Fekete Kamosh
Reputation: 361
Any possibility to check if user is granted a policy in OCI?
What API should I use to check if a specific user is granted a policy?
Example: I want to check if a user AB in compartment XY is granted an "instances" resource.
I tried to use IdentityClient.listPolicies(comparment), it lists all the policies in the compartment but not the effective policies for the user.
Upvotes: 0
Views: 759
Answers (1)
Kimberly McKinnis
Reputation: 11
There isn't a way to do this yet. If you base your policies on group membership, it's easiest to look up what groups user AB is in. https://docs.cloud.oracle.com/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/iam/group/list-users.html
Upvotes: 1
Related Questions
- Is there a way in OPA to only evaluate policies relevant to certain request?
- OPA authorization policies with scopes and roles
- Using opa for abac to check user claims agains defined policies
- Can we derive service limits for Oracle OCI using CLI or API
- AWS cli/boto3- Is it possible to know if a role or policy has permissions over a resource?
- IBM Cloud: Required IAM access policy to see user-specific authorizations (policies)?
- IBM Cloud access policies: How to check for specific policy using CLI?
- XACML - How to get the list of policies used in the decision?
- How to grant user permission in Policy?
- Oracle : How do i check if user already granted for connect,resource,a particular role or a security package?