Autonomous Database relies on the IAM (Identity and Access Management) service to authenticate and authorize cloud users to perform operations that use any of the Oracle Cloud Infrastructure interfaces (the Console, REST API, CLI, SDK, or others).
The IAM service uses groups, compartments and policies to control which cloud users can access which resources. In particular, a policy defines what kind of access a group of users has to a particular kind of resource in a particular compartment. For more information, see Getting Started with Policies.
In addition to the policies required to provision and manage an Autonomous Database, some network policies are needed to use private endpoints. The following table lists the IAM policies required for a cloud user to add a private endpoint.
Note:The listed policies are the minimum requirements to add a private endpoint. You can also use a policy rule that is broader. For example, if you set the policy rule:
Allow group MyGroupName to manage virtual-network-family in tenancy
This rule also works because it is a superset that contains all the required policies.
|Operation||Required IAM Policies|
Configure a private endpoint
See Common Policies for more information.