Beginning in December, 2023, Cloud Advisor supports a new dedicated IAM policy that improves data security and safeguards resource metadata using granular permissions to support compartment and resource based security policies. These permissions are granted to users at the compartment level rather than the tenancy level as was previously done.

Users can now conditionally request resource information such as current compute instance shape, object storage namespace, size of boot volume, and more. This allows administrators to restrict viewing this resource information by using an IAM policy to tailor access to resource metadata by specific resource types, compartments, and recommendations. The new policy is optional for Cloud Advisor APIs that provide resource metadata.

For more information, see Cloud Advisor Additional Required Permissions.