work-requests

Use work request-specific policies of MySQL HeatWave Service to manage the work requests.

Table 20-25 INSPECT

Permission APIs Fully Covered APIs Partially Covered
MYSQL_INSTANCE_WORK_REQUEST_INSPECT ListWorkRequests None

Table 20-26 READ

Permission APIs Fully Covered APIs Partially Covered
MYSQL_INSTANCE_WORK_REQUEST_READ GetWorkRequest None

Table 20-27 MANAGE

Permission APIs Fully Covered APIs Partially Covered
MYSQL_INSTANCE_WORK_REQUEST_DELETE None None