Oracle Cloud Infrastructure Documentation

Policy Details for Oracle Exadata Database Service on Cloud@Customer

Learn to write policies to control access to Oracle Exadata Database Service on Cloud@Customer resources.

Note

For more information on Policies, see "How Policies Work".

For a sample policy, see "Let database admins manage Oracle Exadata Database Service on Cloud@Customer instances".

Related Topics

Parent topic: Reference Guides for Oracle Exadata Database Service on Cloud@Customer

About Resource-Types

Learn about resource-types you can use in your policies.

An aggregate resource-type covers the list of individual resource-types that directly follow.

For example, writing one policy to allow a group to have access to the database-family is equivalent to writing eight separate policies for the group that would grant access to the exadata-infrastructures, vmcluster-networks, vmclusters, backup-destinations, db-nodes, dbnode-console-connection, and the rest of the individual resource-types.

For example, writing one policy to allow a group to have access to the autonomous-database-family is equivalent to writing four separate policies for the group that would grant access to the autonomous-databases, autonomous-backups, autonomous-container-databases, and cloud-autonomous-vmclusters resource-types.

For more information, see Resource-Types.

Resource-Types for Oracle Exadata Database Service on Cloud@Customer

Review the list of resource-types specific to Oracle Exadata Database Service on Cloud@Customer.

Aggregate Resource-Type

database-family

Individual Resource-Types

exadata-infrastructures
vmclusters
backup-destinations
db-nodes
db-homes
databases
backups
database-software-images
exascale-db-storage-vaults
autonomous-vmclusters
autonomous-container-databases
autonomous-databases
key-stores
autonomousContainerDatabaseDataguardAssociations
AutonomousDatabaseDataguardAssociation
dbnode-console-connection
dbnode-console-history
scheduling-policies
scheduling-windows
scheduling-plan
scheduling-action
execution-windows
execution-action

Supported Variables

Use variables when adding conditions to a policy.

Exadata Database Service on Cloud@Customer supports only the general variables. For more information, see "General Variables for All Requests".

Details for Verb + Resource-Type Combinations

Review the list of permissions and API operations covered by each verb.

For more information, see "Permissions", "Verbs", and "Resource-Types".

Related Topics

Parent topic: Policy Details for Oracle Exadata Database Service on Cloud@Customer

Database-Family Resource Types

The level of access is cumulative as you go from inspect > read > use > manage. A plus sign (+) in a table cell indicates incremental access compared to the cell directly above it, whereas "no extra" indicates no incremental access.

For example, the read verb for the vmclusters resource-type covers no extra permissions or API operations compared to the inspect verb. However, the use verb includes one more permission, fully covers one more operation, and partially covers another additional operation.

Permissions and API operation details for Exadata Infrastructures

Granting permissions on exadata-infrastructure resources grants permissions on associated vmcluster-network resources.

The table below lists permissions and API operations for exadata-infrastructures.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

EXADATA_INFRASTRUCTURE_INSPECT

ListExadataInfrastructures

GetExadataInfrastructure

GenerateRecommendedNetworkDetails

ListVmClusterNetworks

GetVmClusterNetwork

ValidateVmClusterNetwork

DownloadExadataInfrastructureConfigFile

DownloadVmClusterNetworkConfigFile

ChangeExadataInfrastructureCompartment

READ

INSPECT +

EXADATA_INFRASTRUCTURE_CONTENT_READ

none

none

USE

READ +

EXADATA_INFRASTRUCTURE_UPDATE

ActivateExadataInfrastructure

UpdateExadataInfrastructure

ChangeExadataInfrastructureCompartment

AddStorageCapacityExadataInfrastructure

CreateVmClusterNetwork

UpdateVmClusterNetwork

DeleteVmClusterNetwork

ConfigureExascaleExadataInfrastructure

CreateVmCluster (also needs manage vmclusters)

UpdateVmCluster (also needs use vmclusters)

ChangeExadataInfrastructureCompartment

MANAGE

USE +

EXADATA_INFRASTRUCTURE_CREATE

EXADATA_INFRASTRUCTURE_DELETE

CreateExadataInfrastructure

DeleteExadataInfrastructure

downloadExadataInfrastructureConfigFile

none

Permissions and API operation details for exascale-db-storage-vaults

Granting permissions on exadata-infrastructure resources grants permissions on associated vmcluster-network resources.

The table below lists permissions and API operations for exadata-infrastructures.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

EXASCALE_DB_STORAGE_VAULT_INSPECT

ListExascaleDbStorageVaults

GetExascaleDbStorageVault

none

READ

no extra

no extra

none

USE

READ +

EXASCALE_DB_STORAGE_VAULT_UPDATE

ChangeExascaleDbStorageVaultCompartment

UpdateExascaleDbStorageVault

none

MANAGE

USE +

EXASCALE_DB_STORAGE_VAULT_CREATE

EXASCALE_DB_STORAGE_VAULT_DELETE

CreateExascaleDbStorageVault

DeleteExascaleDbStorageVault

none

Permissions and API operation details for VM Cluster Networks

vmcluster-network resources inherit permissions from the exadata-infrastructure resources with which they are associated. You cannot grant permissions to vmcluster-network resources explicitly.

The table below lists permissions and API operations for vmcluster-networks.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

EXADATA_INFRASTRUCTURE_INSPECT

ListVmClusterNetworks

GetVmClusterNetwork

ValidateVmClusterNetwork

none

READ

INSPECT +

EXADATA_INFRASTRUCTURE_CONTENT_READ

DownloadVmClusterNetworkConfigFile

none

USE

READ +

EXADATA_INFRASTRUCTURE_UPDATE

CreateVmClusterNetwork

UpdateVmClusterNetwork

DeleteVmClusterNetwork

none

MANAGE

USE +

EXADATA_INFRASTRUCTURE_CREATE

EXADATA_INFRASTRUCTURE_DELETE

none

none

Permissions and API operation details for VM Clusters

The table below lists permissions and API operations for vmclusters.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

VM_CLUSTER_INSPECT

ListVmClusters

GetVmCluster

ListVmClusterPatches

ListVmClusterPatchHistoryEntries

GetVmClusterPatch

GetVmClusterPatchHistoryEntry

ListVmClusterUpdates

ListVmClusterUpdateHistoryEntries

GetVmClusterUpdate

GetVmClusterUpdateHistoryEntry

none

READ

No extra

No extra

No extra

USE

READ +

VM_CLUSTER_UPDATE

VM_CLUSTER_UPDATE_TAGS

VM_CLUSTER_UPDATE_COMPARTMENT

VM_CLUSTER_UPDATE_SSH_KEY

VM_CLUSTER_UPDATE_LICENSE

VM_CLUSTER_UPDATE_CPU

VM_CLUSTER_UPDATE_MEMORY

VM_CLUSTER_UPDATE_LOCAL_STORAGE

VM_CLUSTER_UPDATE_EXADATA_STORAGE

VM_CLUSTER_UPDATE_GI_SOFTWARE

VM_CLUSTER_UPDATE_FILE_SYSTEM

 ChangeVmClusterCompartment

UpdateVmCluster (also needs use exadata-infrastructures)

