Administering Users, Roles & Credentials Store — Oracle Management Cloud
Authors: Monowar Mukul (OCM), Nassyam Basha (Oracle ACE Director, OCM)
Introduction
In this article, we will learn on how to create users and assigning required privileges based on the role type, and we will learn how to add credential store to the OMC repository, credential store supports not only Oracle systems but also non-Oracle systems and including other cloud providers such as AWS, Azure and various other credential types.
OMC Users types and Roles
Oracle Management Cloud users we can define in two categories, we can consider as Super User with full access of OMC and Normal User with limited privileges/roles.
- Oracle Management Cloud Administrator
- Managing Cloud Agents
- Deleting Entities
- Manage Cloud Agents
- Configuring enhancements for cloud agents
- Disabling notification on alerts
- & various other major roles
2. Oracle Management Cloud Normal User
- Viewing & Monitoring Infrastructure
- Exploring targets, groups or systems
- Customizing dashboards
- & etc
Administering Users, Roles in Oracle Management Cloud
Now, we will create a user and grant the roles to the user for the specific service Oracle Management Cloud. After login to Oracle cloud my services Dashboard page, click on Users as shown below in the image.
In this screen, we can see already created or available users for this specific cloud account, click on “Add” to create new user exclusively for Oracle Management Cloud service.
Connect to the cloud user management page as a Cloud Account Administrator to add users and assign Oracle Management Cloud roles for the Oracle Management Cloud service. Enter all the details below and click “Next”.
In the next page, we can see all the services and instances of Oracle Cloud. Our goal is to assign roles for Oracle management Cloud service, hence select management cloud option in the “Filter By Service” search box and in Show search box select “Both Services and Instances.” Related to Oracle Management Cloud — we can see two options.
- Service Entitlement –Administrator role to create Management cloud services and instances.
- Service Instance
- OMC Administrator
- OMC Normal User
Depending on the user limits, OMC administrator can assign required roles for the service instance.
Proceed to click the “Finish” button upon completion. In the future, if any changes to be performed at roles then anytime we can access the user and assign the required roles.
Administering the Credential Store
A credential store is a repository of the sensitive data such as username, passwords, access keys, secret keys or any sensitive data of Enterprise IT. Oracle Management Cloud allows us to create or store the credentials for not only the Oracle products but also non-Oracle vendor credential types such as AWS, Azure, etc. In this section, we will create various types of credential store with easy steps. Access to Oracle Management Cloud console URL, navigate to the Administration → Credential store.
Next page, you can select either “+ New Credential” or “+” button to create a credential
We are going to create three types of credentials initially for “OraclePublicCloud,” “OssCred” and “AWS.” To add the new credential to OMC, all the fields are mandatory.
Select the credential type as “Oracle Public Cloud” from the drop-down list and enter other mandatory details. Most of the fields were well known except Tenant ID.
Tenant ID can be fetched from My Services à Identity Cloud à Additional Information à Overview Tab (or) “URL of My Services → Open Admin Console → Service Instances.”
In below example, we will create another credential store for OS. Depends on the credential type the fields may change, if we see in this example instead of tenant id we can see a rest endpoint.
Now we will create another credential store for AWS Cloud, AWS deal with access and secret key with other mandatory regular fields.
After submitting all the three credentials, we can see they were created as per the below status.
If there are any changes in the credentials, anytime we can edit the credential store as below with EDIT option.
After performing changes to the specific credential store, we can accept the changes by clicking the “Update” button as below.
Summary
We’ve learned what is the difference between Oracle Management Cloud Administrator and Normal user and then how to create the users and assigning roles for the Oracle Management Cloud service. In the next section, we’ve seen flexible Oracle Management Cloud which allows creating the various types of credential stores including the other vendor credentials with step by step instructions.
Authors Bio
Nassyam Basha is a Database Administrator. He has around ten years of experience as a Production Oracle DBA, currently working as Database Expert with eProseed KSA. He holds a master’s degree in Computer Applications from the University of Madras. He is an Oracle 11g Certified master an Oracle ACE Director. He actively participates in Oracle-related forums such as OTN with a status of Super Hero, Oracle support awarded as “Guru” and acting as OTN Moderator and written numerous articles with OTN and on Toad World. He maintains an Oracle technology-related blog, www.oracle-ckpt.com and can be reached at https://www.linkedin.com/in/nassyambasha/
Monowar Mukul is currently working as a Principal Oracle Database Specialist. I am an Oracle certified Master (Oracle 12c Certified Master Administration, Oracle 12c Certified Master MAA, and Oracle 11g Certified Master Administration). He has been working as an Oracle DBA consultant over 17 years with Oracle MAA space for both Exadata and non-Exadata Systems, Oracle Cloud Space and SOA Middleware. He worked across various business sectors including tertiary education, energy, government, mining and transport in Australia. He demonstrated highly developed critical thinking and analytical skills working as a Principal Oracle Database Specialist. You can find more details about him and his work achievements at https://www.linkedin.com/in/monowarmukul/
