IAM Policy Details for Oracle Integration
This topic covers details for writing policies to control access to Oracle Integration.
Resource Types
These are the resources available for Oracle Integration:
- integration-instance
Supported Variables
The integration-instance resource type can use the following variables.
| Supported Variables | Variable | Variable Type | Description |
|---|---|---|---|
|
Required Variables Supplied by the Service for Every Request |
|
ENTITY | The OCID of the primary resource for the request. |
|
STRING | The operation id (for example 'GetUser') for the request. | |
|
STRING | The resource kind name of the primary resource for the request. | |
|
Automatic Variables Supplied by the SDK for Every Request |
|
ENTITY | For user-initiated requests. The OCID of the calling user. |
|
LIST(ENTITY) | For user-initiated requests. The OCIDs of the groups of request.user.id.
|
|
|
STRING | The name of the compartment specified in target.compartment.id. |
|
|
ENTITY | The OCID of the target tenant id. | |
| Additional Variables for Oracle Integration | |
ENTITY | The OCID of the Oracle Integration instance that was created. |
Details for Verb + Resource-Type Combinations
The following table shows the permissions and API operations covered by each verb. The level of access is cumulative as you go from inspect > read > use > manage.
| Verb | Permissions | APIs Fully Covered | APIs Partially Covered |
|---|---|---|---|
| INSPECT |
|
|
None |
| READ |
|
|
None |
| USE |
|
|
None |
| MANAGE |
|
|
None |
Permissions Required for Each API Operation
| API Operation | Permissions Required to Use the Operation |
|---|---|
|
ListIntegrationInstances |
|
|
GetIntegrationInstance |
|
|
CreateIntegrationInstance |
|
|
DeleteIntegrationInstance |
|
|
UpdateIntegrationInstances |
|
|
StartIntegrationInstance |
|
|
StopIntegrationInstance |
|
|
ListWorkRequests |
|
|
GetWorkRequest |
|
|
ChangeIntegrationCompartment |
|