Define Policies

This topic provides information on defining policies for Oracle Health Connection Hub.

To define policies:
  1. Access the Policies service in your Oracle Cloud Console.
  2. Add the following policies for the Connection Hub Service Manager role:
    • allow group ohai-ohch-service-manager to manage ohch-service-family in tenancy
    • allow group ohai-ohch-service-manager to use cdexhub-provider-family in tenancy
    • allow group ohai-ohch-service-manager to use cdexhub-data-sharing-family in tenancy
    • allow group ohai-ohch-service-manager to read cdexhub-payer-directory-entry in tenancy
    • allow group ohai-ohch-service-manager to read cdexhub-payer-health-plan in tenancy
    • allow group ohai-ohch-service-manager to manage users in tenancy where target.resource.domain.name = 'Default'
    • allow group ohai-ohch-service-manager to use groups in tenancy where target.resource.domain.name = 'Default'
    • allow group ohai-ohch-service-manager to read audit-events in tenancy
    • allow group ohai-ohch-service-manager to inspect organizations-subscriptions in tenancy
    • allow group ohai-ohch-service-manager to read organizations-assigned-subscriptions in tenancy
  3. Add the following policies for the Clinical Data Exchange Administrator role:
    • allow group ohai-ohch-cdex-administrator to manage ohch-cdex-service in tenancy
    • allow group ohai-ohch-cdex-administrator to read cdexhub-provider-family in tenancy
    • allow group ohai-ohch-cdex-administrator to use cdexhub-data-sharing-family in tenancy
    • allow group ohai-ohch-cdex-administrator to read cdexhub-payer-directory-entry in tenancy
    • allow group ohai-ohch-cdex-administrator to read cdexhub-payer-health-plan in tenancy
    • allow group ohai-ohch-cdex-administrator to use users in tenancy where target.resource.domain.name = 'Default'
    • allow group ohai-ohch-cdex-administrator to use groups in tenancy where target.resource.domain.name = 'Default'
    • allow group ohai-ohch-cdex-administrator to read audit-events in tenancy
    • allow group ohai-ohch-cdex-administrator to inspect organizations-subscriptions in tenancy
    • allow group ohai-ohch-cdex-administrator to read organizations-assigned-subscriptions in tenancy
  4. Add the following policies for the Oracle Health Information Network Administrator role:
    • allow group ohai-ohch-ohin-administrator to manage ohch-ohin-service in tenancy
    • allow group ohai-ohch-cdex-administrator to read cdexhub-provider-family in tenancy
    • allow group ohai-ohch-ohin-administrator to use users in tenancy where target.resource.domain.name = 'Default'
    • allow group ohai-ohch-ohin-administrator to use groups in tenancy where target.resource.domain.name = 'Default'
    • allow group ohai-ohch-ohin-administrator to read audit-events in tenancy
    • allow group ohai-ohch-ohin-administrator to inspect organizations-subscriptions in tenancy
    • allow group ohai-ohch-ohin-administrator to read organizations-assigned-subscriptions in tenancy
Once the applicable user groups and policies are defined, assign the Connection Hub Service Manager role to the applicable staff members.
See Managing Policies on Oracle Help Center for more information.

Parent topic: Set Up User Groups and Policies