CreateDbHome, (also needs manage db-homes and manage databases). If automatic backups are enabled on the default database, also needs manage backups

DeleteDbHome, (also needs manage db-homes and manage databases. If automatic backups are enabled on the default database, also needs manage backups

MANAGE

USE +

VM_CLUSTER_CREATE

VM_CLUSTER_DELETE

No extra

CreateVmCluster (also needs use exadata-infrastructures)

DeleteVmCluster (also needs use exadata-infrastructures)

Note

The VM_CLUSTER_UPDATE_SSH_KEY permission is a highly privileged permission that allows the user to be a root user on the guest VM and gives them the ability to run other cluster update operations on the guest VM using dbaascli.
Using fine-grained permissions, you can write policies as follows:
  • To allow any update operations:
    allow group abc to use vmclusters in compartment comp1
  • To allow only scale CPU:
    allow group abc to use vmclusters in compartment comp1 where request.permission = 'VM_CLUSTER_UPDATE_CPU'
  • To allow GI update and any scale operations:
    allow group abc to use vmclusters in compartment comp1
where any
     { request.permission = 'VM_CLUSTER_UPDATE_CPU', request.permission = 'VM_CLUSTER_UPDATE_EXADATA_STORAGE',
         request.permission = 'VM_CLUSTER_UPDATE_MEMORY', request.permission = 'VM_CLUSTER_UPDATE_LOCAL_STORAGE', request.permission = 'VM_CLUSTER_UPDATE_GI_SOFTWARE'}
  • To allow any operations except add SSH key:
    allow group abc to use vmclusters in compartment comp1 where all { request.permission != 'VM_CLUSTER_UPDATE_SSH_KEY' , request.permission != 'VM_CLUSTER_UPDATE' }

Permissions and API operation details for Backup Destinations

The table below lists permissions and API operations for backup-destinations.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

BACKUP_DESTINATION_INSPECT

ListBackupDestinations

GetBackupDestination

none

READ

no extra

none

none

USE

READ +

BACKUP_DESTINATION_UPDATE

UpdateBackupDestination

ChangeBackupDestinationCompartment

none

MANAGE

USE +

BACKUP_DESTINATION_CREATE

BACKUP_DESTINATION_DELETE

CreateBackupDestination

DeleteBackupDestination

none

Permissions and API operation details for DB Nodes

The table below lists permissions and API operations for db-nodes.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

DB_NODE_INSPECT

DB_NODE_QUERY

GetDbNode

none

READ

No extra

No extra

none

USE

READ +

DB_NODE_UPDATE

UpdateDbNode

none

MANAGE

USE +

DB_NODE_POWER_ACTIONS

DbNodeAction

none

Permissions and API operation details for DB Homes

The table below lists permissions and API operations for db-homes.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

DB_HOME_INSPECT

ListDBHome

GetDBHome

ListDbHomePatches

ListDbHomePatchHistoryEntries

GetDbHomePatch

GetDbHomePatchHistoryEntry

none

READ

No extra

No extra

none

USE

DB_HOME_UPDATE

UpdateDBHome

none

MANAGE

USE +

DB_HOME_CREATE

DB_HOME_DELETE

No extra

CreateDbHome, (also needs manage db-homes, manage backups, manage db-nodes, read vmclusters, read work-requests, and inspect exadata-infrastructures). If automatic backups are enabled on the default database, also needs manage backups.

DeleteDbHome, (also needs manage db-homes, manage backups, manage db-nodes, read vmclusters, read work-requests, and inspect exadata-infrastructures). If automatic backups are enabled on the default database, also needs manage backups.

Permissions and API operation details for Databases

The table below lists permissions and API operations for databases.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

DATABASE_INSPECT

ListDatabases

GetDatabase

getDatabaseUpgradeHistoryEntry

ListDataGuardAssociations

GetDataGuardAssociation

ListDatabaseUpgradeHistoryEntries

UpgradeDatabase

READ

No extra

No extra

none

USE

READ +

DATABASE_UPDATE

DB_HOME_UPDATE

UpdateDatabase

SwitchoverDataGuardAssociation

FailoverDataGuardAssociation

ReinstateDataGuardAssociation

 If enabling automatic backups, also needs manage backups.

MANAGE

USE +

DATABASE_CREATE

DATABASE_DELETE

No extra

CreateDbHome, (also needs use vmclusters and manage db-homes). If automatic backups are enabled on the default database, also needs manage backups

DeleteDbHome, (also needs use vmclusters and manage db-homes). If automatic backups are enabled on the default database, also needs manage backups

Permissions and API operation details for Backups

The table below lists permissions and API operations for backups.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

DB_BACKUP_INSPECT

GetBackup

ListBackups

none

READ

INSPECT +

DB_BACKUP_CONTENT_READ

none

 RestoreDatabase (also needs use databases)

USE

no extra

no extra

none

MANAGE

USE +

DB_BACKUP_CREATE

DB_BACKUP_DELETE

no extra

none

Permissions and API operation details for Database Software Image

The table below lists permissions and API operations for database-software-image.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

DB_SOFTWARE_IMG_INSPECT

ListDatabaseSoftwareImages

GetDatabaseSoftwareImage

none

READ

No extra

No extra

none

USE

READ +

DB_SOFTWARE_IMG_UPDATE

UpdateDatabaseSoftwareImage

ChangeDatabaseSoftwareImageCompartment

none

MANAGE

USE +

DB_SOFTWARE_IMG_CREATE +

DB_SOFTWARE_IMG_DELETE

CreateDatabaseSoftwareImage

DeleteDatabaseSoftwareImage

none

Permissions and API operation details for Autonomous Databases

The table below lists permissions and API operations for autonomous-databases.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

AUTONOMOUS_DATABASE_INSPECT

GetAutonomousDatabase, ListAutonomousDatabases

no extra

READ

INSPECT + AUTONOMOUS_DATABASE_CONTENT_READ

no extra

CreateAutonomousDatabaseBackup (also needs manage autonomous-backups)

USE

READ + AUTONOMOUS_DATABASE_CONTENT_WRITE + AUTONOMOUS_DATABASE_UPDATE

UpdateAutonomousDatabase

RestoreAutonomousDatabase (also needs read autonomous-backups)

ChangeAutonomousDatabaseCompartment (also needs read autonomous-backups)

MANAGE

USE +

AUTONOMOUS_DATABASE_CREATE

AUTONOMOUS_DATABASE_DELETE

CreateAutonomousDatabase

none

Permissions and API operation details for Autonomous Backups

The table below lists permissions and API operations for autonomous-backups.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

