About Oracle Java Cloud Service Roles and User Accounts

Oracle Java Cloud Service uses roles to control access to tasks and resources. A role assigned to a user gives certain privileges to the user.

In addition to the roles and privileges described in Oracle Cloud User Roles and Privileges in Getting Started with Oracle Cloud, the Java Administrator role is also created for Oracle Java Cloud Service.

When the Oracle Java Cloud Service account is first set up, the service administrator is given the Java Administrator role and other service roles that are required to work with related Oracle Cloud services. Before anyone can access and use Oracle Java Cloud Service, user accounts with the Java Administrator role (and other service roles as needed) must be created.

Only the identity domain administrator is allowed to create user accounts and assign roles.

The following table summarizes the privileges given to the Java Administrator role. This role is stored in Oracle Cloud.

Description of Privilege More Information

Can create and delete service instances

Managing the Life Cycle of Oracle Java Cloud Service Instances

Can stop and start service instances, and virtual machines

Stopping and Starting an Oracle Java Cloud Service Instance and Individual VMs

Can suspend and enable service instances by disabling and enabling the load balancer

Suspending an Oracle Java Cloud Service Instance

Can scale, patch, and back up or restore service instances

Scaling an Oracle Java Cloud Service Instance

Patching an Oracle Java Cloud Service Instance

Backing Up and Restoring an Oracle Java Cloud Service Instance

Can administer load balancers for service instances

Administering the Load Balancer for an Oracle Java Cloud Service Instance

Can monitor and manage service usage in Oracle Cloud

Overview of Managing Oracle Cloud Accounts and Services in Managing and Monitoring Oracle Cloud

When Oracle Coherence is enabled for a service instance: In addition, the Java Administrator role can:
  • Remove a Coherence data tier from a service instance (REST API only)

  • Add a Coherence data tier to an existing service instance (REST API only)

Creating an Oracle Java Cloud Service—Coherence Instance

Scaling the Coherence Data Tier of an Oracle Java Cloud Service Instance

Patching an Oracle Java Cloud Service—Coherence Instance

Deleting the Coherence Data Tier of an Oracle Java Cloud Service Instance

Adding a Coherence Data Tier to an Oracle Java Cloud Service Instance

When you create an Oracle Java Cloud Service instance, the following operating system and Oracle WebLogic Server administrative user accounts are created:

User Description More Information

VM OS User

The opc user has root privileges on the OS running on a VM:

  • Can connect to a VM through SSH for direct VM-level access to an Oracle Java Cloud Service instance

  • Can create other OS accounts on a VM using the appropriate OS tool through the SSH interface

The oracle user cannot be used to log into a machine:

  • Only has regular user permissions to start and stop Oracle products that have been installed on the machine

Note that there are no default passwords for either the opc or oracle user.

SSH access to the VM by the opc user is based on the public key provided at the time the Oracle Java Cloud Service instance was provisioned.

You provide the private key when you log in to the VM as opc. Once logged in, as a root user you can switch to the oracle user with:

sudo su - oracle

Accessing a VM Through a Secure Shell (SSH)

WebLogic Administrator

Can manage Oracle WebLogic Server in Oracle Java Cloud Service

Can access and use the WebLogic Server Administration Console

Can manage users and groups in the embedded LDAP

Can configure other identity providers

Can deploy and undeploy applications using the WebLogic Server Administration Console

Accessing the Administrative Consoles Used by Oracle Java Cloud Service

Using the WebLogic Server Administration Console to Deploy and Undeploy an Application

Oracle WebLogic Server 12c (12.2.1) Administration Console Online Help

Oracle WebLogic Server 12c (12.1.3) Administration Console Online Help

Oracle WebLogic Server 11g (10.3.6) Administration Console Online Help

Note:

The WebLogic Administrator account and VM OS User accounts are not stored or managed in Oracle Cloud.

You provide the user name and password for the WebLogic Administrator when you create an Oracle Java Cloud Service instance.

The credentials and permissions for the WebLogic Administrator and all end user accounts that the administrator creates are stored and managed in Oracle WebLogic Server.