Provide Users With Security Permissions to use Generative AI Models

If you're sourcing generative AI models from Oracle Cloud Infrastructure, provide the user with the appropriate security privileges.

To use OCI Generative AI models from Oracle Analytics (for example, to register models and invoke them in AI functions), an Oracle Analytics administrator must grant the required Oracle Analytics permissions to the appropriate user roles. This is done by assigning the OCI Generative Resource Principal permission to an Oracle Analytics role that end users belong to.

Before you start, confirm that your tenancy is configured with the required OCI IAM policies for OCI Generative AI. See Policies Required to Integrate Oracle Analytics with Generative AI Models.
  1. Log into Oracle Analytics with administrator privileges.
  2. On your home page, click Navigator Navigator icon used to display the Navigator, then click Console.
  3. Click Roles and Permissions.
  4. Navigate to the Permissions tab.
  5. Select Create and Edit Connections to OCI Generative AI with Resource Principal and review which users or application roles have this permission.
    Description of ai-functions-11.png follows
    Description of the illustration ai-functions-11.png

  6. Navigate to the Application Roles tab.
  7. Create a new role or select one of the existing application roles. For example, you might create a role named "BI GenAI Consumer".
  8. In the Apply Permissions list, select Create and Edit Connections to OCI Generative AI with Resource Principal, then click Create.
    Description of ai-functions-12.png follows
    Description of the illustration ai-functions-12.png

  9. Add users or groups to the application role that you just created.
    Description of ai-functions-13.png follows
    Description of the illustration ai-functions-13.png

  10. Save the changes.