Setting Up Users, Groups, and Policies Using Identity and Access Management

Oracle NoSQL Database Cloud Service uses Oracle Cloud Infrastructure Identity and Access Management (IAM) to provide secure access to Oracle Cloud. Oracle Cloud Infrastructure IAM enables you to create user accounts and give users permission to inspect, read, use, or manage tables.

  1. Sign in to your Cloud Account as Cloud Account Administrator.
  2. In Oracle Cloud Infrastructure Console, add one or more users.
    1. Open the navigation menu and click Identity & Security. Under Identity, click Users.
      Create Users in OCI Using IAM

    2. Click Create User.
    3. Enter details about the user, and click Create.
  3. In Oracle Cloud Infrastructure Console, create an OCI group.
    1. Open the navigation menu and click Identity & Security. Under Identity, click Groups.
    2. Click Create Group.
    3. Enter details about the group.
      For example, if you're creating a policy that gives users permissions to fully manage Oracle NoSQL Database Cloud Service tables you might name the group nosql_service_admin (or similar) and include a short description such as "Users with permissions to set up and manage Oracle NoSQL Database Cloud Service tables on Oracle Cloud Infrastructure" (or similar).
  4. Create a policy that gives users belonging to an OCI group, specific access permissions to Oracle NoSQL Database Cloud Service tables or compartments.
    1. Open the navigation menu and click Identity & Security. Under Identity, click Policies.
    2. Select a compartment, and click Create Policy.

      For details and examples, see Oracle NoSQL Database Cloud Service Policies Reference and Typical Policy Statements to Manage Tables.

      If you're unfamiliar about how policies work, see How Policies Work.

  5. To manage and use NoSQL tables via Oracle NoSQL Database Cloud Service SDKs, the user must set up the API keys. See Acquiring Credentials.

    Note:

    Federated users can also manage and use Oracle NoSQL Database Cloud Service tables. This requires the service administrator to set up the federation in Oracle Cloud Infrastructure Identity and Access Management. See Federating with Identity Providers.
Users belonging to any groups mentioned in the policy statement get their new permission when they next sign in to the Console.