DivvyCloud

Welcome to the DivvyCloud Docs!

DivvyCloud is a Cloud Security Posture Management (CSPM) platform that provides real-time analysis and automated remediation across leading cloud and container technologies.

For questions about documentation reach out to us [email protected]

Take Me to the Docs!    Release Notes

Configuring Oracle Cloud Infrastructure (OCI)

Overview

Beginning with 21.1, DivvyCloud's platform includes support for Oracle Cloud Infrastructure (OCI). While initial support for this new Cloud Service Provider will be limited, we expect to rapidly expand the supported features and services for OCI over the course of 2021.

As with all of our features, if you have questions or concerns, reach out to us through [email protected].

Getting Started with OCI

In OCI a tenant is the top level construct. It is analogous to a project in GCP or a subscription within Azure. There are several steps that must be taken within the Oracle console to enable DivvyCloud to get access to a tenant, and this page will outlines those steps.

Additional Resources on OCI are available as follows:

Permissions

You must have administrative level privileges to execute these steps.

Connecting a Tenant

Steps to Complete in the Oracle Console

1. Login to the Oracle console.

  • Note that you will have to enter in the tenant name that you want to allow DivvyCloud to access.

2. Click on the menu icon at the top left and scroll down to "Identity > Users".

Oracle Console: Identity --> Users

3. Create a new Group (e.g., DivvyCloud).

  • Groups are required as IAM permissions are linked to groups and not individual accounts.

4. Create a new User account (e.g., DivvyCloud) by completing the form and clicking "Create".

Oracle Console - Create User Form

5. Click on "Add API Key" to generate an API key that will be used.

  • You will need to download the PEM file and copy the information in the pop up. (This information will look similar to the example shown below).

Oracle Console - Sample API Key

6. Associate the user account you have created with the group (e.g., DivvyCloud) that you created above in Step #3.

7. Create a new policy (e.g., DivvyCloudAccess).

8. In the Policy Builder section, select "Customized (Advanced)" and insert the policy document provided below.

  • Note: You may need to change the group DivvyCloud to reference whatever group name you selected in Step #3.
Allow group DivvyCloud to read alarms in tenancy
Allow group DivvyCloud to read audit-events in tenancy
Allow group DivvyCloud to read authentication-policies in tenancy
Allow group DivvyCloud to read autonomous-data-warehouse-family in tenancy
Allow group DivvyCloud to read autonomous-database-family in tenancy
Allow group DivvyCloud to read buckets in tenancy
Allow group DivvyCloud to read cloudevents-rules in tenancy
Allow group DivvyCloud to read cloud-guard-config in tenancy
Allow group DivvyCloud to read cloud-guard-problems in tenancy
Allow group DivvyCloud to read cluster-family in tenancy
Allow group DivvyCloud to read compartments in tenancy
Allow group DivvyCloud to read database-family in tenancy
Allow group DivvyCloud to read dedicated-vm-hosts in tenancy
Allow group DivvyCloud to read file-systems in tenancy
Allow group DivvyCloud to read groups in tenancy
Allow group DivvyCloud to read instance-images in tenancy
Allow group DivvyCloud to read instances in tenancy
Allow group DivvyCloud to read keys in tenancy
Allow group DivvyCloud to read metrics in tenancy
Allow group DivvyCloud to read mysql-family in tenancy
Allow group DivvyCloud to read nosql-tables in tenancy
Allow group DivvyCloud to read ons-family in tenancy
Allow group DivvyCloud to read policies in tenancy
Allow group DivvyCloud to read secrets in tenancy
Allow group DivvyCloud to read tag-defaults in tenancy
Allow group DivvyCloud to read tenancies in tenancy
Allow group DivvyCloud to read users in tenancy
Allow group DivvyCloud to read vaults in tenancy
Allow group DivvyCloud to use virtual-network-family in tenancy
Allow group DivvyCloud to read volume-attachments in tenancy
Allow group DivvyCloud to read volume-family in tenancy

Steps to Complete in DivvyCloud

1. From your DivvyCloud platform, navigate to "Cloud --> Clouds" and select "Add a Cloud".

2. Select Oracle from the drop-down menu and complete the form.

3. You will need to provide the credentials obtained/created in Step #5 of the process in the Oracle console.

  • For the "Key Content" you will want to supply the certificate information in the PEM file that you downloaded.

4. Click "Add Cloud" to complete this process when you've filled out the form.

DivvyCloud - Add a Cloud

Updated about a month ago


Configuring Oracle Cloud Infrastructure (OCI)


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.