Policy Examples

Learn about Batch policies from examples.

Allow the admin user group to manage all batch resources in a specific compartment.
```
Allow group admin to manage batch-computing-family in compartment abc
```
Allow the admin user group to use batch job pool in the assigned compartment.
```
Allow group admin to use batch-computing-job-pool in compartment abc
```
Allow the admin user group to use batch jobs in the assigned compartment.
```
Allow group admin to use batch-computing-job in compartment abc
```

Allow the user group to manage batch jobs to the specified compartment and belonging to the specified job pool.

Allow group user to manage batch-computing-job in compartment abc where target.batch-job-pool.id = '<batch-job-pool identifier>'

Allow Batch to pull container images and write logs using Resource Principal.

Use these policies to let Batch access your repositories and logging services.


Allow any-user to read repos in tenancy where ALL { request.principal.type = 'batchcontextinfrastructure' }

Allow any-user to read object-family in tenancy where ALL { request.principal.type = 'batchcontextinfrastructure' }

Allow any-user to manage log-content in compartment <your_compartment> where ALL { request.principal.type = 'batchcontextinfrastructure' }

(Optional) Allow batch jobs to access OCI resources:

Allow any-user to read object-family in tenancy where ALL { request.principal.type = 'batchjob' }

Allow any-user to read autonomous-databases in tenancy where ALL { request.principal.type = 'batchjob' }

Oracle Cloud Infrastructure Documentation

Policy Examples