AUTONOMOUS_DB_BACKUP_INSPECT

ListAutonomousDatabaseBackups, GetAutonomousDatabaseBackup

none

READ

INSPECT + AUTONOMOUS_DB_BACKUP_CONTENT_READ

no extra

CreateAutonomousDatabaseBackup (also needs manage autonomous-backups)

USE

READ + no extra

no extra

none

MANAGE

USE +

AUTONOMOUS_DB_BACKUP_CREATE

AUTONOMOUS_DB_BACKUP_DELETE

DeleteAutonomousDatabaseBackup

CreateAutonomousDatabaseBackup (also needs read autonomous-databases)

Permissions and API operation details for Autonomous Container Databases

The table below lists permissions and API operations for autonomous-container-databases.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

AUTONOMOUS_CONTAINER_DATABASE_INSPECT

ListAutonomousContainerDatabases, GetAutonomousContainerDatabase

none

READ

No extra

No extra

none

USE

READ + AUTONOMOUS_CONTAINER_DATABASE_UPDATE

UpdateAutonomousContainerDatabase

ChangeAutonomousContainerDatabaseCompartment

CreateAutonomousDatabase (also needs manage autonomous-databases)

MANAGE

USE +

AUTONOMOUS_CONTAINER_DATABASE_CREATE

AUTONOMOUS_CONTAINER_DATABASE_DELETE

No extra

CreateAutonomousContainerDatabase, TerminateAutonomousContainerDatabase (both also need use autonomous-VmCluster)

Permissions and API operation details for Autonomous VM Clusters

The table below lists permissions and API operations for autonomous-vmclusters.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

AUTONOMOUS_VM_CLUSTER_INSPECT

ListAutonomousVmClusters

GetAutonomousVmCluster

ChangeAutonomousVmClusterCompartment

READ

No extra

No extra

none

USE

READ +

AUTONOMOUS_VM_CLUSTER_UPDATE

ChangeAutonomousVmClusterCompartment

UpdateAutonomousVmCluster

CreateAutonomousContainerDatabase

TerminateAutonomousContainerDatabase

MANAGE

USE +

AUTONOMOUS_VM_CLUSTER_CREATE +

AUTONOMOUS_VM_CLUSTER_DELETE

DeleteAutonomousVmCluster

CreateAutonomousVmCluster

Permissions and API operation details for Autonomous Container Database Data Guard Associations

The table below lists permissions and API operations for autonomousContainerDatabaseDataguardAssociations.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

AUTONOMOUS_VM_CLUSTER_INSPECT

AUTONOMOUS_CONTAINER_DATABASE_INSPECT

GetAutonomousContainerDatabase

ListAutonomousContainerDatabaseDataguardAssociations

GetAutonomousContainerDatabaseDataguardAssociation

CreateAutonomousContainerDatabase

FailoverAutonomousContainerDatabaseDataguardAssociation

SwitchoverAutonomousContainerDatabaseDataguardAssociation

ReinstateAutonomousContainerDatabaseDataguardAssociation

READ

no extra

no extra

none

USE

READ +

AUTONOMOUS_VM_CLUSTER_UPDATE +

AUTONOMOUS_CONTAINER_DATABASE_UPDATE

none

CreateAutonomousContainerDatabase

deleteAutonomouContainerDatabase

FailoverAutonomousContainerDatabaseDataguardAssociation

SwitchoverAutonomousContainerDatabaseDataguardAssociation

ReinstateAutonomousContainerDatabaseDataguardAssociation

MANAGE

USE +

AUTONOMOUS_CONTAINER_DATABASE_CREATE +

AUTONOMOUS_CONTAINER_DATABASE_DELETE

none

CreateAutonomousContainerDatabase

deleteAutonomouContainerDatabase

Permissions and API operation details for Autonomous Database Data Guard Association

The table below lists permissions and API operations for AutonomousDatabaseDataguardAssociation.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

AUTONOMOUS_DATABASE_INSPECT

GetAutonomousDatabase

none

READ

no extra

no extra

none

USE

no extra

no extra

none

MANAGE

no extra

no extra

none

Permissions and API operation details for Autonomous Virtual Machine

The table below lists permissions and API operations for autonomous-virtual-machine.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

AUTONOMOUS_VIRTUAL_MACHINE_INSPECT

GetAutonomousVirtualMachine

ListAutonomousVirtualMachines

none

Permissions and API operation details for Key Stores

The table below lists permissions and API operations for key-stores.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

KEY_STORE_INPSECT

AUTONOMOUS_CONTAINER_DATABASE_INSPECT

AUTONOMOUS_DATABASE_INSPECT

AUTONOMOUS_DB_BACKUP_INSPECT

GetKeyStore

GetAutonomousContainerDatabase

GetAutonomousDatabase

GetAutonomousDatabaseBackup

ChangeKeyStoreCompartment

RotateAutonomousContainerDatabaseKey

READ

no extra

no extra

none

USE

READ + KEY_STORE_UPDATE +

AUTONOMOUS_VM_CLUSTER_UPDATE +

AUTONOMOUS_CONTAINER_DATABASE_UPDATE

AUTONOMOUS_DATABASE_UPDATE

UpdateKeyStore

none

none

none

RotateAutonomousDatabaseKey

ChangeKeyStoreCompartment

CreateAutonomousContainerDatabase

RotateAutonomousContainerDatabaseKey

none

MANAGE

USE + KEY_STORE_CREATE +

KEY_STORE_DELETE +

AUTONOMOUS_CONTAINER_DATABASE_CREATE

CreateKeyStore

DeleteKeyStore

CreateAutonomousContainerDatabase

none

Permissions and API operation details for Pluggable Databases (PDBs)

The table below lists permissions and API operations for pluggable-databases.

Verbs Permissions APIs Fully Covered APIs Partially Covered
inspect PLUGGABLE_DATABASE_INSPECT

ListPluggableDatabases

GetPluggableDatabase

UpdatePluggableDatabase

StartPluggableDatabase

StopPluggableDatabase

LocalClonePluggableDatabase

RemoteClonePluggableDatabase

RefreshPluggableDatabase

ConvertRefreshablePluggableDatabase

DATABASE_INSPECT

 no extra

CreatePluggableDatabase

DeletePluggableDatabase

LocalClonePluggableDatabase

RemoteClonePluggableDatabase
read

INSPECT +

PLUGGABLE_DATABASE_CONTENT_READ

 no extra

CreatePluggableDatabase (Additional permissions are required if auto-backups are enabled on the CDB and includes this PDB.)

UpdatePluggableDatabase (Additional permissions are required if auto-backups are enabled on the CDB and includes this PDB.)

