Oracle Cloud Infrastructure Lifecycle Operations for the Oracle Integration Instance: Control User Access
Use IAM (identity and access management) policies to secure access to the Oracle Cloud Infrastructure lifecycle operations for the Oracle Integration instance.
On This Page
Access at a Glance
Area | More information |
---|---|
People who need access |
![]() |
Authentication method: Several methods |
One of the following methods:
|
Authorization method: IAM (identity and access management) policies |
Users access the Oracle Cloud Infrastructure Console using its user interface, its APIs, and its CLI. IAM policies govern access to these resources. IAM policies apply to a single tenancy and govern outbound access, which is access from an Oracle Integration instance to another application or resource. IAM policies determine the types of operations that someone can perform on a resource. For example, a user with a READ policy for a resource cannot update the resource. IAM policies provide immense flexibility in declaring the individuals or groups who have access to Oracle Cloud Infrastructure resources and the level of access that they have. Every IAM policy contains a verb that describes the actions the group is allowed to do. The following verbs are available and are ordered from the least amount of access to the most amount of access:
To learn more about IAM policies in general, see the following pages in the Oracle Cloud Infrastructure documentation: To learn about IAM policies for Oracle Integration, including the verbs to use when writing an IAM policy, see About IAM Policies for Oracle Integration in Provisioning and Administering Oracle Integration 3. |
How to Control Access
Security goal | Owner | More information |
---|---|---|
Understand your responsibilities and Oracle's responsibilities for various administrative tasks |
|
The tenancy administrator receives the welcome email from Oracle and is responsible for managing the lifecycle operations on the instance. See Oracle and Customer Responsibilities in Oracle Integration 3 in Provisioning and Administering Oracle Integration 3. |
Determine whether your tenancy uses identity domains |
|
Some tenancies use identity domains, while others don't. You have different requirements, depending on whether your tenancy uses identity domains. To understand the differences between tenancies with and without identity domains, and to determine whether your tenancy uses identity domains, see Differences Between Tenancies With and Without Identity Domains in Provisioning and Administering Oracle Integration 3. |
Configure access to the Oracle Integration instance |
|
|
If you configure Oracle Integration to send data to Oracle Cloud Infrastructure Logging or Oracle Cloud Infrastructure Monitoring, restrict the people who can look at the data |
|
You can send activity stream data to Oracle Cloud Infrastructure Logging. See Logging in the Oracle Cloud Infrastructure documentation. You can send message pack data to Oracle Cloud Infrastructure Monitoring. See Monitoring in the Oracle Cloud Infrastructure documentation. Ensure that you authorize only the correct people to view the logs and other data. Associate a policy with the log or log group. The policy should allow only select viewers.
|
Periodically audit users' access to the Oracle Integration instance |
![]() |
|