[ODSC-74843] ORM stack update (#608)

kumar-shivam-ranjan · web-flow · commit 23f16998fd9a · 2025-07-15T15:54:16.000-07:00
* Updating ORM stack

* Addressing review comments
diff --git a/ai-quick-actions/policies/terraform/iam.tf b/ai-quick-actions/policies/terraform/iam.tf
@@ -74,7 +74,6 @@ locals {
 
   all_buckets = concat(var.user_model_buckets, var.user_data_buckets)
   bucket_names = join(", ", formatlist("target.bucket.name='%s'", local.all_buckets))
-  bucket_names_oss = join(", ", formatlist("all{target.bucket.name='%s', any {request.permission='OBJECT_CREATE', request.permission='OBJECT_INSPECT'}}", local.all_buckets))
   dt_jr_policies = local.is_resource_policy_required?[
     "Allow dynamic-group id ${oci_identity_dynamic_group.distributed_training_job_runs[0].id} to use logging-family in ${local.compartment_policy_string}",
     "Allow dynamic-group id ${oci_identity_dynamic_group.distributed_training_job_runs[0].id} to manage data-science-models in ${local.compartment_policy_string}",
@@ -85,7 +84,7 @@ locals {
     "Allow dynamic-group id ${oci_identity_dynamic_group.distributed_training_job_runs[0].id} to read buckets in ${local.compartment_policy_string} where any {${local.bucket_names}}"
   ]: []
   aqua_policies_target_buckets = local.is_resource_policy_required?[
-    "Allow dynamic-group id ${oci_identity_dynamic_group.aqua-dynamic-group[0].id} to manage object-family in ${local.compartment_policy_string} where any {${local.bucket_names_oss}}"
+    "Allow dynamic-group id ${oci_identity_dynamic_group.aqua-dynamic-group[0].id} to manage object-family in ${local.compartment_policy_string} where any {${local.bucket_names}}"
   ]:[]
 
 }