LocalClonePluggableDatabase

RemoteClonePluggableDatabase
use

READ +

PLUGGABLE_DATABASE_CONTENT_WRITE

 no extra

LocalClonePluggableDatabase

RemoteClonePluggableDatabase

PLUGGABLE_DATABASE_UPDATE

 no extra

UpdatePluggableDatabase

StartPluggableDatabase

StopPluggableDatabase

LocalClonePluggableDatabase

RemoteClonePluggableDatabase

RefreshPluggableDatabase

ConvertRefreshablePluggableDatabase

DATABASE_UPDATE

 no extra

CreatePluggableDatabase

DeletePluggableDatabase

LocalClonePluggableDatabase

RemoteClonePluggableDatabase
manage

USE +

PLUGGABLE_DATABASE_CREATE

 no extra

CreatePluggableDatabase

LocalClonePluggableDatabase

RemoteClonePluggableDatabase

PLUGGABLE_DATABASE_DELETE

 no extra

DeletePluggableDatabase

Permissions and API operation details for DB Servers

The table below lists permissions and API operations for dbServers.

Verbs Permissions APIs Fully Covered APIs Partially Covered

INSPECT

EXADATA_INFRASTRUCTURE_INSPECT

none

GetDbServer

ListDbServers

READ

no extra

no extra

none

USE

READ +

VM_CLUSTER_UPDATE

EXADATA_INFRASTRUCTURE_UPDATE

none

AddVirtualMachineToVmCluster, RemoveVirtualMachineFromVmCluster

MANAGE

No extra

No extra

none

Permissions and API operation details for DB Node Console Connection

The table below lists permissions and API operations for dbnode-console-connection.

Verbs Permissions APIs Fully Covered APIs Partially Covered
inspect

DBNODE_CONSOLE_CONNECTION_INSPECT

GetDbNodeConsoleConnection

ListDbNodeConsoleConnections

none
read no extra no extra none
use

READ +

DBNODE_CONSOLE_CONNECTION_UPDATE

PLUGGABLE_DATABASE_UPDATE

UpdateDbNodeConsoleConnection

none
manage

USE +

DBNODE_CONSOLE_CONNECTION_CREATE

DBNODE_CONSOLE_CONNECTION_DELETE

CreateDbNodeConsoleConnection

DeleteDbNodeConsoleConnection

 none

Permissions and API operation details for DB Node Console History

The table below lists permissions and API operations for dbnode-console-history.

Verbs Permissions APIs Fully Covered APIs Partially Covered
inspect

DBNODE_CONSOLE_HISTORY_INSPECT

GetDbNodeConsoleHistory

ListDbNodeConsoleHistories

 none
read

INSPECT +

DBNODE_CONSOLE_HISTORY_CONTENT_READ

getDbNodeConsoleHistoryContent

 none
use

READ +

DBNODE_CONSOLE_HISTORY_UPDATE

PLUGGABLE_DATABASE_UPDATE

UpdateDbNodeConsoleHistory

none
manage

USE +

DBNODE_CONSOLE_HISTORY_CREATE

DBNODE_CONSOLE_HISTORY_DELETE

CreateDbNodeConsoleHistory

DeleteDbNodeConsoleHistory

 none

Permissions and API operation details for Interim Software Updates

The table below lists permissions and API operations for oneoffPatch.

Verbs Permissions APIs Fully Covered APIs Partially Covered
inspect ONEOFF_PATCH_INSPECT

DownloadOneoffPatch

GetOneoffPatch

ListOneoffPatches

CreateOneoffPatch

DeleteOneoffPatch

UpdateOneoffPatch

ChangeOneoffPatchCompartment
read

INSPECT + no extra

DownloadOneoffPatch

 none
use

READ +

ONEOFF_PATCH_UPDATE

none

UpdateOneoffPatch

ChangeOneoffPatchCompartment
manage

USE +

ONEOFF_PATCH_CREATE

ONEOFF_PATCH_DELETE

 none

CreateOneoffPatch

DeleteOneoffPatch

Permissions and API operation details for Scheduling Policies

The table below lists permissions and API operations for scheduling-policies.

Verbs Permissions APIs Fully Covered APIs Partially Covered
inspect SCHEDULING_POLICY_INSPECT

ListSchedulingPolicies

GetSchedulingPolicy

ListRecommendedScheduledActions

CreateSchedulingPolicy

UpdateSchedulingPolicy

DeleteSchedulingPolicy

ChangeSchedulingPolicyCompartment
read

INSPECT + No extra

No extra

 none
use

READ +

SCHEDULING_POLICY_UPDATE

No extra

UpdateSchedulingPolicy

ChangeSchedulingPolicyCompartment
manage

USE +

SCHEDULING_POLICY_CREATE

SCHEDULING_POLICY_DELETE

 No extra

CreateSchedulingPolicy

DeleteSchedulingPolicy

Permissions and API operation details for Scheduling Windows

The table below lists permissions and API operations for scheduling-windows.

Verbs Permissions APIs Fully Covered APIs Partially Covered
inspect SCHEDULING_WINDOW_INSPECT

ListSchedulingWindows

GetSchedulingWindow

CreateSchedulingWindow

UpdateSchedulingWindow

DeleteSchedulingWindow
read

INSPECT + No extra

No extra

 none
use

READ +

SCHEDULING_WINDOW_UPDATE

No extra

UpdateSchedulingWindow
manage

USE +

SCHEDULING_WINDOW_CREATE

SCHEDULING_WINDOW_DELETE

 No extra

CreateSchedulingWindow

DeleteSchedulingWindow

Permissions and API operation details for Scheduling Plan

scheduling-plan resources inherit permissions from the exadata-infrastructure resources with which they are associated. You cannot grant permissions to scheduling-plan resources explicitly.

The table below lists permissions and API operations for scheduling-plan.

Verbs Permissions APIs Fully Covered APIs Partially Covered
inspect EXADATA_INFRASTRUCTURE_INSPECT
  • ListExadataInfrastructures
  • GetExadataInfrastructure
  • GenerateRecommendedNetworkDetails
  • ListVmClusterNetworks
  • GetVmClusterNetwork
  • ValidateVmClusterNetwork
  • DownloadExadataInfrastructureConfigFile
  • DownloadVmClusterNetworkConfigFile
  • ListSchedulingPlans
  • GetSchedulingPlan

ChangeExadataInfrastructureCompartment
read

INSPECT + No extra

No extra

 none
use

READ + EXADATA_INFRASTRUCTURE_UPDATE
  • ActivateExadataInfrastructure
  • UpdateExadataInfrastructure
  • ChangeExadataInfrastructureCompartment
  • AddStorageCapacityExadataInfrastructure
  • CreateVmClusterNetwork
  • UpdateVmClusterNetwork
  • DeleteVmClusterNetwork
  • ChangeSchedulingPlanCompartment
  • CascadingDeleteSchedulingPlan
  • CreateVmCluster (also needs manage vmclusters)
  • UpdateVmCluster (also needs use vmclusters)
  • ChangeExadataInfrastructureCompartment
manage

USE +

EXADATA_INFRASTRUCTURE_CREATE

EXADATA_INFRASTRUCTURE_DELETE
  • CreateExadataInfrastructure
  • DeleteExadataInfrastructure
  • downloadExadataInfrastructureConfigFile
  • CreateSchedulingPlan
  • DeleteSchedulingPlan

none

Permissions and API operation details for Scheduled Action

scheduled-action resources inherit permissions from the exadata-infrastructure resources with which they are associated. You cannot grant permissions to scheduled-action resources explicitly.

