1. Administering Oracle Visual Builder Generation 2
  2. Create and Set Up Your Visual Builder Generation 2 Instance

2 Create and Set Up Your Visual Builder Generation 2 Instance

Like other Oracle Cloud services, you must create an instance of Oracle Visual Builder before you can start using it.

You can create Visual Builder Generation 2 instances in any Oracle data region listed in Availability. To create and set up an instance, you must be assigned specific roles.

Confirm You Have the Required Roles

If you are the user that initially signed up and purchased universal credits for Oracle Cloud, you automatically have the necessary service entitlement roles to create Oracle Visual Builder instances. Otherwise, the correct roles must be explicitly assigned to your user account to create Oracle Visual Builder instances.

Without the necessary roles, instance creation fails.

To successfully create Oracle Visual Builder instances, ensure that your user account is assigned the required roles and to the required groups.

You must be assigned this role: To ...
Cloud Account Administrator

Set up Oracle Cloud Infrastructure (OCI) compartments and buckets.

If you're not an account administrator, contact the administrator to add you to the OCI_Administrators IDCS group.

Identity Domain Administrator or User Administrator

Add users and assign IDCS roles and groups.

If you're not an administrator, make sure that your OCI group is assigned a policy like this:

Allow group MyGroup to inspect identity-providers in tenancy
AUTONOMOUS_VISUALBUILDER_ENTITLEMENT_ADMINISTRATOR (Oracle Visual Builder entitlement administrator role in IDCS)

Create the Visual Builder instance.

If you're not the account administrator or the IDCS administrator, contact the IDCS admin to assign this IDCS role to you. If you're not assigned this role you won't see the user interface to provision a Visual Builder instance.

Assign the entitlement administrator role to a user

If you are not sure you have the correct administrator role to provision an instance, or if you want to assign the correct role to a user, log in to Oracle Identity Cloud Services to manage the service's roles. To do this, you'll need to have the Identity Domain Administrator or User Administrator role assigned to you.

To assign the AUTONOMOUS_VISUALBUILDER_ENTITLEMENT_ADMINISTRATOR role to a user.

  1. Log in to Oracle Identity Cloud Services.
  2. Click Oracle Cloud Services in the main navigation.
  3. Click VISUALBUILDERAUTO in the list of services.
  4. Open the Application Roles tab.

    To see a list of users that have already been assigned the role, click Users Assigned.

  5. To assign the role to a user, choose Assign Users in the menu on the right.
    Description of idcs-service-manage-roles.png follows
    Description of the illustration idcs-service-manage-roles.png

  6. Select the users you want to assign the role to. Click OK.

Understand Your Responsibilities as an Administrator

This guide is directed to administrators provisioning, creating, and configuring Visual Builder instances and identities on Oracle Cloud Infrastructure.

Provisioning and administering Visual Builder typically involves the following responsibilities. Note that these tasks could be done by the same person (the tenant administrator) or by different people.

Responsibility See
Create required OCI resources for the Visual Builder instance Create Required OCI Resources
Create a Visual Builder instance in an OCI compartment Create the Visual Builder Instance
Add users and groups About Setting Up Users and Groups
Manage the Visual Builder instance, such as start or stop the instance, or configure a custom endpoint View and Manage the Visual Builder Instance

Signing In to the OCI Console

Signing into the OCI Console differs depending on whether or not your cloud account uses identity domains.

Note:

If you are not sure if your cloud account uses identity domains, see About Setting Up Users and Groups.

Signing In to the Console in Cloud Accounts That Use Identity Domains

If your cloud account uses identity domains, you sign in to the OCI Console as a user configured in Oracle Cloud Infrastructure Identity and Access Management (IAM).

  1. Go to http://cloud.oracle.com.
  2. Enter your cloud account name and click Next.
  3. Select the default domain.

    Select an identity domain screen

  4. Enter the user name and password provided in the welcome email, and click Sign In.
    The OCI Console is shown.
  5. Explore categories and options in the navigation menu.

    • Open the navigation menu and click Developer Services. Under Visual Builder, click Visual Builder. Use this landing page to access, create, and manage Visual Builder instances.


      Description of admin-console-visualbuilder.png follows
      Description of the illustration admin-console-visualbuilder.png

      Click pin pin to save the selection under the Pinned category on the Home page.

    • Open the navigation menu and click Identity & Security. Under Identity, click identity links to to create compartments and domains if needed, and to perform tasks related to identity management. See Setting Up Users and Groups.

Signing In to the Console in Cloud Accounts That Do Not Use Identity Domains

If your cloud account does not use identity domains, you sign in to the OCI Console as a user federated through Oracle Identity Cloud Service. A federated environment enables business partners to integrate in the identity management realm by providing a mechanism for users to share identity information across respective security domains.

  1. Go to http://cloud.oracle.com.
  2. Enter your cloud account name and click Next.

    Identity options are displayed.


    Description of admin-oci-signin.png follows
    Description of the illustration admin-oci-signin.png

    • The upper portion displays federated sign in (Visual Builder is federated with IDCS).

    • The lower portion displays native Identity and Access Management (IAM) options standard to Oracle Cloud Infrastructure.

    Note:

    If no federated sign in options are displayed in the upper portion, your tenancy requires manual federation. Sign in as an administrator using native IAM credentials and complete federation, including group mapping. See Understanding Federation and Manually Federating Your Tenancy.

    Under Single Sign-On (SSO) options, note the identity provider selected in the Identity Providers field and click Continue.

    The IDCS sign in screen is shown.

  3. Enter the user name and password provided in the welcome email, and click Sign In.
    The OCI Console is displayed.
  4. Explore categories and options in the navigation menu.

