IAM Policy

In Oracle Cloud Infrastructure (OCI), an IAM policy is a set of rules that define what actions groups of users can perform on resources within a tenancy or compartment.

Key Features of IAM Policies

• Purpose: Control access to OCI resources by granting permissions.

• Scope: Policies can apply at the tenancy level (global) or to specific compartments.

• Subjects: Policies are applied to groups of users, not directly to individual users.

• Actions (Verbs): Define the level of access:

1. inspect → view metadata only - This access is used for inspection purpose only, especially for cloud auditors.

2. read → view metadata + content - In this user only can read the files and enter into the services but can't make any changes or modification.

3. use → read + perform limited actions - In this level user can perform day to day activity like modifications or edit things but can not delete or create any service.

4. manage → full administrative control - In this level user can make any changes or modifications, create a new data or delete data or services. This is the top level of access.

Steps to Create a Policy in OCI

• First Login to the OCI Account/Tenancy

• In the Navigation Menu go to identity & security option

• In identity & security option click on Policies

Before Click on Create policy we have to select compartment which we want to create policy.