Verb Tier
ManageCategoria
ComputeEscopo
Compartment
Privilegiado
Sim
Esta policy é privilegiada — concede acesso de alto impacto. Atribua apenas a grupos de administração confiáveis e monitore com Cloud Guard e Audit Logs.
Descrição
Full control over compute instances, images, instance pools and related resources.
Verb: Manage
Full CRUD — create, read, update, delete and administer the resource.
Exemplo de Policy Statement
Allow group ComputeAdmins to manage instances in compartment ProductionSubstitua o nome do grupo e compartimento conforme sua estrutura OCI.
Resource Types
instancesimagesinstance-configurationsinstance-poolsvolume-attachments
Permissões
- Launch/terminate compute instances
- Manage custom images
- Create instance pools and configurations
- Attach/detach volumes and VNICs
Verb Actions(11)
INSTANCE_CREATEINSTANCE_DELETEINSTANCE_UPDATEINSTANCE_ACTIONIMAGE_CREATEIMAGE_DELETEINSTANCE_POOL_CREATEINSTANCE_POOL_DELETEVNIC_ATTACHMENT_CREATEVOLUME_ATTACHMENT_CREATEBOOT_VOLUME_ATTACHMENT_CREATEPolicy Statement (JSON)
{
"policyName": "Compute Administrator",
"statements": [
"Allow group ComputeAdmins to manage instances in compartment Production"
],
"compartment": "compartment",
"resourceTypes": [
"instances",
"images",
"instance-configurations",
"instance-pools",
"volume-attachments"Policies Relacionadas — Compute