Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Can't retrieve authentication-policies via API unless granting READ on all-resources

in OCI - General

Summary:

Can't retrieve authentication-policies via API unless granting READ on all-resources.

Content (please ensure you mask any confidential information):

When granting this permission to a group:
"ALLOW GROUP x to READ authentication-policies in tenancy"

I cannot retrieve authentication-policies via API:

identity.us-ashburn-1.oci.oraclecloud.com/20160918/authenticationPolicies/ocid1.tenancy.oc1..something
{'code': 'NotAuthorizedOrNotFound', 'message': 'GET request failed'}

If i "bump" the permisison to READ on all resources:
"ALLOW GROUP x to READ all-resources in tenancy"

Then it works!


identity.us-ashburn-1.oci.oraclecloud.com/20160918/authenticationPolicies/ocid1.tenancy.oc1..something
{'compartmentId': 'ocid1.tenancy.oc1..something', 'passwordPolicy': {'minimumPasswordLength': x, 'isUppercaseCharactersRequired': x, 'isLowercaseCharactersRequired': x, 'isNumericCharactersRequired': x, 'isSpecialCharactersRequired': x, 'isUsernameContainmentAllowed': x, 'isPasswordResetEnabled': x}, etc.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!