Details for the Email Service
This topic covers details for writing policies to control access to the Email service.
Resource-Types
approved-senders
suppressions
Supported Variables
The Email Service supports all the general variables (see General Variables for All Requests), plus the ones listed here.
The approved-senders
resource type can use the following variables:
Variable | Variable Type | Comments |
---|---|---|
target.approved-sender.id
|
Entity (OCID) | |
target.approved-sender.emailaddress
|
String | Use this variable with the APPROVED_SENDER_USE permissions only. |
Details for Verb + Resource-Type Combinations
The following tables show the permissions and API operations covered by each verb. The level of access is cumulative as you go from inspect
> read
> use
> manage
. A plus sign (+) in a table cell indicates incremental access compared to the cell directly above it, whereas "no extra" indicates no incremental access.
For example, the use
verb for the suppressions
resource-type covers no extra permissions or API operations compared to the read
verb.
Verbs | Permissions | APIs Fully Covered | APIs Partially Covered |
---|---|---|---|
inspect | APPROVED_SENDER_INSPECT |
ListSenders
|
none |
read | INSPECT + APPROVED_SENDER_READ |
GetSender
|
None |
use | READ + APPROVED_SENDER_USE |
SmtpSend
|
None |
manage | USE + APPROVED_SENDER_CREATE APPROVED_SENDER_DELETE APPROVED_SENDER_UPDATE APPROVED_SENDER_MOVE |
|
none |
Verbs | Permissions | APIs Fully Covered | APIs Partially Covered |
---|---|---|---|
inspect | SUPPRESSION_INSPECT |
|
none |
read | INSPECT + SUPPRESSION_READ |
GetSuppression
|
None |
use | No extra |
None |
None |
manage | USE + SUPPRESSION_CREATE SUPPRESSION_DELETE |
|
none |
Permissions Required for Each API Operation
The following table lists the API operations in a logical order, grouped by resource type.
For information about permissions, see Permissions.
API Operation | Permissions Required to Use the Operation |
---|---|
ListSenders
|
APPROVED_SENDER_INSPECT |
GetSender
|
APPROVED_SENDER_READ |
CreateSender
|
APPROVED_SENDER_CREATE |
DeleteSender
|
APPROVED_SENDER_DELETE |
MoveSender
|
APPROVED_SENDER_MOVE |
SmtpSend
|
APPROVED_SENDER_USE |
ListSuppression
|
SUPPRESSION_INSPECT |
GetSuppression
|
SUPPRESSION_READ |
CreateSuppression
|
SUPPRESSION_CREATE |
DeleteSuppression
|
SUPPRESSION_DELETE |