Oracle Integration Cloud Gen3: how to regulate access to a project?
- By managing access to projects by users or groups of users via the role-based access control (RBAC) system, it is possible to isolate a project and make it accessible only to a specific group of users. In this way, multiple users working on different projects can work on the same Oracle Integration Cloud instance.
- This role system gives groups of users access and the right to view, edit and monitor only the resources of a project assigned to them.
- Service roles (ServiceDeveloper, ServiceMonitor, ServiceInvoker etc.) assigned to each instance user have priority over permissions delegated within a project. So, if a user only has the right to monitor the instance, he or she cannot be given the ability to edit project resources.
- In terms of limitations, a maximum of 5 users or user groups can be defined for each project role (viewing, editing and monitoring).
Example of compartmentalizing an OIC Gen3 instance into projects
Note:
- The rights defined on a project are not migrated at the same time as the project to another environment (test or production).
- The user who imported the project to another environment is by default the owner of this project. It’s up to him to assign rights to project participants once again.
This permissions system enables parent integrations of a project to call child integrations:
- for the same project;
- another project, but with access defined as public
- globally accessible, i.e. not part of a project.
It is also possible to convert a package into a project.
Reference: