About Permissions to Manage Oracle Analytics Cloud Instances

You use authorization policies to control access to resources in your tenancy. For example, you can create a policy that authorizes users to create and manage Oracle Analytics Cloud instances.

You create policies using the Oracle Cloud Infrastructure Console. For detailed information, see Managing Policies.

Resource Types for Oracle Analytics Cloud
Resource Types Description

analytics-instance

A single Oracle Analytics Cloud instance.

analytics-instances

One or more Oracle Analytics Cloud instances.

analytics-instance-work-request

A single work request for Oracle Analytics Cloud.

Each operation you perform on an Oracle Analytics Cloud instance, creates a work request. For example, operations such as create, start, stop, and so on.

analytics-instance-work-requests One or more work requests.

Supported Variables

The values of these variables are supplied by Oracle Analytics Cloud. In addition, other general variables are supported. See General Variables for All Requests.

Variable Type Description Sample Value
target.analytics-instance.id ocid OCID for the Analytics Cloud instance. target.analytics-instance.id = 'oci1.analyticsinstance.oc1..abc123'
target.analytics-instance.name string Name of the Analytics Cloud instance. target.analytics-instance.name = 'myanalytics_1'
target.analytics-instance.source-compartment.id ocid OCID of the source compartment, in a "move compartment" operation. target.analytics-instance.source-compartment.id = 'ocid1.compartment.oc1..aaa100'
target.analytics-instance.destination-compartment.id ocid OCID of the destination compartment in a "move compartment" operation. target.analytics-instance.destination-compartment.id = 'ocid1.compartment.oc1..aaa200'

Details for Verb and Resource-Type Combinations

Oracle Cloud Infrastructure offers a standard set of verbs to define permissions across Oracle Cloud Infrastructure resources (Inspect, Read, Use, Manage). These tables list the Oracle Analytics Cloud permissions associated with each verb. The level of access is cumulative as you go from Inspect to Read to Use to Manage.

INSPECT

Resource- Type INSPECT Permission
  • analytics-instance
  • analytics-instances
  • ANALYTICS_INSTANCE_INSPECT
  • analytics-instance-work-request
  • analytics-instance-work-requests
  • ANALYTICS_INSTANCE_WR_INSPECT

READ

Resource- Type READ Permission
  • analytics-instance
  • analytics-instances
  • ANALYTICS_INSTANCE_INSPECT
  • ANALYTICS_INSTANCE_READ
  • analytics-instance-work-request
  • analytics-instance-work-requests
  • ANALYTICS_INSTANCE_WR_INSPECT
  • ANALYTICS_INSTANCE_WR_READ

USE

Resource- Type USE Permission
  • analytics-instance
  • analytics-instances
  • ANALYTICS_INSTANCE_INSPECT
  • ANALYTICS_INSTANCE_READ
  • ANALYTICS_INSTANCE_USE
  • analytics-instance-work-request
  • analytics-instance-work-requests
  • N/A

MANAGE

Resource- Type MANAGE Permission
  • analytics-instance
  • analytics-instances
  • ANALYTICS_INSTANCE_INSPECT
  • ANALYTICS_INSTANCE_READ
  • ANALYTICS_INSTANCE_USE
  • ANALYTICS_INSTANCE_CREATE
  • ANALYTICS_INSTANCE_DELETE
  • ANALYTICS_INSTANCE_UPDATE
  • ANALYTICS_INSTANCE_MOVE
  • ANALYTICS_INSTANCE_MANAGE
  • analytics-instance-work-request
  • analytics-instance-work-requests
  • ANALYTICS_INSTANCE_WR_INSPECT
  • ANALYTICS_INSTANCE_WR_READ
  • ANALYTICS_INSTANCE_WR_DELETE

Permissions Required for Each API Operation

This table shows the API operations available for Oracle Analytics Cloud, grouped by resource type.

REST API Operation CLI Command Operation Permission Required to Use the Operation
ListAnalyticsInstances analytics-instance list ANALYTICS_INSTANCE_INSPECT
CreateAnalyticsInstance analytics-instance create ANALYTICS_INSTANCE_CREATE
GetAnalyticsInstance analytics-instance get ANALYTICS_INSTANCE_READ
UpdateAnalyticsInstance analytics-instance update ANALYTICS_INSTANCE_UPDATE
DeleteAnalyticsInstance analytics-instance delete ANALYTICS_INSTANCE_DELETE
StartAnalyticsInstance analytics-instance start ANALYTICS_INSTANCE_USE
StopAnalyticsInstance analytics-instance stop ANALYTICS_INSTANCE_USE
ScaleAnalyticsInstance analytics-instance scale ANALYTICS_INSTANCE_MANAGE
ChangeAnalyticsInstanceCompartment analytics-instance change-compartment ANALYTICS_INSTANCE_MOVE
ChangeAnalyticsInstanceNetworkEndpoint analytics-instance change-network-endpoint ANALYTICS_INSTANCE_MANAGE
GetPrivateAccessChannel analytics-instance get-private-access-channel ANALYTICS_INSTANCE_MANAGE
CreatePrivateAccessChannel analytics-instance create-private-access-channel ANALYTICS_INSTANCE_MANAGE
UpdatePrivateAccessChannel analytics-instance update-private-access-channel ANALYTICS_INSTANCE_MANAGE
DeletePrivateAccessChannel analytics-instance delete-private-access-channel ANALYTICS_INSTANCE_MANAGE
CreateVanityUrl analytics-instance create-vanity-url ANALYTICS_INSTANCE_MANAGE
UpdateVanityUrl analytics-instance update-vanity-url ANALYTICS_INSTANCE_MANAGE

DeleteVanityUrl

analytics-instance delete-vanity-url ANALYTICS_INSTANCE_MANAGE
SetKmsKey analytics-instance set-kms-key ANALYTICS_INSTANCE_MANAGE
ListWorkRequests work-request list ANALYTICS_INSTANCE_WR_INSPECT
GetWorkRequest work-request get ANALYTICS_INSTANCE_WR_READ
DeleteWorkRequest work-request delete ANALYTICS_INSTANCE_WR_DELETE
ListWorkRequestErrors work-request-error list ANALYTICS_INSTANCE_WR_INSPECT
ListWorkRequestLogs work-request-log list ANALYTICS_INSTANCE_WR_INSPECT