The table below lists permissions and API operations for scheduled-action.

Verbs Permissions APIs Fully Covered APIs Partially Covered
inspect EXADATA_INFRASTRUCTURE_INSPECT
  • ListExadataInfrastructures
  • GetExadataInfrastructure
  • GenerateRecommendedNetworkDetails
  • ListVmClusterNetworks
  • GetVmClusterNetwork
  • ValidateVmClusterNetwork
  • DownloadExadataInfrastructureConfigFile
  • DownloadVmClusterNetworkConfigFile
  • ListScheduledActions
  • GetScheduledAction
  • ListParamsForActionType

ChangeExadataInfrastructureCompartment
read

INSPECT + No extra

No extra

 none
use

READ + EXADATA_INFRASTRUCTURE_UPDATE
  • ActivateExadataInfrastructure
  • UpdateExadataInfrastructure
  • ChangeExadataInfrastructureCompartment
  • AddStorageCapacityExadataInfrastructure
  • CreateVmClusterNetwork
  • UpdateVmClusterNetwork
  • DeleteVmClusterNetwork
  • UpdateScheduledAction
  • ReorderScheduledActions
  • CreateVmCluster (also needs manage vmclusters)
  • UpdateVmCluster (also needs use vmclusters)
  • ChangeExadataInfrastructureCompartment
manage

USE +

EXADATA_INFRASTRUCTURE_CREATE

EXADATA_INFRASTRUCTURE_DELETE
  • CreateExadataInfrastructure
  • DeleteExadataInfrastructure
  • downloadExadataInfrastructureConfigFile
  • CreateScheduledAction
  • DeleteScheduledAction

none

Permissions and API operation details for Execution Windows

execution-windows resources inherit permissions from the exadata-infrastructure resources with which they are associated. You cannot grant permissions to execution-windows resources explicitly.

The table below lists permissions and API operations for execution-windows.

Verbs Permissions APIs Fully Covered APIs Partially Covered
inspect EXADATA_INFRASTRUCTURE_INSPECT
  • ListExadataInfrastructures
  • GetExadataInfrastructure
  • GenerateRecommendedNetworkDetails
  • ListVmClusterNetworks
  • GetVmClusterNetwork
  • ValidateVmClusterNetwork
  • DownloadExadataInfrastructureConfigFile
  • DownloadVmClusterNetworkConfigFile
  • ListExecutionWindows
  • GetExecutionWindow

ChangeExadataInfrastructureCompartment
read

INSPECT + No extra

No extra

 none
use

READ + EXADATA_INFRASTRUCTURE_UPDATE
  • ActivateExadataInfrastructure
  • UpdateExadataInfrastructure
  • ChangeExadataInfrastructureCompartment
  • AddStorageCapacityExadataInfrastructure
  • CreateVmClusterNetwork
  • UpdateVmClusterNetwork
  • DeleteVmClusterNetwork
  • UpdateExecutionWindow
  • CancelExecutionWindow
  • CreateVmCluster (also needs manage vmclusters)
  • UpdateVmCluster (also needs use vmclusters)
  • ChangeExadataInfrastructureCompartment
manage

USE +

EXADATA_INFRASTRUCTURE_CREATE

EXADATA_INFRASTRUCTURE_DELETE
  • CreateExadataInfrastructure
  • DeleteExadataInfrastructure
  • downloadExadataInfrastructureConfigFile
  • CreateExecutionWindow
  • DeleteExecutionWindow

none

Permissions and API operation details for Execution Action

execution-action resources inherit permissions from the exadata-infrastructure resources with which they are associated. You cannot grant permissions to execution-action resources explicitly.

The table below lists permissions and API operations for execution-action.

Verbs Permissions APIs Fully Covered APIs Partially Covered
inspect EXADATA_INFRASTRUCTURE_INSPECT
  • ListExadataInfrastructures
  • GetExadataInfrastructure
  • GenerateRecommendedNetworkDetails
  • ListVmClusterNetworks
  • GetVmClusterNetwork
  • ValidateVmClusterNetwork
  • DownloadExadataInfrastructureConfigFile
  • DownloadVmClusterNetworkConfigFile
  • ListExecutionActions
  • GetExecutionAction

ChangeExadataInfrastructureCompartment
read

INSPECT + No extra

No extra

 none
use

READ + EXADATA_INFRASTRUCTURE_UPDATE
  • ActivateExadataInfrastructure
  • UpdateExadataInfrastructure
  • ChangeExadataInfrastructureCompartment
  • AddStorageCapacityExadataInfrastructure
  • CreateVmClusterNetwork
  • UpdateVmClusterNetwork
  • DeleteVmClusterNetwork
  • UpdateExecutionAction
  • MoveExecutionActionMember
  • CreateVmCluster (also needs manage vmclusters)
  • UpdateVmCluster (also needs use vmclusters)
  • ChangeExadataInfrastructureCompartment
manage

USE +

EXADATA_INFRASTRUCTURE_CREATE

EXADATA_INFRASTRUCTURE_DELETE
  • CreateExadataInfrastructure
  • DeleteExadataInfrastructure
  • downloadExadataInfrastructureConfigFile
  • CreateExecutionAction
  • DeleteExecutionAction

none

Permissions and API operation details for Data Guard group

The table below lists permissions and API operations for Dataguardgroup.

Verbs Permissions APIs Fully Covered APIs Partially Covered

inspect

DATABASE_INSPECT
  • ListDatabases
  • GetDatabase

CreateDatabase

read

No extra

No extra

none

use

READ+

Standby: VM_CLUSTER_INSPECT + DB_HOME_INSPECT + DATABASE_CREATE

Primary: DATABASE_INSPECT + DATABASE_CONTENT_READ + DATABASE_UPDATE

CreateDatabase (standby)

DeleteDatabase

DataguardAction (Switchover, Failover, Reinstate, UpdateDatabase)

Needs only DATABASE_INSPECT + DATABASE_UPDATE

manage

USE +

DATABASE_DELETE

DeleteDatabase

none

Permissions Required for Each API Operation

Review the list of API operations for Oracle Exadata Database Service on Cloud@Customer resources in a logical order, grouped by resource type.

For information about permissions, see Permissions.

