MySQL HeatWave on AWS  /  User and Group Management  /  Groups and Policies

16.2 Groups and Policies

The predefined groups used to manage MySQL HeatWave Console access, described in Groups and Permissions, are created in the OCI Default identity domain. For information, see https://docs.oracle.com/en-us/iaas/Content/Identity/domains/overview.htm#the_default_domain, in the Oracle Cloud Infrastructure Documentation.

The predefined groups all start with OracleMySQLHeatWave. Policies are defined for each predefined group which enable the MySQL HeatWave on AWS resource permissions outlined in Groups and Permissions.

Attention:

The predefined OracleMySQLHeatWave groups and policies are static. You must not modify them, add to them, or remove them. If you do delete one of these groups, MySQL HeatWave on AWS will stop working. In this case, submit a My Oracle Support ticket to get the group re-added to your account, specifying " MySQL HeatWave on AWS " as the product.

Because the predefined groups are created in OCI, you can define further OCI policies using these groups to provide access to other OCI resources. For example, you can create an OCI policy that allows members of the OracleMySQLHeatwaveDBUsers group to access resources in an OCI tenancy. For information about OCI policies, see How Policies Work.