Documentation Oracle Cloud Infrastructure

Instructions de stratégie Oracle Cloud Infrastructure IAM pour Oracle Database Service for Azure

Cette rubrique fournit des exemples d'instructions de stratégie OCI IAM pour que les utilisateurs Azure puissent effectuer des opérations dans la console OCI standard sur les ressources de base de données OCI provisionnées via OracleDB pour Azure.

Les opérations de création sont exclues de ces stratégies car les utilisateurs devront créer OracleDB pour les ressources de base de données Azure à l'aide de la console OracleDB pour Azure. Les ressources créées dans OracleDB pour Azure sont automatiquement liées au compte Azure et aux abonnements associés.

Pour plus d'informations sur OracleDB pour les groupes d'utilisateurs Azure, reportez-vous aux rubriques suivantes :

odsa-db-family-administrators

Instruction de stratégie :

Allow group odsa-db-family-administrators to manage database-family in compartment <odsa_compartment_name>
where all {request.operation != CreateAutonomousContainerDatabase,
request.operation != CreateAutonomousDatabase,
request.operation != CreateAutonomousDatabaseBackup,
request.operation != CreateAutonomousVmCluster,
request.operation != CreateBackup,
request.operation != CreateBackupDestination,
request.operation != CreateCloudAutonomousVmCluster,
request.operation != CreateCloudExadataInfrastructure,
request.operation != CreateCloudVmCluster,
request.operation != CreateDatabase,
request.operation != CreateDatabaseSoftwareImage,
request.operation != CreateDbHome,
request.operation != CreateExadataInfrastructure,
request.operation != CreateExternalBackupJob,
request.operation != CreateExternalContainerDatabase,
request.operation != CreateExternalDatabaseConnector,
request.operation != CreateExternalPluggableDatabase,
request.operation != CreatePluggableDatabase,
request.operation != CreateVmCluster,
request.operation != CreateVmClusterNetwork}

odsa-exa-infra-administrators

Instruction de stratégie :

Allow group odsa-exa-infra-administrators to manage cloud-exadata-infrastructures in compartment <odsa_compartment_name>
  where request.operation != CreateCloudExadataInfrastructure
 
Allow group odsa-exa-infra-administrators to manage cloud-vmclusters in compartment <odsa_compartment_name>
  where request.operation != CreateCloudVmCluster
 
Allow group odsa-exa-infra-administrators to manage cloud-autonomous-vmclusters in compartment <odsa_compartment_name>
  where request.operation != CreateCloudAutonomousVmCluster
 
Allow group odsa-exa-infra-administrators to manage db-nodes in compartment <odsa_compartment_name>

odsa-exa-cdb-administrators

Instruction de stratégie :

Allow group odsa-exa-cdb-administrators to manage db-homes in compartment <odsa_compartment_name>
  where request.operation != CreateDbHome
 
Allow group odsa-exa-cdb-administrators to manage databases in compartment <odsa_compartment_name>
  where request.operation != CreateDatabase
 
Allow group odsa-exa-cdb-administrators to manage db-backups in compartment <odsa_compartment_name>

odsa-exa-pdb-administrators

Instruction de stratégie :

Allow group odsa-exa-pdb-administrators to manage pluggable-databases in compartment <odsa_compartment_name>
  where request.operation != CreatePluggableDatabase

odsa-basedb-infra-administrators

Instruction de stratégie :

Allow group odsa-basedb-infra-administrators to manage db-systems in compartment <odsa_compartment_name>
  where request.operation != LaunchDbSystem
 
Allow group odsa-basedb-infra-administrators to manage db-nodes in compartment <odsa_compartment_name>

odsa-basedb-cdb-administrators

Instruction de stratégie :

Allow group odsa-basedb-cdb-administrators to manage db-homes in compartment <odsa_compartment_name>
  where request.operation != CreateDbHome
 
Allow group odsa-basedb-cdb-administrators to manage databases in compartment <odsa_compartment_name>
  where request.operation != CreateDatabase
 
Allow group odsa-basedb-cdb-administrators to manage db-backups in compartment <odsa_compartment_name>

odsa-basedb-pdb-administrators

Instruction de stratégie :

Allow group odsa-basedb-pdb-administrators to manage pluggable-databases in compartment <odsa_compartment_name>
  where request.operation != CreatePluggableDatabase

odsa-adbs-db-administrators

Instruction de stratégie :

Allow group odsa-adbs-db-administrators to manage autonomous-databases in compartment <odsa_compartment_name>
  where request.operation != CreateAutonomousDatabase
 
Allow group odsa-adbs-db-administrators to manage autonomous-database-backups in compartment <odsa_compartment_name>

odsa-mysql-infra-administrateur

Instruction de stratégie :

Allow group odsa-mysql-infra-administrators to manage mysql-instances in compartment <Cloudlink-Compartment>
  where request.operation != CreateDbSystem
 
Allow group odsa-mysql-infra-administrators to manage mysql-configurations in compartment <Cloudlink-Compartment>
  where request.operation != CreateConfiguration
 
Allow group odsa-mysql-infra-administrators to manage mysql-backups in compartment <Cloudlink-Compartment>
  where request.operation != DbSystemBackup
 
Allow group odsa-mysql-infra-administrators to manage mysql-channels in compartment <Cloudlink-Compartment>
  where request.operation != CreateChannel
 
Allow group odsa-mysql-infra-administrators to manage mysql-heatwave in compartment <Cloudlink-Compartment>
  where request.operation != AddHeatWaveCluster

odsa-mysql-heatwave-administrator

Instruction de stratégie :

Allow group odsa-mysql-heatwave-administrators to manage mysql-heatwave in compartment <Cloudlink-Compartment>
  where request.operation != AddHeatWaveCluster

odsa-network-administrators

Instruction de stratégie :

Allow odsa-network-administrators to manage virtual-network-family in compartment <odsa_compartment_name>

odsa-costmgmt-administrators

Instruction de stratégie :

Allow group odsa-costmgmt-administrators to manage usage-report in tenancy

odsa-costmgmt-readers

Instruction de stratégie :

Allow group odsa-costmgmt-readers to read usage-report in tenancy