OCI function fails with NotAuthorizedOrNotFoun for user update
Summary:
I would like to manage user with restricted to remove and create auth and couple of other secret management. This permission works when I have add to group and user does that operation. It does not work when these policies assigned to dynamic group for OCI function. Function works with "manage users" permission but not with restricted as mentioned below.
Are there more permission required for OCI function?
Content (please ensure you mask any confidential information):
Version (include the version you are using, if applicable):
Code Snippet (add any code snippets that support your topic, if applicable):
Allow dynamic-group myfun_dg to manage users in tenancy where any {request.permission = 'USER_UPDATE', request.permission = 'USER_AUTHTOKEN_SET', request.permission = 'USER_AUTHTOKEN_REMOVE', request.permission = 'USER_SECRETKEY_ADD', request.permission = 'USER_SECRETKEY_REMOVE', request.permission = 'USER_UIPASS_SET', request.permission = 'USER_APIKEY_ADD', request.permission = 'USER_APIKEY_REMOVE'}