What is Oracle Cloud Infrastructure (OCI)? #
Oracle Cloud Infrastructure (OCI) is a set of complementary cloud services that enable you to build and run a range of applications and services in a highly available hosted environment. OCI provides high-performance compute capabilities (as physical hardware instances) and storage capacity in a flexible overlay virtual network that is securely accessible from your on-premises network.
Why Should You Use the Oracle Cloud Infrastructure Connector? #
The Oracle Cloud Infrastructure connector provides visibility into the assets and users in your environment. You can use this visibility to:
-
ensure assets are managed per your security policies
-
ensure users are managed per your security policies
-
derive relationships between assets, users, applications, and data
How Does This Connector Work? #
Lucidum executes read-only requests to the Oracle Cloud Infrastructure REST API and ingests only meta-data about Oracle Cloud Infrastructure devices. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum #
|
Field |
Description |
Example |
|---|---|---|
|
Region ID |
Region ID for your OCI instance. A region is a localized geographic area. To see the list of regions: https://docs.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm |
us-ashburn-1 |
|
User OCID |
The OCID for the user account that the Lucidum connector uses. For details on viewing the User OCID, see https://docs.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm#five |
ocid1.user.oc1.iad.abuw4ljrlsfiqw6vzzxb43vyypt4pkodawglp3wqxjqofakrwvou52gb6s5a |
|
Oracle Key File |
The file that contains the RSA key pair. The file format is .pem For details,see: https://docs.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm#two |
type \.oci\oci_api_key_public.pem |
|
API Key Fingerprint |
The fingerprint associated with the API key. An API key fingerprint is a short form of an app’s digital certificate, known as its SHA-1 fingerprint. For details, see https://docs.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm#four |
12:34:56:78:90:ab:cd:ef:12:34:56:78:90:ab:cd:ef |
|
HTTP Proxy Host |
If you are using a proxy server to allow this connector to communicate with on-premises devices, enter the IP address for the proxy server, usually 192.168.255.6:3128. |
192.168.255.6 |
|
HTTP Proxy Port |
If you are using a proxy server to allow this connector to communicate with on-premises devices, enter the port for the proxy server, usually 3128. |
3128 |
|
Tenancy OCID |
The OCID for Tenancy. When you subscribe to Oracle Cloud services, Oracle creates a tenancy for you. You can think of the tenancy as your account, but it is also a secure and isolated partition within Oracle Cloud Infrastructure where you can create, organize, and administer your cloud resources. To find your tenancy OCID: https://docs.oracle.com/en-us/iaas/Content/API/Concepts/usingapi.htm#eight |
ocid1.tenancy.oc1.iad.aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq |
Source Documentation #
Creating a User #
You must create a user account in OCI. Lucidum will use the user account to access the Oracle Cloud Infrastructure API.
-
Log in to the OCI interface as an administrator.
-
Follow the steps in https://docs.cloud.oracle.com/iaas/Content/GSG/Tasks/addingusers.htm .
Required Permissions #
Assign the user account all the “inspect” permissions for APIs.
For details, see https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/corepolicyreference.htm#Permissi
For more details, view this list of policies that include groups and permissions: https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/commonpolicies.htm