    • Open the navigation menu and click Developer Services. Under Visual Builder, click Visual Builder. Use this landing page to access, create, and manage Visual Builder instances.


      Description of admin-console-visualbuilder.png follows
      Description of the illustration admin-console-visualbuilder.png

      Click pin pin to save the selection under the Pinned category on the Home page.

    • Open the navigation menu and click Identity & Security. Under Identity, click identity links to to create compartments if needed, and to perform tasks related to identity management. See Setting Up Users and Groups.

Create Required OCI Resources

Visual Builder instances use the Oracle Cloud Infrastructure (OCI) as their underlying infrastructure. If you're the tenant administrator, create the required OCI resources Visual Builder instances need.

To do this: See this:
Create a compartment.

To create an instance, you must first create a compartment. You can use the root compartment and the tenancy user that was created when the OCI account was created, but it's recommended to create a dedicated compartment to host the Visual Builder instance.

Create a Compartment for Visual Builder

If you want someone else to create the compartment and other OCI resources, add the user to the OCI_Administrators group. See Add an Existing User to the OCI_Administrators IDCS Group.

Add users who can manage the Visual Builder instance.

If you want other non-admin users to create and manage Visual Builder instances, assign them the required OCI policies. Skip this step if you plan to create and manage the instances yourself.

Create Oracle Cloud Infrastructure Groups and Policies
Map a custom endpoint to the Visual Builder instance use it to access the instance instead of the original URL generated in the OCI Console Create and Configure a Custom Endpoint for Your Visual Builder Instance
Set Visual Builder instance quotas Set Instance Quotas for a Compartment

Add an Existing User to the OCI_Administrators IDCS Group

If you're a tenant administrator and plan to create the OCI resources yourself, skip this procedure.
  1. On the OCI console, in the upper-left corner, click Navigation Menu the Menu icon.
  2. Select Identity & Security and then under Identity, select Federation.
  3. Select the OracleIdentityCloudService link to view the default Oracle Identity Cloud Service identity federation.
  4. Select Groups from the Resources options.
  5. Click the OCI_Administrators group.
  6. Click Add to IDCS Group.
  7. In the Add User to IDCS Group dialog box, select the user and click Add.

Create a Compartment for Visual Builder

To create a compartment, you must be either a tenant administrator or a user in the OCI_Administrators IDCS group.
  1. On the OCI console, in the upper-left corner, click Navigation Menu the Menu icon.
  2. Select Identity & Security and then under Identity, select Compartments.
  3. To create the compartment in the tenancy (root compartment), click Create Compartment.
  4. In the Create Compartment dialog box, fill in the fields and click Create Compartment.
    To learn more about compartments, see Managing Compartments.

Set Instance Quotas for a Compartment

As you can create multiple Visual Builder instances in a compartment, you should set a limit on number of instances your users can create.

  1. Sign in to the OCI Console.
  2. Open the navigation menu and click Identity & Security. Under Identity, click Policies.
  3. Click Create Policy.
  4. In the Create Policy window, enter a name (for example, instanceCreationQuota) and a description. Under Policy Builder, choose Show manual editor.
  5. Complete the Policy Statements field. As an example, to set a quota limit of 10 instances for the compartment named MyCompartment, enter the following statement:
    Set visualbuilder quota instance-count to <number_of_instances> in compartment <compartment-name>

    Here's an example:

    Set visualbuilder quota instance-count to 10 in compartment MyVBCompartment
    Where:
    • visualbuilder: Is the family name for Visual Builder.
    • instance-count: Is the quota name.
  6. Click Create.

    The policy statement is validated and any syntax errors are displayed.

Create the Visual Builder Instance

You can create multiple Visual Builder instances in an OCI compartment.

If you've registered a custom hostname for the Visual Builder instance and saved the SSL certificate in an OCI Vault, then get the vault's compartment name, vault's name, and the secret key. You'll need them while creating the instance. If you haven't configured a custom endpoint, you can map it with the Visual Builder instance later.
  1. Open the OCI Console.
  2. In the upper-left corner, click Navigation Menu the Menu icon.
  3. Select Developer Services and then select Visual Builder.
  4. On the Visual Builder Instances page, from the Compartment drop-down list, select the compartment you created to host the Visual Builder instance.
  5. Click Create Instance.

    Description of admin-console-createinstance.png follows
    Description of the illustration admin-console-createinstance.png

    Before you enter the new instance's details, check if you see the Domain field. If you do, it indicates that you are signed in as a non-federated user. Sign out and sign in again as a federated user, and restart creating an instance process.

  6. In Name, enter the Visual Builder instance's name.
  7. (Optional) In Compartment, select the compartment you created to host the Visual Builder instance. If you've selected the compartment in Step 4, ignore this step.
  8. (Optional) Click Show Advanced Options to set advanced options.
    1. To map a custom endpoint with the Visual Builder instance, enter the necessary details in the Custom Endpoint tab. If you haven't configured a custom endpoint, you can map it with the Visual Builder instance later.
      1. In Hostname, enter the custom hostname.

        The hostname must be registered on a DNS provider.

      2. In Compartment, select the OCI compartment that contains your certificate vault.
      3. In Vault, enter the OCI Vault's name.
      4. In Secret, select the secret you used to save the SSL certificate.

      After you've created the instance, update the custom endpoint DNS record to the original instance hostname. As a best practice, update the CNAME of the DNS record with the hostname of the original instance endpoint.

    2. In Tags, enter a key and optional value. Tags enable you to track resources within your tenancy. See Resource Tags.
  9. Click Create Visual Builder Instance.