1. Access Governance Cloud Service
  2. Getting Started
  3. Set Up Service Instance

Set Up Service Instance

Regions

You can create an Oracle Access Governance service instance in the following regions: US East (Ashburn) for North America, Brazil East (Sao Paulo) for South America, Germany Central (Frankfurt) or UAE Central (Abu Dhabi) for Europe, and Australia East (Sydney) for Asia-Pacific. When you login to your tenancy, depending on your home region, chose the region hosting Oracle Access Governance within your geographic region to create and manage service instances. The tables below list the home regions that support Oracle Access Governance and which region they need to have a subscription for to access the Oracle Access Governance service.

North America

If you have an Oracle Cloud Infrastructure tenancy in one of the below home regions, you must have a subscription to the US East (Ashburn) region to be able to access the Oracle Access Governance service.

Region Name Region Identifier Region Location Region Key Realm Key Availability Domains

Canada Southeast (Montreal)

ca-montreal-1

Montreal, Canada

YUL

OC1

1

Canada Southeast (Toronto)

ca-toronto-1

Toronto, Canada

YYZ

OC1

1

US East (Ashburn)

us-ashburn-1

Ashburn, VA

IAD

OC1

3

US West (Phoenix)

us-phoenix-1

Phoenix, AZ

PHX

OC1

3

US West (San Jose)

us-sanjose-1

San Jose, CA

SJC

OC1

1

South America

If you have an Oracle Cloud Infrastructure tenancy in one of the below home regions, you must have a subscription to the Brazil East (Sao Paulo) region to be able to access the Oracle Access Governance service.

Region Name Region Identifier Region Location Region Key Realm Key Availability Domains

Brazil East (Sao Paulo)

sa-saopaulo-1

Sao Paulo, Brazil

GRU

OC1

1

Brazil Southeast (Vinhedo)

sa-vinhedo-1

Vinhedo, Brazil

VCP

OC1

1

Chile (Santiago)

sa-santiago-1

Santiago, Chile

SCL

OC1

1

Europe

If you have an Oracle Cloud Infrastructure tenancy in one of the below home regions, you must have a subscription to the Germany Central (Frankfurt) or the UAE Central (Abu Dhabi) region to be able to access the Oracle Access Governance service.

Region Name Region Identifier Region Location Region Key Realm Key Availability Domains

France Central (Paris)

eu-paris-1

Paris, France

CDG

OC1

1

France South (Marseille)

eu-marseille-1

Marseille, France

MRS

OC1

1

Germany Central (Frankfurt)

eu-frankfurt-1

Frankfurt, Germany

FRA

OC1

3

Israel Central (Jerusalem)

il-jerusalem-1

Jerusalem, Israel

MTZ

OC1

1

Italy Northwest (Milan)

eu-milan-1

Milan, Italy

LIN

OC1

1

Netherlands Northwest (Amsterdam)

eu-amsterdam-1

Amsterdam, Netherlands

AMS

OC1

1

Saudi Arabia West (Jeddah)

me-jeddah-1

Jeddah, Saudi Arabia

JED

OC1

1

South Africa Central (Johannesburg)

af-johannesburg-1

Johannesburg, South Africa

JNB

OC1

1

Sweden Central (Stockholm)

eu-stockholm-1

Stockholm, Sweden

ARN

OC1

1

Switzerland North (Zurich)

eu-zurich-1

Zurich, Switzerland

ZRH

OC1

1

UAE Central (Abu Dhabi)

me-abudhabi-1

Abu Dhabi, UAE

AUH

OC1

1

UAE East (Dubai)

me-dubai-1

Dubai, UAE

DXB

OC1

1

UK South (London)

uk-london-1

London, United Kingdom

LHR

OC1

3

UK West (Newport)

uk-cardiff-1

Newport, United Kingdom

CWL

OC1

1

Asia-Pacific

If you have an Oracle Cloud Infrastructure tenancy in one of the below home regions, you must have a subscription to the Australia East (Sydney) region to be able to access the Oracle Access Governance service.

