1. Access Governance Cloud Service
  2. Review
  3. Review Access and Permissions
  4. View Access to Resources

View Access to Resources

Users can check what access they have for themselves or for their direct reports.

My Directs' Access

Managers can view details of the applications, cloud resources, permissions, and roles assigned to their direct reports.

Note:

This feature is not available if you have integrated only OCI IAM, as your target system, with Oracle Access Governance.
To review team access:
  1. In the Oracle Access Governance Console, select Who Has Access to What , and then My Directs' Access from the Navigation Menunavigation menu.
    You navigate to the My Directs' Access page. A list of your direct reports is displayed with the following details:
    • Username
    • First name
    • Last name
    • Email ID
    • Applications
    • Permissions
    • Roles

    You can use Advanced filters to limit the search results of users specific to user attributes, such as an application, a job code, or a location.

  2. To view access privileges assigned to a user, select the Username.
    Details of all permissions assigned to the selected user are displayed, grouped by Roles, Cloud resources, or Application.

My Access

Users can view details of the application, cloud resources, permissions, and roles assigned to themselves.

To review your access:
  1. In the Oracle Access Governance Console, select Who Has Access to What, and then My Access from the Navigation Menu navigation menu.
    You navigate to the My Access page. The count of applications, cloud resources, and roles assigned to you are displayed.

    Details of all permissions assigned to you are displayed, grouped by Role, Cloud resources, or Application. Select a specific option from the Group by drop-down to view access details specific to cloud resources, applications, or roles assigned to you.

    You can search across the list and improve your search results. For example, you can search specific to application, cloud resource, or role attributes, such as grant type, application permission, account name, policy name, privilege, and so on.

For Applications, you can view the following details:
  • Accounts: User account name or user ID
  • Permission: Application permission to perform operations, such as Admin, Viewer, and so on.
  • Grant type: Method of granting access to application. For example, through Access Policy, Direct Provision, Request, or through Role assignment.
  • Date granted: Date on which the application access was granted
  • Granted until: End date, if any, for application access.
For Cloud resources, you can view the following details:
  • Resource name: Name of that resource as defined in the cloud system.
  • Resource type: Individual or family resource type, such as VCNs, subnets, instances, volumes, and so on.
  • Compartment: Compartment name on which that resource is located and access is granted.
  • Policy name: Name of the policy as defined in the cloud system.
  • Privilege: Level of access to perform operations on that resource. For example, Inspect, Read, Write, or Manage
For Roles, you can view the following details:
  • Role name: Logical role name granted for applications along with relevant permissions. For example, Users role granted for JIRA, Confluence, and Figma applications, with Read permissions.
  • Grant type: Method of granting role, such as Direct or through Request.
  • Date granted: Date on which the role was granted.
  • Granted until: End date, if any, for that role.

Enterprise-wide Access

Users with an Administrator role can get a 360-degree view of all the resources and assigned permissions for those resources from the Oracle Access Governance Console.

From the Enterprise-wide Access page, you can view a list of the entire organization's resources and resource types across various systems connected with Oracle Access Governance. You can also fetch which identities are currently assigned to that resource, at what permission level, and how those permissions are assigned or granted (manually or through some policy).

To view a list of available resources:

  1. In the Oracle Access Governance Console, from the Navigation menu navigation menu, select Who Has Access to What , and then Enterprise-wide Access.

    The Enterprise-wide Access page is displayed. You can view the count of resources and resource types available in Oracle Access Governance for your organization.

Search and Sort Resources

Use the Search field to locate the required resources by resource name. You can manage a large set of resources by applying sorting techniques. Use the Sort by drop-down to sort resources by Resource Name or Resource Type and/or use the Sort Direction drop-down to arrange resources alphabetically either in ascending (A-Z) or descending (Z-A) order.

View Resource Details

You can view resource details, such as:
  • Resource Name
  • Resource Type
  • Count of Identities who have access to that resource

Click the resource name to view identity details.

At the top, the resource details page displays the count of identities who can access that resource. Based on the available data ingested into Oracle Access Governance, you can view a complete list of identities and their details, such as identity name, email address, organization, job code, location, manager details, permission level, and how that permission is assigned to the resource.

The pie charts show you the break down of identities having access to the resource based on organization, job-code, or location. Use the Sort by drop-down to sort identities by First Name or Last Name, and/or use the Sort Direction drop-down to arrange identities alphabetically either in ascending (A-Z) or descending (Z-A) order.

Click the CSV icon to export the data in the CSV format.