MySQL HeatWave User Guide
To enable the DB system to access OCI services, perform the following steps in OCI:
Create a new dynamic group or update a dynamic group's matching rules, and the following matching rule to include all MySQL HeatWave DB systems in the defined compartment:
ALL{resource.type = 'mysqldbsystem', resource.compartment.id = 'ocid1.compartment.oc1..AlphanumericString'}
Add policies for the dynamic group that grant the dynamic group access to the target service's APIs:
allow dynamic-groupIdentityDomainName/GroupNameto use generative-ai-chat in compartmentCompartmentNameallow dynamic-groupIdentityDomainName/GroupNameto use generative-ai-text-embedding in compartmentCompartmentNameallow dynamic-groupIdentityDomainName/GroupNameto inspect generative-ai-model in compartmentCompartmentName
Replace the following:
IdentityDomainName: the
identity domain name.
If the dynamic group belongs to the default identity domain, you can omit specifying the identity domain name.
GroupName: the dynamic group
name
CompartmentID: the compartment
ID of the DB system
For more information, see Resource Principals.
In addition, for resource principal authentication, MySQL HeatWave
automatically sets the
rapid_ml_genai system variable.
The default value of the variable is the compartment ID of the DB
system you are using.
To use a different compartment for accessing the OCI Generative AI
service, you can set the
rapid_ml_genai_session system
variable to specify the ID of the compartment you want to use, as
shown below:
SET rapid_ml_genai_session = '{"compartment_id": "ocid1.compartment.oc1..AlphanumericString"}';
The compartment ID specified in the
rapid_ml_genai_session system
variable must match the compartment ID you used to create the
dynamic group and add the OCI Generative AI service authentication
policy.
Learn how to perform the following tasks: