整合 Oracle Analytics 與 Oracle Cloud Infrastructure (OCI) Data Science,無須資料科學專長,即可執行機器學習和人工智慧。例如,使用醫療保健資料時,您可以使用預測模型找出風險因子,並預測患者出院後再次住院的風險。
您必須滿足以下先決條件,才能將 OCI Data Science 與 Oracle Analytics 整合。
若要整合 Oracle Analytics 與 OCI Data Science,請確保您有必要的安全原則。
您在 Oracle Analytics Cloud 與 OCI 租用戶之間的連線指定的 OCI 使用者,對於包含您要使用之 OCI 資源的區間,必須具備讀取、寫入和刪除許可權。確定 OCI 使用者屬於具備以下最低 OCI 安全原則的使用者群組。當您從 Oracle Analytics 連線 OCI 租用戶時,可以使用 OCI API 金鑰或資源主體。
注意:對於資源主體,若要包含區間下的所有 Analytics 執行處理,請指定 {request.principal.type='analyticsinstance', request.principal.compartment.id='<compartmentA_ocid>'}
,而不是 {request.principal.id='<analytics_instance_ocid>'}
。
表格 32-3 OCI Data Science 整合所需的安全原則
API 金鑰原則 | 資源主體原則 |
---|---|
Allow group <group_name> to read data-science-projects in compartment <compartment_name> |
Allow any-user to read data-science-projects in compartment <compartment_name> where all {request.principal.id='<analytics_instance_ocid>'} |
Allow group <group_name> to read data-science-models in compartment <compartment_name> |
Allow any-user to read data-science-models in compartment <compartment_name> where all {request.principal.id='<analytics_instance_ocid>'} |
Allow group <group_name> to manage data-science-jobs in compartment <compartment_name> |
Allow any-user to manage data-science-jobs in compartment <compartment_name> where all {request.principal.id='<analytics_instance_ocid>'} |
Allow group <group_name> to inspect instance-family in compartment <compartment_name> |
Allow any-user to inspect instance-family in compartment <compartment_name> where all {request.principal.id='<analytics_instance_ocid>'} |
Allow group <group_name> to manage data-science-job-runs in compartment <compartment_name> |
Allow any-user to manage data-science-job-runs in compartment <compartment_name> where all {request.principal.id='<analytics_instance_ocid>'} |
Allow group <group_name> to inspect virtual-network-family in compartment <compartment_name> |
Allow any-user to inspect virtual-network-family in compartment <compartment_name> where all {request.principal.id='<analytics_instance_ocid>'} |
Allow service datascience to use virtual-network-family in compartment <compartment_name> |
Allow service datascience to use virtual-network-family in compartment <compartment_name> |
Allow group <group_name> to manage log-groups in compartment <compartment_name> |
Allow any-user to manage log-groups in compartment <compartment_name> where all {request.principal.id='<analytics_instance_ocid>'} |
Allow group <group_name> to read buckets in compartment <compartment_name> |
Allow any-user to read buckets in compartment <compartment_name> where all {request.principal.id='<analytics_instance_ocid>'} |
Allow group <group_name> to manage objects in compartment <compartment_name> where target.bucket.name='<staging_bucket_name>' |
Allow any-user to manage objects in compartment <compartment_name> where all {request.principal.id='<analytics_instance_ocid>', target.bucket.name='<staging_bucket_name>'} |
Allow group <group_name> to read objectstorage-namespaces in compartment <compartment_name> |
Allow any-user to read objectstorage-namespaces in compartment <compartment_name> where all {request.principal.id='<analytics_instance_ocid>'} |
表格 32-4 OCI Data Science - 動態群組原則
原則 | 描述 |
---|---|
Allow dynamic-group <dynamic_group> to read data-science-models in compartment <compartment_name> |
為資料科學工作執行提供資料科學模型存取權。 |
Allow dynamic-group <dynamic_group> to manage objects in compartment <compartment_name> where target.bucket.name='<staging_bucket_name>' |
為資料科學工作執行提供物件儲存存取權。 |
Allow dynamic-group <dynamic_group> to use log-content in compartment <compartment_name> |
為資料科學工作執行提供日誌存取權。 |
注意:指定 <dynamic_group>
時,請使用以下格式的相符規則:
all { resource.type='datasciencejobrun', resource.compartment.id='<compartment_id>' }
其中 <compartment_id
> 是包含資料科學模型的區間 OCID。
您必須先在 Oracle Analytics 中註冊 Oracle Cloud Infrastructure (OCI) Data Science 模型,才能使用它來分析資料。