Region Name Region Identifier Region Location Region Key Realm Key Availability Domains

Australia East (Sydney)

ap-sydney-1

Sydney, Australia

SYD

OC1

1

Australia Southeast (Melbourne)

ap-melbourne-1

Melbourne, Australia

MEL

OC1

1

India South (Hyderabad)

ap-hyderabad-1

Hyderabad, India

HYD

OC1

1

India West (Mumbai)

ap-mumbai-1

Mumbai, India

BOM

OC1

1

Japan Central (Osaka)

ap-osaka-1

Osaka, Japan

KIX

OC1

1

Japan East (Tokyo)

ap-tokyo-1

Tokyo, Japan

NRT

OC1

1

Singapore (Singapore)

ap-singapore-1

Singapore,Singapore

SIN

OC1

1

South Korea Central (Seoul)

ap-seoul-1

Seoul, South Korea

ICN

OC1

1

South Korea North (Chuncheon)

ap-chuncheon-1

Chuncheon, South Korea

YNY

OC1

1

Note:

You cannot access the Oracle Access Governance service from a subscription to a region outside your geographical region. An example would be if your home region is UK South (London) then you cannot access the service with a subscription to US East (Ashburn), you must have a subscription to Germany Central (Frankfurt) within your geographical region.

Prerequisites

A prerequisite for creating and setting up a service instance is to provide permissions for agcs-instance resources.

In order to create, update, or delete an Oracle Access Governance service instance, the Oracle Cloud Infrastructure Identity and Access Management administrator or domain administrator can create a group and allow that group permissions to manage agcs-instance resources for a given compartment or tenancy in a policy statement:

  1. Examples for Tenancies using Identity Domain:
    1. Allow group <domain_name>/<group_name> to manage agcs-instance in compartment <compartment_name>
    2. Allow group <domain_name>/<group_name> to manage all-resources in compartment <compartment_name>
  2. Examples for Tenancies without Identity Domain:
    1. Allow group <group_name> to manage agcs-instance in compartment <compartment_name>
    2. Allow group <group_name> to manage all-resources in in compartment <compartment_name>

Create Service Instance

Create an Oracle Access Governance instance in the Oracle Cloud Infrastructure console.

You can create an Oracle Access Governance service instance using the following steps:
  1. Open your web browser and navigate to https://cloud.oracle.com.
  2. Enter the name of your Cloud Account Administrator in the Cloud Account Name field and click Next.
  3. On the Cloud Infrastructure sign-in page, enter your sign-in credentials under Oracle Cloud Infrastructure Direct Sign-In. Click Sign In.
  4. When you have successfully logged in, select Regions → [US East (Ashburn)|Brazil East (Sao Paulo)|Germany Central (Frankfurt)|Australia East (Sydney)], depending on your Home region location, from the top navigation menu.
  5. Click the Navigation Menu icon in the top left corner to display the navigation menu.
  6. Click Identity and Security in the navigation menu.
  7. Select Access Governance from the list of products.
  8. On the Service Instances page, click the Create service instance button.
  9. Enter values for the service instance as detailed in the following table .
    Parameter Value Description
    Name   Name of the service instance.
    Description   Description of the service instance.
    Create in compartment Compartment Name into which the service instance will be created. Name of the OCI compartment into which the service instance will be created.
    License type  

    Select from the following license types:

    • Access Governance for Oracle Workloads: Governance of access privileges for Oracle Workloads running anywhere
    • Access Governance for Oracle Cloud Infrastructure: Governance of access privileges for OCI resources and services.

    Note:

    Access Governance for OCI is the entry level license option, covering OCI in cloud environments. Access Governance for Oracle Workloads is a broader option, covering Oracle Workloads running anywhere, and includes OCI.
    Tagging   Tags allow you to organize and track resources within your tenancy. If you want to tag resources within the service instance, add them here. Add value as described in the following rows. If you want to add additional tags, select Another Tag to create more.
    TAG NAMESPACE   Namespace to which the tag applies.
    TAG KEY   Key for the tag.
    TAG VALUE   Value of the tag.
  10. To create the service instance with the value you have input, select Create service instance. If you do not want to proceed with the service creation, select Cancel.

Verify Service Instance

You can verify an Oracle Access Governance service instance using the following steps:
  1. Open your web browser and navigate to https://cloud.oracle.com.
  2. Enter the name of your Cloud Account Administrator in the Cloud Account Name field and click Next.
  3. On the Cloud Infrastructure sign-in page, enter your sign-in credentials under Oracle Cloud Infrastructure Direct Sign-In. Click Sign In.
  4. Click the Navigation Menu icon in the top left corner to display the navigation menu.
  5. Click Identity and Security in the navigation menu
  6. Select Access Governance from the list of products.
  7. On the Service Instances page, select the newly created service instance.
  8. Click Service Home Page to access the Oracle Access Governance Console in a browser.