Accessing resources from compartments using a policy
A policy is an entity that specifies which groups can access specific resources, and in which ways. You tend to assign access at the compartment level, which indicates that all users in the group, to which the policy is assigned, can access all the resources within that compartment using the level of permission specified in the policy. Policies can also be applied at the tenancy level, and in such cases, the granted access is available to all compartments within the tenancy.
There are three requirements for a policy: an action or a verb, a resource type, and whether the policy is at the tenancy or compartment level. Furthermore, IAM allows granular policies, so they can be applied at either the aggregate level or the individual resource level. Polices can also include one more condition. Conditions such as any or all can be used. You can also use multiple conditions using logical OR and AND operators.
For conditions, you can...
