You Saw created a group for several auditors. You assign the following policies to the group:
What actions are the auditors allowed to perform within your tenancy?
Let auditors inspect your resources
Type of access:Ability to list the resources in all compartments. Be aware that:
The operation to list IAM policies includes the contents of the policies themselves
The list operations for Networking resource-types return all the information (for example, the contents of security lists and route tables)
The operation to list instances requires thereadverb instead ofinspect, and the contents include the user-provided metadata.
The operation to view Audit service events requires thereadverb instead ofinspect.
Allow group Auditors to inspect all-resources in tenancy
Allow group Auditors to read instances in tenancy
Allow group Auditors to read audit-events in tenancy
Currently there are no comments in this discussion, be the first to comment!