From 4d1308988cab32af53cfc6a6ee7b7e6fbfefcb09 Mon Sep 17 00:00:00 2001
From: Alberto <93380371+alcampag@users.noreply.github.com>
Date: Tue, 4 Mar 2025 15:32:29 +0100
Subject: [PATCH] Update oke policies.md

---
 .../oke/oke-policies/policies.md                      | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/app-dev/devops-and-containers/oke/oke-policies/policies.md b/app-dev/devops-and-containers/oke/oke-policies/policies.md
index 36f47e257..1dc2840a2 100644
--- a/app-dev/devops-and-containers/oke/oke-policies/policies.md
+++ b/app-dev/devops-and-containers/oke/oke-policies/policies.md
@@ -134,4 +134,13 @@ ALLOW any-user to manage public-ips in TENANCY where ALL {request.principal.type
 
 ```
 Allow any-user to use network-security-groups in compartment <network-compartment-ocid> where all { request.principal.id = '<cluster-ocid>' }
-```
\ No newline at end of file
+```
+
+### USE A STATICALLY PROVISIONED SNAPSHOT WHEN IT IS IN A DIFFERENT COMPARTMENT
+
+[https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengcreatingpersistentvolumeclaim_topic-Provisioning_PVCs_on_BV.htm#contengcreatingpersistentvolumeclaim_topic-Provisioning_PVCs_on_BV-PV_From_Snapshot_CSI__section_volume-snapshot-prerequisites](https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengcreatingpersistentvolumeclaim_topic-Provisioning_PVCs_on_BV.htm#contengcreatingpersistentvolumeclaim_topic-Provisioning_PVCs_on_BV-PV_From_Snapshot_CSI__section_volume-snapshot-prerequisites)
+
+```
+ALLOW any-user to manage volume-backups in compartment <compartment-name> where request.principal.type = 'cluster'
+ALLOW any-user to use volumes in compartment <compartment-name> where request.principal.type = 'cluster'
+```