Overview
Beginning with 21.1, DivvyCloud's platform includes support for Oracle Cloud Infrastructure (OCI). While initial support for this new Cloud Service Provider will be limited, we expect to rapidly expand the supported features and services for OCI over the course of 2021.
- For a current/working list of support resources, check out the OCI Supported Services page.
- For details on supported resources across the complete DivvyCloud platform, check out our Resources content, as well as subpages on Resource Terminology and Resource Type Categories.
- In addition, our support for OCI includes a newly created Insight pack; you can read more about that on the Oracle Cloud Infrastructure (OCI) Compliance Pack page.
As with all of our features, if you have questions or concerns, reach out to us through [email protected].
Getting Started with OCI
In OCI a tenant is the top level construct. It is analogous to a project in GCP or a subscription within Azure. There are several steps that must be taken within the Oracle console to enable DivvyCloud to get access to a tenant, and this page will outlines those steps.
Additional Resources on OCI are available as follows:
Permissions
You must have administrative level privileges to execute these steps.
Connecting a Tenant
Steps to Complete in the Oracle Console
1. Login to the Oracle console.
- Note that you will have to enter in the tenant name that you want to allow DivvyCloud to access.
2. Click on the menu icon at the top left and scroll down to "Identity > Users".
Oracle Console: Identity --> Users
3. Create a new Group (e.g., DivvyCloud).
- Groups are required as IAM permissions are linked to groups and not individual accounts.
4. Create a new User account (e.g., DivvyCloud) by completing the form and clicking "Create".
Oracle Console - Create User Form
5. Click on "Add API Key" to generate an API key that will be used.
- You will need to download the PEM file and copy the information in the pop up. (This information will look similar to the example shown below).
Oracle Console - Sample API Key
6. Associate the user account you have created with the group (e.g., DivvyCloud) that you created above in Step #3.
7. Create a new policy (e.g., DivvyCloudAccess).
8. In the Policy Builder section, select "Customized (Advanced)" and insert the policy document provided below.
- Note: You may need to change the
group DivvyCloudto reference whatever group name you selected in Step #3.
Allow group DivvyCloud to read alarms in tenancy
Allow group DivvyCloud to read audit-events in tenancy
Allow group DivvyCloud to read authentication-policies in tenancy
Allow group DivvyCloud to read autonomous-data-warehouse-family in tenancy
Allow group DivvyCloud to read autonomous-database-family in tenancy
Allow group DivvyCloud to read buckets in tenancy
Allow group DivvyCloud to read cloudevents-rules in tenancy
Allow group DivvyCloud to read cloud-guard-config in tenancy
Allow group DivvyCloud to read cloud-guard-problems in tenancy
Allow group DivvyCloud to read cluster-family in tenancy
Allow group DivvyCloud to read compartments in tenancy
Allow group DivvyCloud to read database-family in tenancy
Allow group DivvyCloud to read dedicated-vm-hosts in tenancy
Allow group DivvyCloud to read file-systems in tenancy
Allow group DivvyCloud to read groups in tenancy
Allow group DivvyCloud to read instance-images in tenancy
Allow group DivvyCloud to read instances in tenancy
Allow group DivvyCloud to read keys in tenancy
Allow group DivvyCloud to read metrics in tenancy
Allow group DivvyCloud to read mysql-family in tenancy
Allow group DivvyCloud to read nosql-tables in tenancy
Allow group DivvyCloud to read ons-family in tenancy
Allow group DivvyCloud to read policies in tenancy
Allow group DivvyCloud to read secrets in tenancy
Allow group DivvyCloud to read tag-defaults in tenancy
Allow group DivvyCloud to read tenancies in tenancy
Allow group DivvyCloud to read users in tenancy
Allow group DivvyCloud to read vaults in tenancy
Allow group DivvyCloud to use virtual-network-family in tenancy
Allow group DivvyCloud to read volume-attachments in tenancy
Allow group DivvyCloud to read volume-family in tenancy
Steps to Complete in DivvyCloud
1. From your DivvyCloud platform, navigate to "Cloud --> Clouds" and select "Add a Cloud".
2. Select Oracle from the drop-down menu and complete the form.
3. You will need to provide the credentials obtained/created in Step #5 of the process in the Oracle console.
- For the "Key Content" you will want to supply the certificate information in the PEM file that you downloaded.
4. Click "Add Cloud" to complete this process when you've filled out the form.
- Refer to Cloud Account Setup for detailed instructions on this process, or the Post-Install Setup Options for what to do next.
DivvyCloud - Add a Cloud
Updated about a month ago
Other Helpful Pages
| OCI Supported Services |
| Oracle Cloud Infrastructure (OCI) Compliance Pack |