To allow a subnet to be referenced from PSM, for example when provisioning a DBCS, navigate to the OCI console and:
Set the compartment context.
Navigate in Governance => Identity => Policy and create the following 4 statements
Allow service PSM to inspect vcns in compartment <compartment> Allow service PSM to use subnets in compartment <compartment> Allow service PSM to use vnics in compartment <compartment> Allow service PSM to manage security-lists in compartment <compartment>
Reference:
https://docs.cloud.oracle.com/iaas/Content/General/Reference/PaaSprereqs.htm#prereqs