Create a policy to grant permission to the users in a group to work with Oracle Integration instances within a specified tenancy or compartment.
- Open the navigation menu and click Identity & Security.
Under Identity, click Policies.
- Click Create Policy.
- In the Create Policy window, enter a name (for example,
IntegrationGroupPolicy) and a description.
- In the Policy Builder, select Show manual
editor and enter the required policy statements.
Syntax:
Example: allow group oci-integration-admins
to manage integration-instance in compartment OICCompartment
This policy statement allows the oci-integration-admins
group in the admin domain to manage instance
integration-instance in compartment OICCompartment.
Note
- If you omit the domain name, the default domain is assumed.
-
When defining policy statements, you can specify either verbs (as
used in these steps) or permissions (typically used by power users).
- You can create separate groups for different permissions, such as a group with
read permission only.
-
The read and manage verbs are
most applicable to Oracle Integration. The manage verb has the
most permissions (create, delete,
edit, move, and view).
To learn more about policies, see:
- If desired, you can add a policy to allow members of the group to view message metrics,
as described in View Message Metrics and Billable Messages.
For example:
allow group oci-integration-admins to read metrics in compartment
OICPMCompartment
- Click Create.
The policy statements are validated and syntax errors are
displayed.
This topic applies only to tenancies that do not use identity
domains. See Differences
Between Tenancies With and Without Identity
Domains.