4 Security Manager
- Create and manage user groups.
- Configure security authorization levels, policies and privileges for user groups.
- Provide specific access controls for individual user groups, views, and operations.
- Limit access to specific features and functionality for specific users.
- Configure audit log parameters.
Configure User Groups
A user group is a logical construct that the Oracle® Session Delivery Management Cloud ( Oracle SDM Cloud) uses to specify the authorization privileges that users assigned to certain groups inherit. Oracle SDM Cloud automatically adds the roles directly to the user roles on the Identity and Access Management (IAM) portal.
- Administrators
- Provisioners
- Monitors
While you cannot modify the default User Groups, you can add and modify customized User Groups to create your own authorization policies. When you add a new User Group, Oracle SDM Cloud automatically adds the group to your IAM.
Note:
Do not add a new role to your Oracle SDM Cloud application through IAM. If you require a new role on the Oracle SDM Cloud application, add a new group using Security Manager in Oracle SDM Cloud.
Add a User Group
Once you've added a new user group in the Oracle® Session Delivery Management Cloud (Oracle SDM Cloud), which will appear as a new role in Identity and Access Management (IAM) and Access Management (IAM). Once you have assigned a user to a role, that user will inherit the group-based privileges.
Apply or Change User Group Privileges
You can apply privileges to user groups that you add to allow or deny all users within this user group the ability to perform certain operations. This includes items intended for use with separate Oracle SDM Cloud managers. For the default administrators, provisioners, and monitor user groups, only device group privileges can be changed.
User group privileges that are assigned to the administrators user groups inherit most of the same access privileges.
All user group privileges that are available through Oracle SDM Cloud are described in the following sections.
Audit Logs
You can use the audit log (containing audit trails) generated by Oracle SDM Cloud to view performed operations information, which includes the time these operations were performed, whether they were successful, and who performed them when they were logged into the system.
Note:
Audit logs contain different information depending on the feature functionality.Audit trails include the following information:
- The user who performed the operation.
- What operation was performed by the user.
- When the operation was performed by the user.
- Whether the operation performed by the user was successful or failed.
View and Save an Audit Log
The audit log tracks user-initiated events. The following list describes some examples of user events that are audit logged in Oracle SDM Cloud:
- User logins and logouts.
- Managed devices are added.
- Device groups are added.
- Oracle Communications Session Delivery products are loaded.
- An element is added, deleted, or modified.
- A device is rebooted.
- Configurations are saved or activated.
IAM
- Oracle SDM Cloud FQDN
- Oracle SDM Cloud Tenant ID
- IDCS FQDN
- IDCS Tenant ID
- Management Cloud Engine (MCE) IDCS client ID
- MCE IDCS client secret
This information is required as input when installing and setting up the MCE on-premises. For more information, see the Oracle SDM Cloud Installation Guide.