Connect to Data Integration

Before you use Data Integration, a user with administrator privileges configures security and networking, and then creates workspaces for different data integration solutions, for example, staging, testing, and production scenarios.

In this tutorial, you:

  1. Create access policies for users who don't have administrative privileges.
  2. Create a workspace for your Data Integration resources.
  3. Get the workspace OCID to create your own policies to restrict access to that workspace.

Before You Begin

To create a Data Integration workspace, you must have the following:

  • An Oracle Cloud Infrastructure account with administrator privileges. Sign up for Oracle Cloud Infrastructure.
  • Access to Oracle Cloud Infrastructure Data Integration.
  • Policies in the required compartment as follows:
    • To use Object Storage service:
      allow group <group_name> to use object-family in compartment <compartment-name>
      allow any-user to read buckets in compartment <compartment-name> where ALL {request.principal.type = 'disworkspace', request.principal.id = '<workspace_ocid>', request.operation = 'GetBucket'}
      allow any-user to manage objects in compartment <compartment-name> where ALL {request.principal.type = 'disworkspace', request.principal.id = '<workspace_ocid>'}
    • To use Autonomous Data Warehouse or Autonomous Transaction Processing as Target:
      allow any-user to manage buckets in compartment <compartment-name> where ALL {request.principal.type = 'disworkspace', request.principal.id = '<workspace_ocid>', request.permission = 'PAR_MANAGE'}
      
  • For reference, see creating a policy and policy examples to enable access to Oracle Object Storage.

1. Creating Access Policies

  1. Open the Oracle Cloud Infrastructure Console navigation menu and click Identity & Security. Under Identity, click Policies.

    Console navigation menu, Identity, Policies

  2. Under List Scope, select the compartment you want to use for Data Integration.

    list-scope

  3. Click Create Policy.
  4. In the Create Policy panel, complete the following fields:
    1. For Name, enter a name without any spaces. You can use alphanumeric characters, hyphens, periods, and underscores only.
    2. For Description, enter a description to help other users know the purpose of this set of policies.
    3. In Policy Builder, use the manual editor to add the following statements, then click Create.
      allow group <group-name> to manage dis-workspaces in compartment <compartment-name>
      allow group <group-name> to manage dis-work-requests in compartment <compartment-name>
      allow group <group-name> to use virtual-network-family in compartment <compartment-name>
      allow group <group-name> to manage tag-namespaces in compartment <compartment-name>

      Policy Builder manual editor

  5. If you are enabling a private network for your workspace, repeat steps 1 through 4c to create the following policy at the compartment level:
    allow service dataintegration to use virtual-network-family in compartment <your_compartment>
  6. In the Console navigation menu, navigate to Networking, then Virtual Cloud Networks.
  7. In the Virtual Cloud Networks list, select <Your VCN>.
  8. On <Your VCN> page, in the Subnets list, select <Your Subnet>.
  9. On <Your Subnet> page, in the Subnet Information section, click the link for Route Table.
  10. Click Add Route Rules.
  11. In the Add Route Rules panel, add a route rule to include your Service Gateway as its Target Type. The route rule ensures connectivity to other services such as Oracle Cloud Infrastructure Object Storage.

    For more information about recommended service gateways, see Network Component Configurations.

    Note

    Ensure that your Service Gateway Destination is set to All IAD Services in Oracle Services Network.

2. Creating a workspace

  1. In the Oracle Cloud Infrastructure Console navigation menu, navigate to Analytics & AI. Under Data Lake, click Data Integration.
  2. Under List Scope, from the Compartment dropdown, select the compartment in which you created policies in the previous section.
  3. Click Create Workspace.
  4. In the Create Workspace panel, complete the fields as follows, and then click Create:
    1. For Name, enter a name without any spaces.

      You can only use alphanumeric characters, hyphens, periods, and underscores in the name.

    2. Under Network Selection, leave Enable private network selected.
    3. Select the VCN and Subnet where your data sources reside.
      Note

      These are the networks where your source and target data sources are located. If your source and target data sources are in a different network or region, you must separately configure appropriate gateways to establish routing between the networks. If you don't see your subnets, it could be because they weren't created as regional subnets.
The workspace takes a few minutes to create and become active. After the creation process is completed, you can access the workspace from this list.

3. Getting Workspace OCID to Create Policies

To restrict the policies at the workspace level and create your own policies, you need the workspace OCID.

To get the workspace OCID:

  • From the Workspaces page, click the Actions menu (three dots) corresponding to your workspace, and then select Copy OCID.

    copy-ocid-from-workspace-page

  • Alternatively, from the Home tab for a workspace, click the Copy link in the workspace name tooltip.

    copy-ocid-from-workspace-details-page