4 Identity and Access Management Overview

The Identity and Access Management service (IAM) lets you control who has access to the cloud resources within your tenancies. It is the task of a tenancy administrator to control what type of access a user group has, and to which specific resources that access applies. The responsibility to manage and maintain access control can be delegated to other privileged users, for instance by granting them full access to a subcompartment of the tenancy.

Appliance administrator accounts are managed separately and provide access to appliance administration functions. This functionality is not related to the tenancy-level IAM service. For more information, refer to the section Administrator Access.

In addition to users, instance principals also have authorization to manage resources. See Instance Principals.