Prerequisites and Permissions

Exadata Database Service on Cloud@Customer Service Permissions

To enable Ops Insights for Exadata Database Service on Cloud@Customer, ensure the following required policies are enabled:
  • User policies:
    • allow group {name} to read database-family in compartment {compartment}
    • allow group {name} to read dbmgmt-family in compartment {compartment}
      Note

      This compartment should be the highest level compartment where Exadata-related resources are located; this policy can also be written at a tenancy-level.
    • allow group {group} to read secret-family in compartment {compartment} where any { target.vault.id = 'VaultOCID' }
  • OPSI policies:
    • allow any-user to read secret-family in tenancy where ALL{request.principal.type='opsidatabaseinsight',target.vault.id = 'VaultOCID'}
    • Allow any-user to read database-family in compartment {compartment} where ALL{request.principal.type = 'opsiexadatainsight'}

For more information on specific Exadata Database Service on Cloud@Customer service resource-types and permissions, see Details for Exadata Cloud Service Instances.

Exadata Database Service on Cloud@Customer Service Prerequisites