Configuring Read Only Access to One Console

Create users and grant them a read only console view to see a list of instances. Note that these service users do not need Oracle Identity Cloud Service identities.

Creating an Oracle Cloud Infrastructure Group for Read Only Access

Create an Oracle Cloud Infrastructure group for read only access to the console.

  1. Click Navigation menu icon in the top left corner.
  2. From the Governance and Administration category, choose Identity, then Groups.
  3. Click Create Group.
  4. In the Create Group screen, enter a name (for example, oci-integration-viewers) and a description.

    Description of create_oci_group_read_only.png follows

  5. Click Create.

Creating an Oracle Cloud Infrastructure Policy for Read Only Access

Create a policy to grant a group of users read only permission to Oracle Integration instances within a specified compartment or tenancy.

  1. From the navigation pane, select Identity, then Policies.
  2. Click Create Policy.
  3. In the Create Policy window, enter a name (for example, ViewersGroupPolicy) and a description.
  4. Complete the policy's Statement field, entering your Oracle Cloud Infrastructure group name and compartment name.
    • Policy: allow group oci-integration-viewers to read integration-instance in compartment OICCompartment

    • Syntax: Allow group <group_name> to <verb> <resource-type> in compartment <compartment-name>

      Syntax: Allow group <group_name> to <verb> <resource-type> in tenancy

    This policy statement allows the oci-integration-viewers group to read the integration-instance in compartment OICCompartment. The read verb provides read only access to a resource.

    Want to learn more about policies? See How Policies Work and Policy Reference, or click Help in the window.

  5. Add an additional policy to allow members of the IAM group to view message metrics, as described in Viewing Message Metrics.
    Under Policy Statements, click + to add another statement. Complete the policy's Statement field, entering your Oracle Cloud Infrastructure group name and compartment name or tenancy.
    • Policy: allow group oci-integration-admins to read metrics in compartment OICPMCompartment

    • Syntax: Allow group <group_name> to <verb> <resource-type> in compartment <compartment-name>


    Description of create_policy_read_only.png follows

  6. Click Create.
    The policy statement is validated and syntax errors are displayed.

Adding and Assigning Oracle Cloud Infrastructure Users for Read Only Access

After creating a view only group and adding its policy, add users for read only access to Oracle Integration instances.

  1. Add an Oracle Cloud Infrastructure user.
    1. Click Navigation menu icon in the top left corner.
    2. From the Governance and Administration category, choose Identity, then Users.
    3. Click Create User.
    4. Complete the fields to identify the user.

      Description of create_read_only_user.png follows

    5. Click Create.
  2. Assign the user to the read only group.
    1. Select Groups from the Identity options.
    2. Select the read only group you created (for example, oci-integration-viewers).
    3. Click Add User to Group.
    4. In the Add User to Group dialog, select the user you created and click Add.
  3. Create the user's password.
    1. From the Group Members table on the Group Details screen, select the user you added.
    2. Click Create/Reset Password. The Create/Reset Password dialog is displayed with a one-time password listed.
    3. Click Copy, then Close.
  4. Provide read only users the information they need to sign in.
    1. Copy the password in an email to the user.
    2. Instruct the read only user to sign in using the right-most (non-federated) sign in fields.
      Description of sign_in_auth.png follows

    3. Upon signing in, the user will be prompted to enter a new password.
    4. View Oracle Integration instances.
      Read only users can view Oracle Integration instances by selecting Application Integration, and then Integration in the navigation pane.