13 OCI Policies Needed for Creating Oracle GoldenGate Marketplace Instances
The following OCI policies are required for creating Oracle GoldenGate Market Place instances:
- Allow group <ggowner> to manage instance-family in compartment <Compartment Name>
- Allow group <ggowner> to manage orm-family in compartment <Compartment Name>
- Allow group <ggowner> to manage volume-family in compartment <Compartment Name>
- Allow group <ggowner> to use virtual-network-family in compartment <Compartment Name>
- Allow group <ggowner> to manage public-ips in compartment <Compartment Name>
- Allow group <ggowner> to use tag-namespaces in tenancy
- Allow group <ggowner> to inspect compartments in tenancy
Where <ggowner> is an example for a group and <Compartment Name> is an example of a compartment. The following are permission names: instance-family, orm-family, volume-family, virtual-network-family, and public-ips.
Note:
- The manage public-ips permission is required only if you give the instance a public IP address. Oracle GoldenGate uses reserved IP addresses so that the public address is preserved across stack upgrades.
- The Networks compartment is an assumption that the customers
follow the practice of having a separate network group manage the network
resources for all users in the tenancy. If the tenancy instead allows you to
create network resources of your own, then the policy would be:
Allow group <marketplace-permissions> to manage virtual-network-family in compartment <Marketplace-Test>
.
Parent topic: Additional Topics