2.1.3.3 Creating a New User Group

Create groups to manage user access to applications and resources.

To create a user group :

1. In the IAM Console, select Domains (Identity domain) to view the list existing domains.
2. Click the required Domain Name, to access the Domain Details page.

   Note:

   If you are using a custom domain, select the custom domain name before proceeding with the steps below. For more information, see the Creating Custom Domain section.
3. On the details page, perform one of the following actions depending on the option that you see:
   • Select the User management tab, and then go to the Groups section of the tab.
   • Under Identity domain on the left side of the page, select Groups.
4. Under Groups select Create group.
5. Enter the Group Name and the Group Description.
6. Select User can request access, to allow users to request access to this group.
7. To add users to the group while creating the group, select the checkbox for each user that you want to add to the group.

   Note:

   To search for a user, select the text box, enter all or part of the beginning of the username, first name, or last name of the user, and then press Enter.

8. (Optional) In the Tags section, add one or more tags to the group. If you have permissions to create a resource, then you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. If you're not sure whether to apply tags, skip this option or ask an administrator. You can apply tags later.
9. Click Create to create the new user group with the selected users.

After creating the user group, you must assign various permissions to the group, using one of the following methods:

• Write at least one policy to give group permission to either the tenancy or a compartment. While writing the policy, specify the group using the unique group name or the group's OCID.
• Assign the group to an application.