Invoke Oracle Cloud Infrastructure Object Storage from an Integration with an OCI Object Storage Action
You can natively invoke Oracle Cloud Infrastructure Object Storage from an integration without the need to configure an explicit REST Adapter connection.
Oracle Cloud Infrastructure Object Storage Concepts
Oracle Cloud Infrastructure Object Storage is an internet-scale, high-performance storage platform that offers reliable and cost-efficient data durability. Oracle Cloud Infrastructure Object Storage enables you to securely store any type of data in its native format. An unlimited amount of unstructured data of any content type is supported, including analytic data and rich content such as images and videos. See Object Storage and Overview of Object Storage.
Prerequisites
Note:
The OCI object storage action doesn’t support cross tenancy calls. To make cross tenancy calls, configure the REST Adapter with the OCI Signature Version 1 security policy to call the object storage REST APIs. See this blog.- Create a dynamic group
- Create a policy to grant access to Oracle Cloud Infrastructure Object Storage.
- Ensure that your cloud tenancy uses identity domains. If you are unsure, ask your administrator for details.
- Create the required dynamic group and assign a policy to that group
to allow your Oracle Integration instance to access Oracle Cloud
Infrastructure Object
Storage. The policy defines the permissions for the dynamic group and determines
which operations the dynamic group can perform on Oracle Cloud
Infrastructure Object Storage and other services such as
Oracle Cloud
Infrastructure Functions,
Oracle Cloud
Infrastructure Vision, and
more
- Log in to the Oracle Cloud Infrastructure Console.
- Obtain the client ID of the OAuth application for the Oracle Integration instance.
- In the navigation pane, select Identity & Security.
- Under Identity, select Domains.
- In the upper right corner, select Profile, then click the identity domain.
- In the menu bar, click Oracle cloud
services.
The Oracle Cloud Services page for your domain appears.
- In the Name column, click your service instance.
- Click OAuth configuration.
- Scroll down to the General Information section and copy the client ID value to use to create your dynamic group.
- Scroll to the breadcrumbs at the top and click
Oracle cloud services to return to the main
page for the identity domain.
- In the menu bar, click Dynamic
groups.
- Create dynamic group
- Enter the following details:
- In the Name and Description fields, enter values. These fields are required.
- In the Matching Rules
section, enter the required rule. The resource ID you specify
must match the client ID of the OAuth application of your Oracle Integration instance. Ensure that you enclose the value
in single quotes. For
example:
resource.id = 'client_ID'
- In the left navigation pane, click Policies.
- Click Create Policy.
- Select the compartment in which to create the policy.
- Enter the following details:
- In the Name and Description fields, enter values. These fields are required.
- In the Policy Builder
section, build the required policy for the dynamic group.
Examples of the minimum policy required are as
follows:
allow dynamic-group dynamic_group to manage object-family in compartment compartment_name
allow dynamic-group dynamic_group to inspect compartments in compartment compartment_name
Where:dynamic_group
: Is the dynamic group name you specified in Step 5.compartment_name
: Is the compartment in which your Oracle Integration instance is located.
This enables the Oracle Integration instance associated with the dynamic group to call Oracle Cloud Infrastructure Object Storage in this particular compartment. The RPST token is only valid for resources to which the dynamic group has been granted access using this policy.
Details about more granular permissions for object storage are provided. See Securing Object Storage.
Invoke Oracle Cloud Infrastructure Object Storage from an Integration
Note:
Use of an OCI Object storage action in a project is not supported.- Add an OCI Object storage action to an
integration in either of the following ways:
- On the side of the canvas, click
Actions
and drag the OCI Object storage action to the appropriate location.
- Click
at the location where you want to add the action, then select OCI Object storage.
The Configure object storage panel opens.
- On the side of the canvas, click
Actions
- Enter a name.
- Select the resource to manage.
- Manage buckets: Buckets are logical containers for storing objects. Buckets are region- and compartment-specific. You can define policies at a bucket level to control access.
- Manage objects: Objects are stored within buckets. Objects can be any data type and consist of the object itself and any metadata.
- If you select Manage buckets:
- From the Operations list, select the
operation to perform.
- Create bucket: Create a
bucket in Oracle Cloud
Infrastructure Object Storage. In the mapper, you map
the bucket name to create.
- Select the compartment in which to create the bucket. This selection during design-time is overridden if you map anything to the compartment Id field in the request mapper for this action.
- List buckets: Retrieve a
list of objects in a bucket in Oracle Cloud
Infrastructure Object Storage. In the
mapper, you map the bucket name to retrieve the objects list.
- Select the compartment in which to list the buckets. This selection during design-time is override if you map anything to the compartment Id field in the request mapper for this action.
- Delete bucket: Delete a bucket in Oracle Cloud Infrastructure Object Storage. In the mapper, you map the bucket name to delete.
- Create bucket: Create a
bucket in Oracle Cloud
Infrastructure Object Storage. In the mapper, you map
the bucket name to create.
- Click Continue.
- From the Operations list, select the
operation to perform.
- If you select Manage objects:
- From the Operations list, select the
operation to perform:
- Upload object: Upload an object into Oracle Cloud Infrastructure Object Storage. In the mapper, you map the object name to upload. This is how you update an object (it overrides an existing object with the same name). The file size limit is 1 GB. However, the API can handle objects up to 50 GB in size. See PutObject.
- Download object: Retrieve an object from Oracle Cloud Infrastructure Object Storage. In the mapper, you map the object name to retrieve. The size limit is 1 GB. Otherwise, the download fails.
- Delete object: Delete an object in Oracle Cloud Infrastructure Object Storage. In the mapper, you map the object name to delete.
- List objects: List all objects in Oracle Cloud Infrastructure Object Storage. In the mapper, you map the bucket name to retrieve the objects list.
- Select the compartment in which to perform the operation.
- Select the bucket in which to perform the operation. This selection during design-time is overridden if you map anything to the Bucket Name field in the request mapper for this action.
- Click Continue.
- From the Operations list, select the
operation to perform:
- Review your selections on the Summary page, then click
Finish.
This creates a map action in front of the OCI Object storage action.
Several use cases that natively invoke Oracle Cloud Infrastructure Object Storage are provided. See Manage Oracle Cloud Infrastructure Buckets and Objects from an Integration.