Verb Tier
ManageCategoria
IdentityEscopo
Tenancy
Privilegiado
Sim
Esta policy é privilegiada — concede acesso de alto impacto. Atribua apenas a grupos de administração confiáveis e monitore com Cloud Guard e Audit Logs.
Descrição
Manage users, groups, policies, dynamic groups and compartments across the tenancy.
Verb: Manage
Full CRUD — create, read, update, delete and administer the resource.
Exemplo de Policy Statement
Allow group IamAdmins to manage users in tenancySubstitua o nome do grupo e compartimento conforme sua estrutura OCI.
Resource Types
usersgroupspoliciesdynamic-groupscompartments
Permissões
- Create/delete users and groups
- Write and delete IAM policies
- Create dynamic groups
- Manage compartment hierarchy
Verb Actions(12)
USER_CREATEUSER_DELETEUSER_UPDATEUSER_RESET_PASSWORDGROUP_CREATEGROUP_DELETEGROUP_UPDATEGROUP_ADD_MEMBERGROUP_REMOVE_MEMBERPOLICY_CREATEPOLICY_DELETEDYNAMIC_GROUP_CREATEPolicy Statement (JSON)
{
"policyName": "IAM Administrator",
"statements": [
"Allow group IamAdmins to manage users in tenancy"
],
"compartment": "tenancy",
"resourceTypes": [
"users",
"groups",
"policies",
"dynamic-groups",
"compartments"Policies Relacionadas — Identity