OCI Identity and Access Management (IAM)

Iniziamo. È gratuito!
o registrati con il tuo indirizzo email
OCI Identity and Access Management (IAM) da Mind Map: OCI Identity and Access Management (IAM)

1. IAM

1.1. Identities

1.1.1. Who request Groups Users Instances

1.2. Principals

1.2.1. IAM entity interact with OCI Resources

1.2.2. 2 Principals IAM users/ Applications Individual people Instance Principals/ Applications Make API Calls against other OCI services

2. Authentication

2.1. who is this person?

2.2. Is this who he says he is?

2.3. OCI IAM service authentications

2.3.1. a Principal by User name, Password API Signing Key Required when using Auth Token Oracle-generated token string to authentication 3rd party APIs That do no support OCI signature-based authentication

3. Authorization

3.1. Specifies various Actions

3.1.1. an authenticated Principal can perfomr

3.2. OCI Authorization = Policies

4. Policies

4.1. Written in Human-readable

4.2. Remember all resources in a compartment or tenancy are "Denied"

4.3. Eg

4.3.1. Allow group <group name> to <verb><resource-type>in tenancy

4.3.2. Allow group <group_name> to <verb><resource-type>in compartment <compartment_name> [where <conditions>]

4.4. Policy Attachment

4.4.1. Policies can be attached to a compartment or the tenancy

4.4.2. Where you attach it controls who can then modify it or delete it.

4.4.3. Policy Syntax

4.4.4. Policy Reference