(Oracle Cloud Infrastructure) Identity and Access Management(IAM) Policy Management
Details of API Security policy to use SpaceONE plugin
IAM Policy
SpaceONE highly recommends to set appropriate permissions to access your cloud resources for each purpose.
Please, Set service account, To Create API for each use case
General Collector
Collector requires appropriate authorities to collect cloud resources. We strongly recommend to limit collector's service account its permission to read only access.
Otherwise, you can add more restrictions per resources or actions. One of the useful example is to restrict its rights within region.
STEP 1. Log in Oracle Cloud Infrastructure Console > Identity
Go to Identity > Users and Click CREATE USER
STEP 2. Set IAM User details
Click IAM User
and Enter User name and Description
STEP 3. Set API Keys to IAM User
Go to Identity > Users > User > Details > API Keys. Click Add API Key
and add or Generate API Key.
STEP 4. Create Group for IAM User
Go to Identity > Groups and Click Create Group
Button. Enter Name and Description.
STEP 5. Add IAM User to Group
Go to Group that you made and Click Add User to Group
Button and add IAM User.
STEP 6. Set Policies to Group
Go to Identity > Policies and Click Create Policy
Button.
Enter Name and Description and Policies by manually.
Entering statements directly in the text box, ensure that you follow the Policy Syntax rules.
When using General Collector, the following two policies are required:
Last updated