Oracle Cloud Infrastructure (OCI) was designed with a security-first approach. Other than the built-in Administrator account, all access is denied by default. To enable access to OCI resources, cloud administrators must create access policies that define the set of principles (who), target resources (what), scope of access (when, where), and any other conditions required for access.