Setting Up Users, Groups, and Policies

Oracle NoSQL Database Cloud Service uses Oracle Cloud Infrastructure Identity and Access Management to provide secure access to Oracle Cloud. Oracle Cloud Infrastructure Identity and Access Management enables you to create user accounts and give users permission to inspect, read, use, or manage tables.

  1. Sign-in to your Cloud Account as Cloud Account Administrator.
  2. In Oracle Cloud Infrastructure Console, add one or more users.
    1. Under Governance and Administration, click Identity, then Users.
    2. Click Create User.
    3. Enter details about the user, and click Create.
  3. In Oracle Cloud Infrastructure Console, create an OCI group.
    1. Under Governance and Administration, click Identity, then Groups.
    2. Click Create Group.
    3. Enter details about the group.
      For example, if you're creating a policy that gives users permissions to fully manage Oracle NoSQL Database Cloud Service tables you might name the group nosql_service_admin (or similar) and include a short description such as "Users with permissions to set up and manage Oracle NoSQL Database Cloud Service tables on Oracle Cloud Infrastructure" (or similar).
  4. Create a policy that gives users belonging to an OCI group, specific access permissions to Oracle NoSQL Database Cloud Service tables or compartments.
    1. Under Governance and Administration, click Identity, then Policies.
    2. Select a compartment, and click Create Policy.

      For details and examples, see Policy Reference and Typical Policy Statements to Manage Tables.

      If you're unfamiliar about how policies work, see How Policies Work.

  5. To manage and use NoSQL tables via Oracle NoSQL Database Cloud Service SDKs, the user must set up the API keys. See Acquiring Credentials.

    Note:

    Federated users can also manage and use Oracle NoSQL Database Cloud Service tables. This requires the service administrator to set up the federation in Oracle Cloud Infrastructure Identity and Access Management. See Federating with Identity Providers.
Users belonging to any groups mentioned in the policy statement get their new permission when they next sign in to the Console.