OCI Identity and Access Management (IAM)

Get Started. It's Free
or sign up with your email address
OCI Identity and Access Management (IAM) by Mind Map: OCI Identity and Access Management (IAM)

1. IAM

1.1. Identities

1.1.1. Who request

1.1.1.1. Groups

1.1.1.1.1. Users

1.1.1.2. Instances

1.2. Principals

1.2.1. IAM entity interact

1.2.1.1. with OCI Resources

1.2.2. 2 Principals

1.2.2.1. IAM users/ Applications

1.2.2.1.1. Individual people

1.2.2.2. Instance Principals/ Applications

1.2.2.2.1. Make API Calls against other OCI services

2. Authentication

2.1. who is this person?

2.2. Is this who he says he is?

2.3. OCI IAM service authentications

2.3.1. a Principal by

2.3.1.1. User name, Password

2.3.1.2. API Signing Key

2.3.1.2.1. Required when using

2.3.1.3. Auth Token

2.3.1.3.1. Oracle-generated token string to authentication 3rd party APIs

2.3.1.3.2. That do no support OCI signature-based authentication

3. Authorization

3.1. Specifies various Actions

3.1.1. an authenticated Principal can perfomr

3.2. OCI Authorization = Policies

4. Policies

4.1. Written in Human-readable

4.2. Remember all resources in a compartment or tenancy are "Denied"

4.3. Eg

4.3.1. Allow group <group name> to <verb><resource-type>in tenancy

4.3.2. Allow group <group_name> to <verb><resource-type>in compartment <compartment_name> [where <conditions>]

4.4. Policy Attachment

4.4.1. Policies can be attached to a compartment or the tenancy

4.4.2. Where you attach it controls who can then modify it or delete it.

4.4.3. Policy Syntax

4.4.4. Policy Reference