Required Roles for OCI Integration
When integrating Oracle Cloud with Lacework, you must create an OCI user and group to act on Lacework's behalf in OCI. That user must have certain privileges, as listed here. For information on using policies to define user privileges, see How Policies Work.
Verb | Resource type | Compartment name |
---|---|---|
read | buckets | tenancy |
inspect | compartments | tenancy |
inspect | volumes | tenancy |
inspect | security-lists | tenancy |
read | users | tenancy |
inspect | groups | tenancy |
inspect | policies | tenancy |
inspect | domains | tenancy |
inspect | tag-defaults | tenancy |
read | instances | tenancy |
inspect | subnets | tenancy |
read | network-security-groups | tenancy |
inspect | tenancies | tenancy |
inspect | route-tables | tenancy |
inspect | internet-gateways | tenancy |
inspect | load-balancers | tenancy |
read | compute-clusters | tenancy |
inspect | instance-images | tenancy |
inspect | vnic-attachments | tenancy |
inspect | vnics | tenancy |
inspect | volume-attachments | tenancy |
inspect | vcns | tenancy |
inspect | leaf-certificates | tenancy |