Create a Delegated Administrator

Oracle Data Safe administrators can create delegated administrators that can manage user access to Oracle Data Safe resources and functionality in compartments.

  1. Sign in to Oracle Cloud Infrastructure as a tenancy administrator and grant a user group at least the inspect permission on user groups in the tenancy.

    For example, a tenancy administrator could write the following policy to allow a user group called A-Admins to view the list of user groups in the tenancy:

    Allow group A-Admins to inspect groups in tenancy
  2. Sign in to the Oracle Data Safe Console as an Oracle Data Safe administrator and create an authorization policy that grants at least one of the following pivileges for a particular compartment:
    • AdministerMasking
    • AdministerAudit
    • AdministerAssessment
    • AdministerAll

    On the Authorization Policies tab in the Oracle Data Safe Console, the word manage is used to indicate one of these privileges for a feature.