You are using Oracle Cloud Infrastructure (0C1) services across several regions: us-phoenlx-1, us-ashburn-1, uk-london-1 and ap-tokyo-1. You have created a separate administrator group for each region: PHX-Admins, ASH-Admins, LHR-Admins and NRT-Admins, respectively.
u want to restrict admin access to a specific region. E.g., PHX-Admins should be able to manage all resources in the us-phoenlx-1 region only and riot any other OCI regions.
What IAM policy syntax is required to restrict PHX-Admins to manage OCI resources in the us-phoenix-1 region only?
A)
B)
C)
D)
Restrict admin access to a specific region
Where to create the policy:In the tenancy.
Allow group PHX-Admins to manage all-resources in tenancy where request.region='phx'
The preceding policy allows PHX-Admins to manage all aspects of all resources in US West (Phoenix).
Members of the PHX-Admins group can only manage IAM resources if the tenancy's home region is US West (Phoenix).
Currently there are no comments in this discussion, be the first to comment!