1. Getting Started with Oracle Enterprise Performance Management Cloud for Administrators
  2. Managing EPM Cloud Users and Roles
  3. Using Identity Cloud Service Groups to Assign Predefined Roles to Users in Oracle Cloud Console (IAM) (for OCI (Gen 2) only)

Using Identity Cloud Service Groups to Assign Predefined Roles to Users in Oracle Cloud Console (IAM) (for OCI (Gen 2) only)

In OCI (Gen 2) environments, you can use Identity groups to assign predefined roles to multiple Oracle Enterprise Performance Management Cloud users. Since Identity groups can be synced with identity provider (IdP) groups (such as Azure AD groups), you can even add individual users to IdP groups and assign the predefined roles to these groups in Oracle Cloud Console (IAM).

Note:

Renaming an IDCS group is functionally equal to deleting it and creating a new one.

Create Group and Add Users

  1. Sign into Oracle Cloud Console (IAM) as an Identity Domain Administrator. See Accessing the Oracle Cloud Console (IAM).
  2. Click Groups under Identity Domain.
    Click groups under identity domain
  3. On Groups page, click Create group and enter group information.
  4. To add users to the group, select the check box for each user that you want to add to the group.

    To search for a user, click the text box, enter all or part of the beginning of the user name, first name, or last name of the user, and then press Enter.
    Create group

  5. Click Create to create this group.

    The new group is now added in the Groups page.

Assign Groups to Predefined Role

  1. Click Oracle Cloud Services under Identity Domain.

    A list of available environments is displayed.
    Select environment

  2. Click the name of the EPM Cloud environment for which you want to assign predefined roles to users.
  3. Click Application Roles.

    All predefined roles (Application Roles on UI) are displayed.

  4. Select the menu next to the predefined role that you want to assign.
    Assign groups to predefined role
  5. Click Manage next to Assigned groups.
  6. Click Show available groups.
    Show available groups
  7. Select the groups you want to assign to the current predefined role, and then click Assign.

    To search for a user, click the text box, enter all or part of the beginning of the user name, first name, or last name of the user, and then press Enter.

  8. All members of this group will be assigned the predefined role. To confirm, click Manage next to Assigned users.

    The users assigned to the predefined role get listed.

When you clone an environment with the option to clone users and predefined roles, the cloned users on the target environment will have the predefined roles assigned to them directly, even if they are assigned through IDCS groups. See Cloning EPM Cloud Environments in Administering Migration for Oracle Enterprise Performance Management Cloud.