Overview of OS Management

The Oracle Cloud Infrastructure OS Management service allows you to manage updates and patches for the operating system environment on your Oracle Cloud Infrastructure instances.

OS Management Concepts

Review the following concepts and terms to help you get started with OS Management.

Managed Instance

A Compute instance that uses the OS Management service is referred to as a managed instance.

Managed Instance Groups

Managed instance groups enable you to group your instances together for updates.

For more information, see Administering Managed Instance Groups.

OS Management Service Agent Plugin

OS Management uses the OS Management Service Agent plugin for managing and applying updates. The the Oracle Cloud Agent manages the OS Management Service Agent plugin. For more information about the Oracle Cloud Agent, see Managing Plugins with Oracle Cloud Agent.

The OS Management Service Agent plugin provides the necessary permissions to apply updates on the respective operating system:

  • For Oracle Linux instances, the OS Management Service Agent plugin utilizes the standard Linux permissions for a sudo administrative account to apply updates.
  • For Windows instances, the OS Management Service Agent plugin creates a virtual service account for applying updates on the instance. The virtual service account is OCAOSMS. Do not remove this account on instances where the OS Management service is used.

For more information about managing the OS Management Service Agent plugin, see Getting Started with OS Management.

Software Sources

For Linux instances, OS Management uses software sources to provide packages to instances and to track the available updates to those packages.

For more information about software sources, see Managing Software Sources.

Linux Package Management

For Linux instances, OS Management provides a search facility that you can use to check individual packages. Using this search facility, you can check for available updates. You can also use this facility to perform actions for managing Linux packages, such as installing, removing, and updating packages on managed instances and managed instance groups.

For more information, see Managing Linux Packages.

Windows Update Management

For Windows instances, OS Management provides actions for installing Windows updates on managed instances and managed instance groups.

For more information, see Managing Windows Updates.

CVE Search

For Linux instances, OS Management provides a search facility that you can use to check individual CVEs (Common Vulnerabilities and Exposures). This facility helps you determine the level of exposure in your tenancy.

For more information about the CVE search facility, see Checking Exposure to Known Vulnerabilities.

Scheduled Jobs

When you use the OS Management service to manage updates on a managed instance or managed instance group, you have full control over when actions take place. If you specify that an action take place at a particular date and time, the OS Management service creates a scheduled job. OS Management provides two basic modes for scheduled jobs: one-time and recurring jobs.

For more information, see Managing Scheduled Jobs and Work Requests.

Work Requests

OS Management actions such as installing, removing, or updating packages are asynchronous and initiate work requests. You can use the work request to track the status of operations, including the ability to see why an action failed.

For more information, see Managing Scheduled Jobs and Work Requests.

Managed Instance Lifecycle

The OS Management service runs a process that periodically removes managed instances under the following conditions:

  • The OS Management service can retrieve the Compute instance and the instance is either in the terminating or terminated state.
  • The managed instance has not checked in with the OS Management service in the last 30 days.

This process runs several times per day.


OS Management is available in the following regions in the commercial realm:
Geography Region Name Region Location Region Key
APAC Australia East (Sydney) Sydney, Australia SYD
APAC Australia Southeast (Melbourne) Melbourne, Australia MEL
APAC India South (Hyderabad) Hyderabad, India HYD
APAC India West (Mumbai) Mumbai, India BOM
APAC Japan Central (Osaka) Osaka Japan KIX
APAC Japan East (Tokyo) Tokyo, Japan NRT
APAC South Korea Central (Seoul) Seoul, South Korea ICN
APAC South Korea North (Chuncheon) Chuncheon, South Korea YNY
EMEA Germany Central (Frankfurt) Frankfurt, Germany FRA
EMEA Netherlands Northwest (Amsterdam) Amsterdam, Netherlands AMS
EMEA Saudi Arabia West (Jeddah) Jeddah, Saudi Arabia JED
EMEA Switzerland North (Zurich) Zurich, Switzerland ZRH
EMEA UAE East (Dubai) Dubai, UAE DXB
EMEA UK South (London) London, United Kingdom LHR
EMEA UK West (Newport) Newport, United Kingdom CWL
LAD Brazil East (Sao Paulo) Sao Paulo, Brazil GRU
LAD Chile (Santiago) Santiago, Chile SCL
North America Canada Southeast (Montreal) Montreal, Canada YUL
North America Canada Southeast (Toronto) Toronto, Canada YYZ
North America US East (Ashburn) Ashburn, VA IAD
North America US West (Phoenix) Phoenix, AZ PHX
North America US West (San Jose) San Jose, CA SJC

Authorization and Authentication

Each service in Oracle Cloud Infrastructure integrates with IAM for authentication and authorization, for all interfaces (the Console, SDK or CLI, and REST API).

An administrator in your organization needs to set up groups, compartments, and policies that control which users can access which services, which resources, and the type of access. For example, the policies control who can create new users, create and manage the cloud network, launch instances, create buckets, download objects, etc. For more information, see Getting Started with Policies. For specific details about writing policies for OS Management, see Setting Up Policies for OS Management and OS Management Policy Reference.

If you’re a regular user (not an administrator) who needs to use the Oracle Cloud Infrastructure resources that your company owns, contact your administrator to set up a user ID for you. The administrator can confirm which compartment or compartments you should be using.

Creating Automation with Events

You can create automation based on state changes for your Oracle Cloud Infrastructure resources by using event types, rules, and actions. For more information, see Overview of Events. For reference information about OS Management events, see OS Management Events.

OS Management resources that emit events:

  • Managed instances

  • Managed instance groups

  • Scheduled jobs

  • Software sources

Ways to Access Oracle Cloud Infrastructure

You can access Oracle Cloud Infrastructure using the Console (a browser-based interface) or the REST API. Instructions for the Console and API are included in topics throughout this guide. For a list of available SDKs, see Software Development Kits and Command Line Interface.

To access the Console, you must use a supported browser. You can use the Console link at the top of this page to go to the sign-in page. You will be prompted to enter your cloud tenant, your user name, and your password.

For general information about using the API, see REST APIs.