Threat Intelligence IAM Policies
This topic covers details for writing policies to control access to Oracle Cloud Infrastructure Threat Intelligence.
All Threat Intelligence resources are scoped to your entire tenancy (the root compartment).
In IAM policies, threat types are referred to as labels. For example, to view threat types you must have permission to read labels.
Resource Types
The following resource types are related to Threat Intelligence.
Individual Resource Types
threatlabel
Aggregate Resource Types
threat-intel-family
A policy that uses <verb> threat-intel-family is equivalent to writing one with a separate <verb>
<individual resource-type> statement for each of the individual Threat Intelligence resource types.
Supported Variables
Threat Intelligence IAM policies support all the general policy variables.
Details for Verb + Resource-Type Combinations
For each resource type, identify the permissions and API operations covered by each verb.
| Verbs | Permissions | APIs Fully Covered | APIs Partially Covered |
|---|---|---|---|
read |
TI_THREAT_READ |
|
none |
| Verbs | Permissions | APIs Fully Covered | APIs Partially Covered |
|---|---|---|---|
read |
TI_LABEL_READ |
ListLabels |
none |
Permissions Required for Each API Operation
The following table lists the API operations in a logical order, grouped by resource type.
For more information about permissions, see Permissions.
| API Operation | Permissions Required to Use the Operation |
|---|---|
ListIndicators |
TI_THREAT_READ |
GetIndicator |
TI_THREAT_READ |
ListIndicatorTypes |
TI_THREAT_READ |
GetIndicatorSummaryCounts |
TI_THREAT_READ |
ListLabels |
TI_LABEL_READ |
Policy Examples
Learn about Threat Intelligence IAM policies using examples.
Allow group SecurityAdmins to read threat-intel-family in tenancy