Oracle Cloud Infrastructure Documentation

Creating a Policy

On Private Cloud Appliance, a policy must have at least one policy statement. You can't create an empty policy and add statements later.

Decide what you want your policy to allow, and see Policy Statements to design the necessary statements.

    1. In the Compute Web UI navigation menu, select Identity, then select Policies.

    2. Select Create Policy.

    3. Enter the following information:

      • Name: The policy name. Policy names have the following characteristics:

        • Must be unique within the tenancy.

        • Are case insensitive.

        • Can't be changed later.

        • Can be no more than 100 characters.

        • Can't include spaces. Can include only letters, numbers, hyphens, periods, or underscores.

        • Avoid entering confidential information.

      • Description: A description for the policy. This description can be no more than 400 characters.

      • Create in Compartment: Select the compartment where you want to attach this policy. The policy will apply to this compartment and all child compartments of this compartment.

      • Statements: Enter a policy statement. For information about how to write policy statements, see Policy Statements.

        To add a second policy statement, select the +Another Statement button. You can enter up to 50 statements. If you create more than one policy statement, you can select the X button next to a statement to delete that statement.

      • Tagging: (Optional) Add defined or free-form tags for this policy as described in Adding Tags at Resource Creation. Tags can also be applied later.

    4. Select Create Policy.

      The details page for the new policy is displayed. The Resources section of the page shows the policy statements.

  • Use the oci iam policy create command and required parameters to create a policy.

    oci iam policy create -c compartment_OCID --name text --description "text" \
{ --statements '["statement","statement"]' | --statements file://policy.json } [OPTIONS]

    The compartment_OCID is the compartment where you want to attach this policy.

    This command returns the same output as the policy get command.

    For a complete list of CLI commands, flags, and options, see the Command Line Reference.

  • Use the CreatePolicy operation to create a policy.

    For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.