turbot/oci

steampipe plugin install ocisteampipe plugin install oci
oci_analytics_instanceoci_apigateway_apioci_autoscaling_auto_scaling_configurationoci_budget_alert_ruleoci_budget_budgetoci_cloud_guard_configurationoci_cloud_guard_detector_recipeoci_cloud_guard_managed_listoci_cloud_guard_responder_recipeoci_cloud_guard_targetoci_core_block_volume_replicaoci_core_boot_volumeoci_core_boot_volume_attachmentoci_core_boot_volume_backupoci_core_boot_volume_metric_read_opsoci_core_boot_volume_metric_read_ops_dailyoci_core_boot_volume_metric_read_ops_hourlyoci_core_boot_volume_metric_write_opsoci_core_boot_volume_metric_write_ops_dailyoci_core_boot_volume_metric_write_ops_hourlyoci_core_boot_volume_replicaoci_core_dhcp_optionsoci_core_drgoci_core_imageoci_core_image_customoci_core_instanceoci_core_instance_metric_cpu_utilizationoci_core_instance_metric_cpu_utilization_dailyoci_core_instance_metric_cpu_utilization_hourlyoci_core_internet_gatewayoci_core_load_balanceroci_core_local_peering_gatewayoci_core_nat_gatewayoci_core_network_load_balanceroci_core_network_security_groupoci_core_public_ipoci_core_public_ip_pooloci_core_route_tableoci_core_security_listoci_core_service_gatewayoci_core_subnetoci_core_vcnoci_core_volumeoci_core_volume_attachmentoci_core_volume_backupoci_core_volume_backup_policyoci_database_autonomous_databaseoci_database_autonomous_database_metric_cpu_utilizationoci_database_autonomous_database_metric_cpu_utilization_dailyoci_database_autonomous_database_metric_storage_utilizationoci_database_autonomous_database_metric_storage_utilization_daioci_database_dboci_database_db_homeoci_database_db_systemoci_database_software_imageoci_dns_rrsetoci_dns_tsig_keyoci_dns_zoneoci_events_ruleoci_file_storage_file_systemoci_file_storage_mount_targetoci_file_storage_snapshotoci_functions_applicationoci_identity_api_keyoci_identity_auth_tokenoci_identity_authentication_policyoci_identity_availability_domainoci_identity_compartmentoci_identity_customer_secret_keyoci_identity_dynamic_groupoci_identity_groupoci_identity_network_sourceoci_identity_policyoci_identity_tag_defaultoci_identity_tag_namespaceoci_identity_tenancyoci_identity_useroci_kms_keyoci_kms_key_versionoci_kms_vaultoci_logging_logoci_logging_log_groupoci_mysql_backupoci_mysql_channeloci_mysql_configurationoci_mysql_configuration_customoci_mysql_db_systemoci_mysql_db_system_metric_connectionsoci_mysql_db_system_metric_connections_dailyoci_mysql_db_system_metric_cpu_utilizationoci_mysql_db_system_metric_cpu_utilization_dailyoci_mysql_db_system_metric_memory_utilizationoci_mysql_db_system_metric_memory_utilization_dailyoci_nosql_tableoci_nosql_table_metric_read_throttle_countoci_nosql_table_metric_read_throttle_count_dailyoci_nosql_table_metric_read_throttle_count_hourlyoci_nosql_table_metric_storage_utilizationoci_nosql_table_metric_storage_utilization_dailyoci_nosql_table_metric_storage_utilization_hourlyoci_nosql_table_metric_write_throttle_countoci_nosql_table_metric_write_throttle_count_dailyoci_nosql_table_metric_write_throttle_count_hourlyoci_objectstorage_bucketoci_ons_notification_topicoci_ons_subscriptionoci_regionoci_resource_search

Table: oci_identity_policy

A policy is a document that specifies who can access which Oracle Cloud Infrastructure resources that your company has, and how. A policy simply allows a group to work in certain ways with specific types of resources in a particular compartment.

Examples

Basic info

select
name,
id,
lifecycle_state,
description
from
oci_identity_policy;

Get a specific policy

select
name,
id,
lifecycle_state,
description
from
oci_identity_policy
where
id = 'ocid1.policy.oc1..aaaaaaaa6nsa2ia2bkr7bx7olpkjuj42yk3rpalwuwvm7fjc7kz7o5wz5pmq';

List inactive policies

select
name,
lifecycle_state
from
oci_identity_policy
where lifecycle_state <> 'ACTIVE';

List of policy statements

select
name,
jsonb_array_elements_text(statements) as statement
from
oci_identity_policy

.inspect oci_identity_policy

OCI Identity Policy

NameTypeDescription
defined_tagsjsonbDefined tags for resource. Defined tags are set up in your tenancy by an administrator. Only users granted permission to work with the defined tags can apply them to resources.
descriptiontextThe description you assign to the policy. Does not have to be unique, and it's changeable.
freeform_tagsjsonbFree-form tags for resource. This tags can be applied by any user with permissions on the resource.
idtextThe OCID of the policy.
inactive_statusbigintThe detailed status of INACTIVE lifecycleState.
lifecycle_statetextThe policy's current state.
nametextThe name you assign to the policy during creation. The name must be unique across all policies in the tenancy and cannot be changed.
statementsjsonbAn array of one or more policy statements written in the policy language.
tagsjsonbA map of tags for the resource.
tenant_idtextThe OCID of the Tenant in which the resource is located.
time_createdtimestamp without time zoneDate and time the policy was created.
titletextTitle of the resource.
version_datetimestamp without time zoneThe version of the policy. If null or set to an empty string, when a request comes in for authorization, the policy will be evaluated according to the current behavior of the services at that moment. If set to a particular date (YYYY-MM-DD), the policy will be evaluated according to the behavior of the services on that date.