Federation Administrator

OCI IAM · Identity · Manage

Verb Tier

Manage

Categoria

Identity

Escopo

Tenancy

Privilegiado

Sim

Esta policy é privilegiada — concede acesso de alto impacto. Atribua apenas a grupos de administração confiáveis e monitore com Cloud Guard e Audit Logs.

Descrição

Configure SAML 2.0 identity providers and manage federated user group mappings.

Verb: Manage

Full CRUD — create, read, update, delete and administer the resource.

Exemplo de Policy Statement

Allow group FederationAdmins to manage identity-providers in tenancy

Substitua o nome do grupo e compartimento conforme sua estrutura OCI.

Resource Types

identity-providersidp-group-mappings

Permissões

  • Add/remove SAML identity providers
  • Configure group mappings
  • Manage federation metadata

Verb Actions(7)

IDENTITY_PROVIDER_CREATE
IDENTITY_PROVIDER_UPDATE
IDENTITY_PROVIDER_DELETE
IDP_GROUP_MAPPING_CREATE
IDP_GROUP_MAPPING_DELETE
IDENTITY_PROVIDER_READ
SAML_METADATA_UPDATE

Policy Statement (JSON)

{
  "policyName": "Federation Administrator",
  "statements": [
    "Allow group FederationAdmins to manage identity-providers in tenancy"
  ],
  "compartment": "tenancy",
  "resourceTypes": [
    "identity-providers",
    "idp-group-mappings"
  ],
  "verbLevel": "Manage"
}