Sei sulla pagina 1di 6

WelcomePandurang

(//docs.oracle.com/en/)

Home(/)/Cloud(/en/cloud/)/GettingStartedwithOracleCloud(../index.html)

GettingStartedwithOracleCloud
OracleCloudUserRolesandPrivileges
ThissectiondescribestheOracleClouduserrolesandliststheprivilegesassociatedwitheachrole.Ausercan
beassignedmorethanonerole.ArolemayincludeprivilegesthatlettheuserpurchaseanOracleCloud
service,manageoneormoreOracleCloudservices,ormanagetheaccountsoftheuserswhocanaccessa
service.
ThefollowingtabledescribestherolesandresponsibilitiesofanOracleCloudserviceuser.Theserolesaren't
predefined.
UserRole

Privileges

Buyer

Controlsthebuyingprocess.Abuyer:
MakespurchasesinOracleStoreonbehalfofacompanyoranorganization.
DesignateswhowillbetheinitialaccountadministratorfortheOracleCloud
service.WhenasubscriptiontoanOracleCloudserviceispurchased,the
buyeroranotherpersonmustbedesignatedastheaccountadministrator.
Canchange(upsizeorupdate)thepaidsubscriptiontoanOracleCloud
service.
CanterminatethepaidsubscriptiontoanOracleCloudservice.

(#)

UserRole

Privileges

Privileges

Accountadministrator

MonitorsandmanagesoneormoreOracleCloudservices.
AnaccountadministratorsignsintotheMyAccountapplicationinOracleCloud
withtheOracle.com(singlesignon)usernameandpassword.
FromtheMyAccountapplication,anaccountadministratorcan:
ActivateOracleCloudservices.Whenactivatingaservice,theaccount
administratorprovidesinformationabouttheservice.
Monitorthestatusofservicesacrossidentitydomainsanddatacenters.
Reviewdetailsaboutservices.
Createidentitydomainadministratorsandotheraccountadministrators.
Reviewhistoricalutilizationdataaboutservices.
Grantandrevokeaccesstootheraccountadministrators.

OracleCloudPredefinedRoles
WhenOracleCloudservicesareprovisionedinanidentitydomain,OracleCloudautomaticallypopulatestheMy
Servicesapplicationwithseveralrolesandseveraluseraccounts.Theseroles:
CorrespondtothetypeofOracleCloudservicebeingprovisioned.
Includebothadministrativerolesandnonadministrativeroles.
Givecertainprivilegestotheusersbasedontheroleassignedtothem.Userscanbeassignedmorethanone
role.
UserRole

Privileges

Serviceadministrator,serviceinstanceadministrator

ManagesadministrativefunctionsrelatedtoOracle
Cloudserviceswithinanidentitydomain.Aservice
administratorusestheusernameandpassword
definedbyMyServicestosignintotheapplication.
Auserwithanadministratorroleisautomatically
grantedapredefinedrolethatcorrespondstothe
typeofadministratorrolethepersonhasandthe
typeofservicethatisbeingmanagedbythatperson.
Forexample,theserviceadministratorforOracle
JavaCloudServiceisgiventheServicenameJava
Administratorpredefinedroleandtheservice

UserRole

administratorforanOracleDatabaseCloudService
Privileges
isgiventheServicenameDatabaseAdministrator
predefinedrole.
FromMyServices,aserviceadministratorcan:
Configureandmanageoneormoreservice
instancesinasingledatacenterandidentity
domain.
Performmonitoringandmanagementtasks
relatedtoindividualservices.
Monitorcurrentandhistoricalutilizationdata.
Lockandunlockservices.
Reviewnotifications.
Performservicespecificoperationssuchasdata
loadingforOracleDatabaseCloudService.
Manageuserroles.
FromMyServices,aserviceadministratorcanview
useraccountsandroles,assignandrevokeroles,
andchangepasswordandchallengequestions.
Aserviceadministratorcanbegrantedaccessto
multipleidentitydomains,butmustaccessand
manageeachoneseparately.
ForOracleApplicationsCloudservices,typically,
thereisonlyoneserviceperidentitydomain.
Therefore,fortheseservices,theadministrator
performsthefunctionsofboththeservice
administratorandtheidentitydomainadministrator.
ForSoftwareasaService(SaaS)applications,
identitydomainadministratorsalsoperformthe
functionsofserviceadministrators.
IfanidentitydomainhasanexistingOracle
ApplicationsCloudservice,suchasOracleSales
Cloud,andsubsequentlyanyotherPlatformasa
Serviceofferings,suchasOracleJavaCloudService
SaaSExtensionorOracleDatabaseCloudService,
areaddedtothesameidentitydomain,therecanbe
multipleserviceadministratorshandlingthedifferent
services.

UserRole

Identitydomainadministrator

Aserviceadministratororaninstanceadministrator
Privileges
cantcreatenewserviceinstancesbutcanupdateor
deletethem.

