The following example allows a group of users to administer all aspects of DR operations in the entire tenancy.

Allow group DRUberAdmins to manage disaster-recovery-family in tenancy

These policy statements allow the group DRUberAdmins to be superusers for all disaster recovery operations.

The following example allows a group of users to create DR configurations and execute prechecks.

Allow group DRMonitors to manage disaster-recovery-protection-groups in compartment ApplicationERP
Allow group DRMonitors to manage disaster-recovery-plans in compartment ApplicationERP
Allow group DRMonitors to manage disaster-recovery-prechecks in compartment ApplicationERP

These policy statements allow the group DRMonitors to create DR configurations and plans, and also execute prechecks but not actually execute DR operations. This ability is limited to just the ApplicationERP compartment.

The following example allows a group of users to create DR configurations in a specific compartment.

Allow group DRConfig to manage disaster-recovery-protection-groups in compartment ApplicationERP 
Allow group DRConfig to manage disaster-recovery-plans in compartment ApplicationERP

These policy statements allow the group DRConfig to create DR configurations and plans only but not execute any DR operations. This ability is limited to one compartment.