Create a policy to grant permission to the users in a group to work with Oracle Integration instances within a specified tenancy or compartment.
- Open the navigation menu and click Identity & Security.
Under Identity, click Policies.
- Click Create Policy.
- In the Create Policy window, enter a name (for example,
IntegrationGroupPolicy
) and a description.
- In the Policy Builder, select Show manual
editor and enter the required policy statements.
Syntax:
Example: allow group oci-integration-admins
to manage integration-instance in compartment OICCompartment
This policy statement allows the oci-integration-admins
group in the admin
domain to manage
instance
integration-instance
in compartment OICCompartment
.
Note
- If you omit the domain name, the default domain is assumed.
-
When defining policy statements, you can specify either verbs (as
used in these steps) or permissions (typically used by power users).
- You can create separate groups for different permissions, such as a group with
read
permission only.
-
The read
and manage
verbs are
most applicable to Oracle Integration. The manage
verb has the
most permissions (create
, delete
,
edit
, move
, and view
).
To learn more about policies, see:
- If desired, you can add a policy to allow members of the group to view message metrics,
as described in View Message Metrics and Billable Messages.
For example:
allow group oci-integration-admins to read metrics in compartment
OICPMCompartment
- Click Create.
The policy statements are validated and syntax errors are
displayed.