Table 7-30 Database API Operations

API Operation Permissions Required to Use the Operation

ListExadataInfrastructures

EXADATA_INFRASTRUCTURE_INSPECT

GetExadataInfrastructure

EXADATA_INFRASTRUCTURE_INSPECT

CreateExadataInfrastructure

EXADATA_INFRASTRUCTURE_CREATE

UpdateExadataInfrastructure

EXADATA_INFRASTRUCTURE_UPDATE

ChangeExadataInfrastructureCompartment

EXADATA_INFRASTRUCTURE_INSPECT and EXADATA_INFRASTRUCTURE_UPDATE

DeleteExadataInfrastructure

EXADATA_INFRASTRUCTURE_DELETE

DownloadExadataInfrastructureConfigFile

EXADATA_INFRASTRUCTURE_CONTENT_READ

AddStorageCapacityExadataInfrastructure

EXADATA_INFRASTRUCTURE_UPDATE

ActivateExadataInfrastructure

EXADATA_INFRASTRUCTURE_UPDATE

GenerateRecommendedNetworkDetails

EXADATA_INFRASTRUCTURE_INSPECT

ListVmClusterNetworks

EXADATA_INFRASTRUCTURE_INSPECT

GetVmClusterNetwork

EXADATA_INFRASTRUCTURE_INSPECT

CreateVmClusterNetwork

EXADATA_INFRASTRUCTURE_INSPECT and EXADATA_INFRASTRUCTURE_UPDATE

UpdateVmClusterNetwork

EXADATA_INFRASTRUCTURE_INSPECT and EXADATA_INFRASTRUCTURE_UPDATE

DeleteVmClusterNetwork

EXADATA_INFRASTRUCTURE_UPDATE

DownloadVmClusterNetworkConfigFile

EXADATA_INFRASTRUCTURE_INSPECT and EXADATA_INFRASTRUCTURE_CONTENT_READ

ValidateVmClusterNetwork

EXADATA_INFRASTRUCTURE_INSPECT

ListVmClusters

VM_CLUSTER_INSPECT

GetVmCluster

VM_CLUSTER_INSPECT

CreateVmCluster

EXADATA_INFRASTRUCTURE_INSPECT and EXADATA_INFRASTRUCTURE_UPDATE and VM_CLUSTER_CREATE

UpdateVmCluster

EXADATA_INFRASTRUCTURE_INSPECT and EXADATA_INFRASTRUCTURE_UPDATE and VM_CLUSTER_UPDATE

ChangeVmClusterCompartment

VM_CLUSTER_INSPECT and VM_CLUSTER_UPDATE

DeleteVmCluster

VM_CLUSTER_DELETE

ListVmClusterPatches

VM_CLUSTER_INSPECT

ListVmClusterPatchHistoryEntries

VM_CLUSTER_INSPECT

GetVmClusterPatch

VM_CLUSTER_INSPECT

GetVmClusterPatchHistoryEntry

VM_CLUSTER_INSPECT

ListVmClusterUpdates

VM_CLUSTER_INSPECT

ListVmClusterUpdateHistoryEntries

VM_CLUSTER_INSPECT

GetVmClusterUpdate

VM_CLUSTER_INSPECT

GetVmClusterUpdateHistoryEntry

VM_CLUSTER_INSPECT

ListBackupDestination

BACKUP_DESTINATION_INSPECT

GetBackupDestination

BACKUP_DESTINATION_INSPECT

CreateBackupDestination

BACKUP_DESTINATION_CREATE

UpdateBackupDestination

BACKUP_DESTINATION_UPDATE

DeleteBackupDestination

BACKUP_DESTINATION_DELETE

ChangeBackupDestinationCompartment

BACKUP_DESTINATION_INSPECT and BACKUP_DESTINATION_UPDATE

GetDbNode

DB_NODE_INSPECT

DbNodeAction

DB_NODE_POWER_ACTIONS

ListDbHomes

DB_HOME_INSPECT

GetDbHome

DB_HOME_INSPECT

CreateDbHome

VM_CLUSTER_INSPECT and VM_CLUSTER_UPDATE and DB_HOME_CREATE and DATABASE_CREATE

To enable automatic backups for the database, also need DB_BACKUP_CREATE and DATABASE_CONTENT_READ.

UpdateDbHome

DB_HOME_UPDATE

DeleteDbHome

VM_CLUSTER_UPDATE and DB_HOME_UPDATE and DATABASE_DELETE

ListDbHomePatches

DB_HOME_INSPECT

ListDbHomePatchHistoryEntries

DB_HOME_INSPECT

GetDbHomePatch

DB_HOME_INSPECT

GetDbHomePatchHistoryEntry

DB_HOME_INSPECT

CreateDatabase

VM_CLUSTER_INSPECT, VM_CLUSTER_UPDATE, DB_HOME_INSPECT, DB_HOME_UPDATE, DATABASE_CREATE

DB_BACKUP_CREATE and DATABASE_CONTENT_READ

DB_BACKUP_INSPECT, DB_BACKUP_CONTENT_READ

ListDatabases

DATABASE_INSPECT

GetDatabase

DATABASE_INSPECT

UpdateDatabase

DATABASE_UPDATE

To enable automatic backups, also need DB_BACKUP_CREATE and DATABASE_CONTENT_READ

DeleteDatabase

VM_CLUSTER_UPDATE, DB_HOME_UPDATE, DATABASE_DELETE

DB_BACKUP_INSPECT, DB_BACKUP_DELETE

DB_BACKUP_CREATE and DATABASE_CONTENT_READ

UpgradeDatabase

DATABASE_INSPECT

DATABASE_UPDATE

DB_HOME_INSPECT

DB_HOME_UPDATE

getDatabaseUpgradeHistoryEntry

DATABASE_INSPECT

getDatabaseUpgradeHistoryEntry

DATABASE_INSPECT

ListDbVersions

(no permissions required; available to anyone)

