Design IAM policies in OCI

Goal is to design groups and policies to provide least privilege access to users.

Plan is to migrate Administrator group users into 3 groups.

IAM Administrator, DBA, SYS Admin.

Key designs:

Tag based access control:

Resource tag based access policies:

References:

https://www.ateam-oracle.com/post/oci-iam-policies-best-practices