Authentication Policy Administrator

OCI IAM · Identity · Manage

Verb Tier

Manage

Categoria

Identity

Escopo

Tenancy

Privilegiado

Sim

Esta policy é privilegiada — concede acesso de alto impacto. Atribua apenas a grupos de administração confiáveis e monitore com Cloud Guard e Audit Logs.

Descrição

Manage password policies, MFA enforcement and sign-on policies for the tenancy.

Verb: Manage

Full CRUD — create, read, update, delete and administer the resource.

Exemplo de Policy Statement

Allow group AuthPolicyAdmins to manage authentication-policies in tenancy

Substitua o nome do grupo e compartimento conforme sua estrutura OCI.

Resource Types

authentication-policies

Permissões

  • Set password complexity rules
  • Enforce MFA requirements
  • Configure sign-on policies
  • Manage allowed regions

Verb Actions(6)

AUTHENTICATION_POLICY_UPDATE
AUTHENTICATION_POLICY_READ
PASSWORD_POLICY_UPDATE
MFA_TOTP_DEVICE_MANAGE
NETWORK_SOURCE_CREATE
SIGN_ON_POLICY_UPDATE

Policy Statement (JSON)

{
  "policyName": "Authentication Policy Administrator",
  "statements": [
    "Allow group AuthPolicyAdmins to manage authentication-policies in tenancy"
  ],
  "compartment": "tenancy",
  "resourceTypes": [
    "authentication-policies"
  ],
  "verbLevel": "Manage"
}