Detailed tutorial on creating Oracle OCI integration

The tutorial below provides a step-by-step guidance on the setup and configuration of an Oracle OCI integration. It includes three aspects: preparation on the Oracle OCI side; preparation on the ObserveID side, and the First Load of Integration Data from the Target to ObserveID. Once the data is loaded, the Integration is ready for further configuration of rules and use, according to the business processes in the organization.

In this section:

  • Preparation for ObserveID in the Oracle OCI Console
    • Create Local User
    • Grant Privileges to the Local User
    • Generate API Key
  • Configuration of Oracle OCI integration in ObserveID
  • First load of data from Oracle OCI to ObserveID

Preparation for ObserveID in the Oracle OCI Console

To begin the preparation for setting up an integration of Oracle OCI with ObserveID, it is needed to open the login page of the Oracle OCI Console at: https://cloud.oracle.com Then to enter your tenancy name in the Cloud Account Name field, click Next, and then expand the lower Direct Sign-In pane and enter the credentials: the User Name and the Password.

Create Local User

For the ObserveID to connect to Oracle OCI programmatically via API, a local user should be created for ObserveID in Oracle Cloud Infrastructure Console. To create users, the logged-in user should have the following privileges: Administrators group, - and proceed, as follows:

  1. Click the drawer icon of the navigation menu in the left top corner.

  2. Select Identity & Security, and then select Users under the Identity section.

  3. Click Create User.

  4. Fill out the information for the local user:

    1. the user name;
    2. some descriptive text for more details;
    3. the email.

  5. Click Create.

    And the user is created and ready. It is the user who will be calling the API.

Grant Privileges to the Local User

Once the user for ObserveID is created, it needs privileges to be granted, as follows:

  1. Scroll down the profile page of the Local User created for ObserveID.

  2. Click Add User to Group at the Groups section.

  3. Select a group in the opened popup window, and click Add. And the user is assigned with the group membership.

For ObserveID to be able to get resources, users, and entitlements programmatically, it is important to make certain the policy exists for the assigned group and that this policy allows the group to perform all those API calls. As an optimal option, consider assigning the Administrators group to the Local User.

Generate API Key

The credentials for the API calls authentication are generated as follows:

  1. Click API Keys in the profile of the Local User created for ObserveID.

  2. Click Add API Key to generate a new private key.

  3. Check Generate API Key Pair option in the opened popup window. Then click Download Private Key, and a pem-file shows up for downloading. Download the file, and when ready, click Add.

  4. The Configuration File Preview opens. Copy and save for using later the parameters in the preview:

    1. the user’s OCID,

    2. the tenancy’s OCID,

    3. the fingerprint.

Configuration of Oracle OCI integration in ObserveID

  1. Log in to the ObserveID platform. And the Dashboard is the first page that is opened.

  2. Expand the Identity Automation section in the menu on the left.

  3. Click Integrations.

  4. Click New integration in the header of the page, to create a new integration.

    New integration

  5. Click OCI.

    OCI integration type

  6. Enter a name for the new Oracle Cloud Infrastructure integration.

    Name for the new Oracle Cloud Infrastructure integration

  7. Copy the tenancy’s OCID from the configuration file generated for the API Key and paste it in the Tenant Id field of the new integration.

    Tenant Id field of the new integration

  8. Copy the user’s OCID from the configuration file generated for the API Key, and paste it in the User Id field of the new integration.

    User Id field of the new integration

  9. Copy the fingerprint from the configuration file generated for the API Key, and paste it in the Fingerprint field of the new integration.

    Fingerprint field of the new integration

  10. Copy the key from the downloaded pem-file.

  11. Paste the copied key in the Private Key area of the new integration.

    Paste the copied key

  12. Click Test Connection. And wait for it to finish. If anything, use the Access Log for troubleshooting.

  13. Click Save. And wait for it to finish, and a list of other configuration sections shows up for the saved integration.

First load of data from Oracle OCI to ObserveID

After the details for the new integration are saved, next is to make the first load of the Integration Data, as follows:

  1. Click Workflows in the menu on the left.

  2. Click Tasks on the horizontal toolbar.

  3. Click the Trigger icon on the left beside the new task, which is the DataImport task for Oracle OCI, where Oracle OCI is the name entered for the new integration.

  4. Click the Refresh button a couple of times until the task will change its status from Triggered to Idle.

    Data Import for Oracle OCI

The successful execution of the DataImportTask for Oracle OCI should bring the data from the Oracle OCI target to ObserverID. Verify that the data shows up by returning to the integration details in the Integrations area and making sure that such options in the third-level vertical menu will appear as Accounts, Resources, Entitlements, Properties, etc.

Oracle OCI Integration Data is imported