GetBackup

DB_BACKUP_INSPECT

ListBackups

DB_BACKUP_INSPECT

CreateBackup

DB_BACKUP_CREATE and DATABASE_CONTENT_READ

DeleteBackup

DB_BACKUP_DELETE and DB_BACKUP_INSPECT

RestoreDatabase

DB_BACKUP_INSPECT and DB_BACKUP_CONTENT_READ and DATABASE_CONTENT_WRITE

ListAutonomousVmClusters

AUTONOMOUS_VM_CLUSTER_INSPECT

GetAutonomousVmCluster

AUTONOMOUS_VM_CLUSTER_INSPECT

CreateAutonomousVmCluster

AUTONOMOUS_VM_CLUSTER_CREATE and EXADATA_INFRASTRUCTURE_INSPECT and EXADATA_INFRASTRUCTURE_UPDATE

UpdateAutonomousVmCluster

AUTONOMOUS_VM_CLUSTER_UPDATE and EXADATA_INFRASTRUCTURE_INSPECT and EXADATA_INFRASTRUCTURE_UPDATE

ChangeAutonomousVmClusterCompartment

AUTONOMOUS_VM_CLUSTER_INSPECT and AUTONOMOUS_VM_CLUSTER_UPDATE

DeleteAutonomousVmCluster

AUTONOMOUS_VM_CLUSTER_DELETE

ListAutonomousContainerDatabases

AUTONOMOUS_CONTAINER_DATABASE_INSPECT

GetAutonomousContainerDatabase

AUTONOMOUS_CONTAINER_DATABASE_INSPECT

CreateAutonomousContainerDatabase

EXADATA_INFRASTRUCTURE_UPDATE and AUTONOMOUS_VM_CLUSTER_UPDATE and AUTONOMOUS_CONTAINER_DATABASE_CREATE

TerminateAutonomousContainerDatabase

EXADATA_INFRASTRUCTURE_UPDATE and AUTONOMOUS_VM_CLUSTER_UPDATE and AUTONOMOUS_CONTAINER_DATABASE_DELETE

UpdateAutonomousContainerDatabase

AUTONOMOUS_CONTAINER_DATABASE_UPDATE

ChangeAutonomousContainerDatabaseCompartment

AUTONOMOUS_CONTAINER_DATABASE_INSPECT and AUTONOMOUS_CONTAINER_DATABASE_UPDATE

RotateAutonomousContainerDatabaseEncryptionKey

AUTONOMOUS_CONTAINER_DATABASE_UPDATE and AUTONOMOUS_CONTAINER_DATABASE_INSPECT

GetAutonomousDatabase

AUTONOMOUS_DATABASE_INSPECT

ListAutonomousDatabases

AUTONOMOUS_DATABASE_INSPECT

CreateAutonomousDatabase

AUTONOMOUS_DATABASE_CREATE

UpdateAutonomousDatabase

AUTONOMOUS_DATABASE_UPDATE

ChangeAutonomousDatabaseCompartment

AUTONOMOUS_DATABASE_UPDATE and AUTONOMOUS_DB_BACKUP_INSPECT and AUTONOMOUS_DB_BACKUP_CONTENT_READ and AUTONOMOUS_DATABASE_CONTENT_WRITE

DeleteAutonomousDatabase

AUTONOMOUS_DATABASE_DELETE

StartAutonomousDatabase

AUTONOMOUS_DATABASE_UPDATE

StopAutonomousDatabase

AUTONOMOUS_DATABASE_UPDATE

RestartAutonomousDatabase

AUTONOMOUS_DATABASE_UPDATE

RestoreAutonomousDatabase

AUTONOMOUS_DB_BACKUP_CONTENT_READ and AUTONOMOUS_DATABASE_CONTENT_WRITE

RotateAutonomousDatabaseEncryptionKey

AUTONOMOUS_DATABASE_UPDATE

CreateAutonomousDatabaseBackup

AUTONOMOUS_DB_BACKUP_CREATE and AUTONOMOUS_DATABASE_CONTENT_READ

ListAutonomousDatabaseBackups

AUTONOMOUS_DB_BACKUP_DELETE

GetAutonomousDatabaseBackup

AUTONOMOUS_DB_BACKUP_DELETE

ListAutonomousContainerDatabaseDataguardAssociations

AUTONOMOUS_CONTAINER_DATABASE_INSPECT

GetAutonomousContainerDatabaseDataguardAssociation

AUTONOMOUS_CONTAINER_DATABASE_INSPECT

FailoverAutonomousContainerDatabaseDataguardAssociation

AUTONOMOUS_CONTAINER_DATABASE_INSPECT and AUTONOMOUS_CONTAINER_DATABASE_UPDATE

SwitchoverAutonomousContainerDatabaseDataguardAssociation

AUTONOMOUS_CONTAINER_DATABASE_INSPECT and AUTONOMOUS_CONTAINER_DATABASE_UPDATE

ReinstateAutonomousContainerDatabaseDataguardAssociation

AUTONOMOUS_CONTAINER_DATABASE_INSPECT and AUTONOMOUS_CONTAINER_DATABASE_UPDATE

UpdateAutonomousContainerDatabaseDataguardAssociation

AUTONOMOUS_CONTAINER_DATABASE_INSPECT and AUTONOMOUS_CONTAINER_DATABASE_UPDATE

ListAutonomousDatabaseDataguardAssociations

AUTONOMOUS_CONTAINER_DATABASE_INSPECT

GetAutonomousDatabaseDataguardAssociation

AUTONOMOUS_CONTAINER_DATABASE_INSPECT

CreateDataGuardAssociation

VM_CLUSTER_INSPECT and DATABASE_INSPECT and DATABASE_UPDATE

GetDataGuardAssociation

DATABASE_INSPECT

ListDataGuardAssociations

DATABASE_INSPECT

SwitchoverDataGuardAssociation

DATABASE_UPDATE

FailoverDataGuardAssociation

DATABASE_UPDATE

ReinstateDataGuardAssociation

DATABASE_UPDATE

DeleteDatabase

VM_CLUSTER_UPDATE and DB_HOME_UPDATE and DATABASE_DELETE

CreateKeyStore

KEY_STORE_CREATE

GetKeyStore

KEY_STORE_INSPECT

UpdateKeyStore

KEY_STORE_UPDATE

DeleteKeyStore

KEY_STORE_DELETE

ChangeKeyStoreCompartment

KEY_STORE_INPSECT and KEY_STORE_UPDATE

ListDatabaseSoftwareImages

DB_SOFTWARE_IMG_INSPECT

GetDatabaseSoftwareImage

DB_SOFTWARE_IMG_INSPECT

UpdateDatabaseSoftwareImage

DB_SOFTWARE_IMG_INSPECT and DB_SOFTWARE_IMG_UPDATE

ChangeDatabaseSoftwareImageCompartment

DB_SOFTWARE_IMG_INSPECT and DB_SOFTWARE_IMG_UPDATE

CreateDatabaseSoftwareImage

DB_SOFTWARE_IMG_INSPECT and DB_SOFTWARE_IMG_CREATE

DeleteDatabaseSoftwareImage

DB_SOFTWARE_IMG_INSPECT and DB_SOFTWARE_IMG_DELETE

ListPluggableDatabase

PLUGGABLE_DATABASE_INSPECT

GetPluggableDatabase

PLUGGABLE_DATABASE_INSPECT

CreatePluggableDatabase

PLUGGABLE_DATABASE_CREATE, DATABASE_INSPECT and DATABASE_UPDATE.