Anidentitydomainadministratorisgrantedthe
IdentityDomainAdministratorpredefinedrole
whenanidentitydomainisfirstsetup.Ifanindividual
isboththeidentitydomainadministratorandthe
serviceadministrator,thentheindividualis
automaticallyassignedtheIdentityDomain
AdministratorandtheServicenameServicetype
Administratorpredefinedroles.
Anidentitydomainadministratorcanperformallthe
sameadministrativefunctionsthattheservice
administratorperformsrelatedtotheOracleCloud
serviceswithinanidentitydomain.
Note:Ifanindividualisboththeservice
administratorandtheidentitydomainadministrator,
OracleCloudcreatesonlyoneuseraccountand
thenassignsmultiplerolestothatperson.
Anidentitydomainadministratorperforms
administrativefunctionsrelatedtotheuserswhowill
haveaccesstoyourOracleCloudservices.
Tosignintotheapplication,anidentitydomain
administratorusestheusernameandpassword
definedbyMyServices.
FromMyServices,anidentitydomainadministrator
can:
Createuseraccountsandroleswithinagiven
identitydomain,independentofanyservice.
Assignoneormoreroles(privileges)toauser.
Canassigntheidentitydomainadministratorrole
tootherusers.
Managerolesassignedtoauser.
Createcustomroles.
Resetuserpasswords.
SetupsecureSFTPuseraccountsforOracle
Cloudservices

UserRole

Anidentitydomainadministratorcantcreateor
Privileges
destroyidentitydomains.
ForOracleApplicationsCloudservices,thereisonly
oneserviceperidentitydomain.Therefore,forthese
services,theadministratorperformsthefunctionsof
boththeserviceadministratorandtheidentity
domainadministrator.
Note:Iftheidentitydomainadministratormanages
morethanoneidentitydomain,thenthe
administratormustsignintoeachidentitydomain
separatelytomanageusersandrolesforeach
identitydomain.

Entitlementadministratororbucketentitlement
administrator

Ifyouvesubscribedtoanentitlementtocreate
instancesofanOracleCloudservice,OracleCloud
automaticallycreatesaservicespecificentitlement
administratorrole.Auserassignedtothisrolecan
createordeleteserviceinstances,basedonspecific
businessrequirements.
ThenameoftheroledependsonthetypeofOracle
Cloudservicebeingprovisioned.Theformatis:
servicename_SEservicenameBased
EntitlementAdministrator .

Forexample,ifyouvesubscribedtoOracle
DocumentsCloudService,thenthefullyqualified
nameoftheentitlementadministratorroleforthat
serviceis: Documents_SEDocumentsService
BasedEntitlementAdministrator .
Ifyouvesubscribedtoanentitlementtocreate
instancesofbundlesofOracleCloudService,a
bucketentitlementadministratorroleiscreatedas
follows: ServicebundlenameEntitlement
Administrator .
Forexample,ifyouvesubscribedtoanentitlement
tocreateinstancesofOracleJAVAMBservice
bundle,thenthefullyqualifiednameofthe
entitlementadministratorroleforthatservicebundle
is: JAVAMBEntitlementAdministrator .

UserRole

Privileges

User(servicespecific,nonadministrativerole)

Inadditiontothepredefinedroles,OracleCloud
automaticallycreatesseveraluseraccountssuchas
servicespecificuserordeveloperroles,andassigns
theappropriateroletotheuser.Theuseraccounts
createddependsonthetypeofOracleCloudservice
beingprovisioned.Eachuseraccountincludesthe
user'sname,password,emailaddress,androles
assignedtotheuser.
Allnamesforpredefinedrolesrelatedtoaspecific
serviceareprefixedbythenameoftheservice
instanceandthetypeofservice.
Theformatis: servicenameservicetype
rolename .Forexample,if myservice1 isthe
nameforanOracleDatabaseCloudService,then
thefullyqualifiednamesoftherolesforthatservice
are: myservice1DatabaseDeveloper
myservice1 DatabaseUser.
AuserworkswithoneormoreOracleCloud
services.Auserisassignedserviceandapplication
roles.TheserolesletauseraccesstheOracleCloud
serviceinstanceswithinanidentitydomain.
Asanonadministrativeuser,youusetheMy
Servicesapplicationtomanageyourpasswordand
securitychallengequestionsforyouruseraccount.
YoucanaccessonlytheMyProfilepage.

Page37of52
(https://docs.oracle.com/cloud/latest/trial_paid_subscriptions/CSGSG/GUID
(https://docs.oracle.com/cloud/latest/trial_paid_subscriptions/CSGSG/GUID

839A7B238967486192DE7D541D597E63.htm)
08FB9892549C42538AD1D00659C4C87C.htm)

(#)

AboutOracle(http://www.oracle.com/corporate/index.html)

ContactUs (http://www.oracle.com/us/corporate/contact/index.html)

TermsofUse(http://www.oracle.com/us/legal/terms/index.html)

LegalNotices (http://www.oracle.com/us/legal/index.html)

YourPrivacyRights (http://www.oracle.com/us/legal/privacy/index.html)

Copyright2016,Oracleand/oritsaffiliates.Allrightsreserved.

Potrebbero piacerti anche