Merge pull request #1614 from oracle-devrel/alcampag-patch-1

Update oke policies.md
oracle-devrel · Mar 4, 2025 · b206ee0 · b206ee0
2 parents 219a88a + 4d13089
commit b206ee0
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/app-dev/devops-and-containers/oke/oke-policies/policies.md b/app-dev/devops-and-containers/oke/oke-policies/policies.md
@@ -134,4 +134,13 @@ ALLOW any-user to manage public-ips in TENANCY where ALL {request.principal.type
 
 ```
 Allow any-user to use network-security-groups in compartment <network-compartment-ocid> where all { request.principal.id = '<cluster-ocid>' }
-```
+```
+
+### USE A STATICALLY PROVISIONED SNAPSHOT WHEN IT IS IN A DIFFERENT COMPARTMENT
+
+[https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengcreatingpersistentvolumeclaim_topic-Provisioning_PVCs_on_BV.htm#contengcreatingpersistentvolumeclaim_topic-Provisioning_PVCs_on_BV-PV_From_Snapshot_CSI__section_volume-snapshot-prerequisites](https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengcreatingpersistentvolumeclaim_topic-Provisioning_PVCs_on_BV.htm#contengcreatingpersistentvolumeclaim_topic-Provisioning_PVCs_on_BV-PV_From_Snapshot_CSI__section_volume-snapshot-prerequisites)
+
+```
+ALLOW any-user to manage volume-backups in compartment <compartment-name> where request.principal.type = 'cluster'
+ALLOW any-user to use volumes in compartment <compartment-name> where request.principal.type = 'cluster'
+```