Description of the image policy_flow
This image illustrates the high-level steps that are required to create security
policies suitable for people managing Oracle Analytics Cloud.
- Identity Cloud Service (IDCS) box contains two boxes: Users and
Groups
- IDCS users belong to IDCS groups
- IDCS users map to IAM users
- IDCS groups map to IAM groups
- Identity and Access Management (IAM) box contains various
boxes: Users, Groups, Map to, Policies, Compartments
- Users (federated IDCS users) belong to IAM groups (mapped to IDCS groups)
- Policies are assigned to IAM groups
- Policies give user access permissions on compartments that contain one or more Oracle Analytics Cloud instances
- Analytics Cloud box contains several Oracle Analytics Cloud
instances
- Each Oracle Analytics Cloud instance belongs to a compartment
Step 1 (IDCS Users box): Create users in the federated IDCS.
Step 2 (IDCS Groups box): Create one or more groups in the federated IDCS and assign users to each group.
Step 3 (IAM Groups box): Create groups in IAM.
Step 4 (IAM Map to Groups box): Map the groups you created in IAM to the groups in IDCS.
Step 5 (Policy box): Create one or more policies that give users in IAM groups suitable access permissions to compartments and Oracle Analytics Cloud instances.