IAM Administrator

OCI IAM · Identity · Manage

Verb Tier

Manage

Categoria

Identity

Escopo

Tenancy

Privilegiado

Sim

Esta policy é privilegiada — concede acesso de alto impacto. Atribua apenas a grupos de administração confiáveis e monitore com Cloud Guard e Audit Logs.

Descrição

Manage users, groups, policies, dynamic groups and compartments across the tenancy.

Verb: Manage

Full CRUD — create, read, update, delete and administer the resource.

Exemplo de Policy Statement

Allow group IamAdmins to manage users in tenancy

Substitua o nome do grupo e compartimento conforme sua estrutura OCI.

Resource Types

usersgroupspoliciesdynamic-groupscompartments

Permissões

  • Create/delete users and groups
  • Write and delete IAM policies
  • Create dynamic groups
  • Manage compartment hierarchy

Verb Actions(12)

USER_CREATE
USER_DELETE
USER_UPDATE
USER_RESET_PASSWORD
GROUP_CREATE
GROUP_DELETE
GROUP_UPDATE
GROUP_ADD_MEMBER
GROUP_REMOVE_MEMBER
POLICY_CREATE
POLICY_DELETE
DYNAMIC_GROUP_CREATE

Policy Statement (JSON)

{
  "policyName": "IAM Administrator",
  "statements": [
    "Allow group IamAdmins to manage users in tenancy"
  ],
  "compartment": "tenancy",
  "resourceTypes": [
    "users",
    "groups",
    "policies",
    "dynamic-groups",
    "compartments"