Tenancy Administrator

OCI IAM · Identity · Manage

Verb Tier

Manage

Categoria

Identity

Escopo

Tenancy

Privilegiado

Sim

Esta policy é privilegiada — concede acesso de alto impacto. Atribua apenas a grupos de administração confiáveis e monitore com Cloud Guard e Audit Logs.

Descrição

Full control over all resources in the tenancy including IAM, billing and every OCI service.

Verb: Manage

Full CRUD — create, read, update, delete and administer the resource.

Exemplo de Policy Statement

Allow group TenancyAdmins to manage all-resources in tenancy

Substitua o nome do grupo e compartimento conforme sua estrutura OCI.

Resource Types

all-resources

Permissões

  • Create/delete/manage any OCI resource
  • Manage IAM users, groups and policies
  • Access billing and cost data
  • Configure federation and identity providers

Verb Actions(12)

TENANCY_MANAGE
USER_CREATE
USER_DELETE
USER_UPDATE
GROUP_CREATE
GROUP_DELETE
POLICY_CREATE
POLICY_DELETE
COMPARTMENT_CREATE
COMPARTMENT_DELETE
TAG_NAMESPACE_CREATE
TAG_NAMESPACE_DELETE

Policy Statement (JSON)

{
  "policyName": "Tenancy Administrator",
  "statements": [
    "Allow group TenancyAdmins to manage all-resources in tenancy"
  ],
  "compartment": "tenancy",
  "resourceTypes": [
    "all-resources"
  ],
  "verbLevel": "Manage"
}