Oracle Cloud Database-related Prerequisite Tasks

To enable and use Database Management for Oracle Cloud Databases, you must review and complete the prerequisite tasks listed in the following table.

Currently, you can use Database Management to monitor and manage Oracle Databases on the following Co-managed Oracle Database Cloud solutions:

  • Bare Metal and Virtual Machine DB Systems
  • Exadata Cloud Service
Task Description More Information
Set database monitoring user credentials in the Oracle Cloud Database and save the database user password as a secret in the Vault service You must grant a database user, for example, DBSNMP, the privileges required to monitor and manage the Oracle Cloud Database.
SQL> GRANT CREATE PROCEDURE TO dbsnmp;
Grant succeeded.
SQL> GRANT SELECT ANY DICTIONARY, SELECT_CATALOG_ROLE TO dbsnmp;
Grant succeeded.
SQL> GRANT ALTER SYSTEM TO dbsnmp;
Grant succeeded.
SQL> GRANT ADVISOR TO dbsnmp;
Grant succeeded.
SQL> GRANT EXECUTE ON DBMS_WORKLOAD_REPOSITORY TO dbsnmp;
Grant succeeded.
SQL> GRANT CREATE SESSION TO dbsnmp;
Grant succeeded.

The database user password checks in Database Management require the password to be Federal Information Processing Standards (FIPS) compliant:

  • Password length must be between 14 to 127 characters.

  • Password must have at least two lowercase, two uppercase, two digits, and two special characters.

SQL> alter user dbsnmp account unlock;
User altered.
SQL> alter user dbsnmp identified by "<password>";
User altered.

After setting the monitoring user credentials, use the Oracle Cloud Infrastructure Vault service to save the database user password in a secret with an encryption key. The Vault service is a managed service that enables you to centrally manage the encryption keys that protect your data and the secret credentials that you use to securely access resources.

Note that if you change the database user password, you must also update the secret with the new password by creating a new version of the secret and updating the contents.

For information on the Vault service, its concepts, and how to create vaults, keys, and secrets, see Vault.
Create a Database Management private endpoint A Database Management private endpoint is required to enable communication between Database Management and the Oracle Cloud Database in a VCN. The Database Management private endpoint is its network point of presence in the VCN in which the Oracle Cloud Database can be accessed. For information on how to create a Database Management private endpoint, see Create a Database Management Private Endpoint.
Enable communication between Database Management and the Oracle Cloud Database You must add ingress and egress security rules to Network Security Groups (NSGs) or Security Lists in the Oracle Cloud Database's VCN to allow communication between the Database Management private endpoint and the Oracle Cloud Database. For information on how to enable communication between Database Management and the Oracle Cloud Database, see Enable Communication Between Database Management and Oracle Cloud Databases.