UpdatePluggableDatabase

PLUGGABLE_DATABASE_INSPECT and PLUGGABLE_DATABASE_UPDATE

StartPluggableDatabase

PLUGGABLE_DATABASE_INSPECT and PLUGGABLE_DATABASE_UPDATE

StopPluggableDatabase

PLUGGABLE_DATABASE_INSPECT and PLUGGABLE_DATABASE_UPDATE

DeletePluggableDatabase

PLUGGABLE_DATABASE_DELETE, DATABASE_INSPECT, and DATABASE_UPDATE

LocalClonePluggableDatabase

PLUGGABLE_DATABASE_INSPECT, PLUGGABLE_DATABASE_UPDATE, PLUGGABLE_DATABASE_CONTENT_READ, PLUGGABLE_DATABASE_CONTENT_WRITE, PLUGGABLE_DATABASE_CREATE, DATABASE_INSPECT, and DATABASE_UPDATE

RemoteClonePluggableDatabase

PLUGGABLE_DATABASE_INSPECT, PLUGGABLE_DATABASE_UPDATE, PLUGGABLE_DATABASE_CONTENT_READ, PLUGGABLE_DATABASE_CONTENT_WRITE, PLUGGABLE_DATABASE_CREATE, DATABASE_INSPECT, and DATABASE_UPDATE

RefreshPluggableDatabase

PLUGGABLE_DATABASE_INSPECT and PLUGGABLE_DATABASE_UPDATE

ConvertRefreshablePluggableDatabase

PLUGGABLE_DATABASE_INSPECT and PLUGGABLE_DATABASE_UPDATE

GetDbServer

DB_SERVER_INSPECT

ListDbServers

DB_SERVER_INSPECT

AddVirtualMachineToVmCluster

VM_CLUSTER_UPDATE

EXADATA_INFRASTRUCTURE_UPDATE

RemoveVirtualMachineFromVmCluster

VM_CLUSTER_UPDATE

EXADATA_INFRASTRUCTURE_UPDATE

CreateOneoffPatch

ONEOFF_PATCH_INSPECT

ONEOFF_PATCH_CREATE

DeleteOneoffPatch

ONEOFF_PATCH_INSPECT

ONEOFF_PATCH_DELETE

DownloadOneoffPatch

ONEOFF_PATCH_INSPECT

UpdateOneoffPatch

ONEOFF_PATCH_INSPECT

ONEOFF_PATCH_UPDATE

ListOneoffPatches

ONEOFF_PATCH_INSPECT

GetOneoffPatch

ONEOFF_PATCH_INSPECT

ChangeOneoffPatchCompartment

ONEOFF_PATCH_INSPECT

ONEOFF_PATCH_UPDATE

CreateDbNodeConsoleConnection

DBNODE_CONSOLE_CONNECTION_CREATE

DBNODE_CONSOLE_CONNECTION_INSPECT

GetDbNodeConsoleConnection

DBNODE_CONSOLE_CONNECTION_INSPECT

ListDbNodeConsoleConnections

DBNODE_CONSOLE_CONNECTION_INSPECT

DeleteDbNodeConsoleConnection

DBNODE_CONSOLE_CONNECTION_DELETE

UpdateDbNodeConsoleConnection

DBNODE_CONSOLE_CONNECTION_UPDATE

UpdateDbNode

DB_NODE_UPDATE

createDbNodeConsoleHistory

DBNODE_CONSOLE_HISTORY_CREATE & DBNODE_CONSOLE_HISTORY_INSPECT

getDbNodeConsoleHistory

DBNODE_CONSOLE_HISTORY_INSPECT

getDbNodeConsoleHistoryContent

DBNODE_CONSOLE_HISTORY_CONTENT_READ

listDbNodeConsoleHistories

DBNODE_CONSOLE_HISTORY_INSPECT

updateDbNodeConsoleHistory

DBNODE_CONSOLE_HISTORY_UPDATE

deleteDbNodeConsoleHistory

DBNODE_CONSOLE_HISTORY_DELETE

ListSchedulingPolicies

SCHEDULING_POLICY_INSPECT

GetSchedulingPolicy

SCHEDULING_POLICY_INSPECT

UpdateSchedulingPolicy

SCHEDULING_POLICY_INSPECT & SCHEDULING_POLICY_UPDATE

ChangeSchedulingPolicyCompartment

SCHEDULING_POLICY_INSPECT & SCHEDULING_POLICY_UPDATE

ListRecommendedScheduledActions

SCHEDULING_POLICY_INSPECT & SCHEDULING_POLICY_UPDATE

CreateSchedulingPolicy

SCHEDULING_POLICY_INSPECT & SCHEDULING_POLICY_CREATE

DeleteSchedulingPolicy

SCHEDULING_POLICY_INSPECT & SCHEDULING_POLICY_DELETE

ListSchedulingWindows

SCHEDULING_WINDOW_INSPECT

GetSchedulingWindow

SCHEDULING_WINDOW_INSPECT

UpdateSchedulingWindow

SCHEDULING_WINDOW_INSPECT & SCHEDULING_WINDOW_UPDATE

CreateSchedulingWindow

SCHEDULING_WINDOW_INSPECT & SCHEDULING_WINDOW_CREATE

DeleteSchedulingWindow

SCHEDULING_WINDOW_INSPECT & SCHEDULING_WINDOW_DELETE

CreateSchedulingWindow

SCHEDULING_WINDOW_INSPECT & SCHEDULING_WINDOW_CREATE

DeleteSchedulingWindow

SCHEDULING_WINDOW_INSPECT & SCHEDULING_WINDOW_DELETE

ListSchedulingPlans

EXADATA_INFRASTRUCTURE_INSPECT

GetSchedulingPlan

EXADATA_INFRASTRUCTURE_INSPECT

CreateSchedulingPlan

EXADATA_INFRASTRUCTURE_CREATE

ChangeSchedulingPlanCompartment

EXADATA_INFRASTRUCTURE_UPDATE

ReorderScheduledActions

EXADATA_INFRASTRUCTURE_UPDATE

CascadingDeleteSchedulingPlan

EXADATA_INFRASTRUCTURE_UPDATE

DeleteSchedulingPlan

EXADATA_INFRASTRUCTURE_DELETE

ListScheduledActions

EXADATA_INFRASTRUCTURE_INSPECT

GetScheduledAction

EXADATA_INFRASTRUCTURE_INSPECT

ListParamsForActionType

EXADATA_INFRASTRUCTURE_INSPECT

UpdateScheduledAction

EXADATA_INFRASTRUCTURE_UPDATE

ReorderScheduledActions

EXADATA_INFRASTRUCTURE_UPDATE

CreateScheduledAction

EXADATA_INFRASTRUCTURE_CREATE

DeleteScheduledAction

EXADATA_INFRASTRUCTURE_DELETE

ListExecutionWindows

EXADATA_INFRASTRUCTURE_INSPECT

GetExecutionWindow

EXADATA_INFRASTRUCTURE_INSPECT

UpdateExecutionWindow

EXADATA_INFRASTRUCTURE_UPDATE

ReorderExecutionActions

EXADATA_INFRASTRUCTURE_UPDATE

CancelExecutionWindow

EXADATA_INFRASTRUCTURE_UPDATE

CreateExecutionWindow

EXADATA_INFRASTRUCTURE_CREATE

DeleteExecutionWindow

EXADATA_INFRASTRUCTURE_DELETE

ListExecutionActions

EXADATA_INFRASTRUCTURE_INSPECT

GetExecutionAction

EXADATA_INFRASTRUCTURE_INSPECT

UpdateExecutionAction

EXADATA_INFRASTRUCTURE_UPDATE

MoveExecutionActionMember

EXADATA_INFRASTRUCTURE_UPDATE

CreateExecutionAction

EXADATA_INFRASTRUCTURE_CREATE

DeleteExecutionAction

EXADATA_INFRASTRUCTURE_DELETE