You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -4,10 +4,10 @@ These steps are applicable if you intend to run your management cluster using [O
1.[Create a user in OCI](https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/managingusers.htm) e.g. `iaas_oke_usr`
1.[Create a group in OCI](https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/managinggroups.htm) e.g. `iaas_oke_grp` and add the user `iaas_oke_usr` to this group
1. Create a policy in OCI and add the following policies:
1. Create a policy in OCI and add the following policies(Please read [OKE Policy Configuration Doc][oke-policy] for more fine grained policies):
-`Allow group iaas_oke_grp to manage dynamic groups`
-`Allow group iaas_oke_grp to manage virtual-network-family in <compartment>`
-`Allow group iaas_oke_grp to manage clusterfamily in <compartment>`
-`Allow group iaas_oke_grp to manage cluster-family in <compartment>`
-`Allow group iaas_oke_grp to manage instance-family in <compartment>`
where `<compartment>` is the name of the OCI compartment of the management cluster. Refer to the [OCI documentation](https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/managingcompartments.htm) if you have not created a compartment yet.
Expand All
@@ -16,5 +16,7 @@ where `<compartment>` is the name of the OCI compartment of the management clust
You should not create your management cluster in the root compartment.
