Creating the Oracle IAM Policy
To allow access to the Oracle cost reports stored in an Object Storage bucket, you must create an Oracle IAM policy. This policy grants the required permissions to your designated user or group to read the reports from the Object Storage bucket.
To create the policy:
|
1.
|
Sign in to the Oracle Cloud Infrastructure (OCI) Console. |
|
2.
|
In the left pane, click Billing & Cost Management > Cost Management > Cost and Usage Reports. |
The Cost and Usage Reports page opens.
|
3.
|
On the Cost and Usage Reports page, Oracle shows the IAM policy statements required to access the Object Storage bucket. Add the following sample Oracle policy statements in the policy builder: |
define tenancy usage-report as ocid1.tenancy.oc1..aaaaaaaaned4fkpkisbwjlr56u7cj63lf3wffbilvqknstgtvzub7vhqkggq
endorse group <group> to read objects in tenancy usage-report
Replace <group> with the name of an Oracle IAM group that includes the user account that you use to create the Oracle credential in Flexera One.
If required, you can create a new group and add that user to it for this purpose.
|
4.
|
Do one of the following to create the policy: |
|
•
|
On the Cost and Usage Reports page, click Create policy. |
|
•
|
In the left pane, click Identity & Security > Identity > Policies, and then click Create policy. |
|
5.
|
On the Create policy page, configure the following settings: |
|
•
|
Name and Description—Enter any recognizable name and description. |
|
•
|
Compartment—Select your root compartment. |
|
•
|
Enable the Show manual editor toggle. |
|
•
|
In the Policy Builder field, paste the IAM policy statements you copied earlier, replacing <group> with the name of the Oracle IAM group. |
|
6.
|
Click Create to create the policy. |