Pool Policies
These example policies that can be used with Pools in Data Flow.
To provide compartment level access to Pool resources to a group of users, create the following policy:
ALLOW GROUP <group-name> TO MANAGE dataflow-pool IN compartment <compartment-name>To create a run in a specific compartment without a Pool, create the following policy:
ALLOW any-user to use dataflow-pool in compartment <compartment-name>
where ALL {target.pool.id='ocid1.dataflowpool........'To create a run in a specific compartment using a specific pool OCID, create the following policy:
ALLOW GROUP <user_group> TO MANAGE dataflow-run IN COMPARTMENT <compartment_name>
WHERE ALL{target.pool.id='<pool ocid>', request.permission='DATAFLOW_RUN_CREATE'}To create a run in a specific compartment using any Pool OCID, create the following policy:
ALLOW GROUP <user_group> TO MANAGE dataflow-run IN COMPARTMENT <compartment_name>
WHERE ALL{target.pool.id=/*dataflowpool*/, request.permission='DATAFLOW_RUN_CREATE'}To create a run in a specific compartment using a specific set of Pool OCIDs, create the
following
policy:
ALLOW GROUP <user_group> TO MANAGE dataflow-run IN COMPARTMENT <compartment_name>
WHERE ALL{ANY{target.pool.id='<pool ocid-1>',target.pool.id='<pool ocid-2>'}, request.permission='DATAFLOW_RUN_CREATE'}