Table of Contents
- Title and Copyright Information
- Documentation Accessibility
- Documentation Feedback
- 1 Creating and Running an EPM Center of Excellence
-
2
Overview
- About EPM Cloud
- About Oracle Enterprise Data Management Cloud
- About the Cloud Infrastructure
- Information Sources
-
3
Working with Subscriptions
- Available Subscriptions
- Ordering a Subscription
- Activation Checklist
- What if the Existing Oracle Cloud Account was Created by Someone Else?
- Activating Subscriptions: OCI (Gen2) Regions Other than UK Gov Regions (OC4)
- Activating Subscriptions: UK Gov OCI Regions
- After Placing an Order: US Gov Regions
- Accessing EPM Cloud Identity Consoles
- Creating Identity Domain Administrators and Service Administrators
- Creating an EPM Cloud Environment
- Renaming or Relocating an OCI (Gen 2) Instance
- 4 Configuring Environments
-
5
Migrating Applications to EPM Cloud
- Migration Paths for Legacy EPM Cloud Snapshots
- Migration Paths for EPM Standard subscription and EPM Enterprise subscription Snapshots
- What Applications Can I Migrate to EPM Standard subscription and EPM Enterprise subscription?
- About Essbase in EPM Cloud
- Migrating Planning Snapshots
- Migrating Financial Consolidation and Close Snapshots
- Migrating Account Reconciliation Snapshots
- Migrating Profitability and Cost Management Snapshots
- Migrating Management Ledger Applications to Enterprise Profitability and Cost Management
- Migrating Tax Reporting Snapshots
- Migrating to Enterprise Data Management
- Migrating to Oracle Enterprise Data Management Cloud Service
- 6 Working with EPM Cloud Clients and Tools
-
7
Managing EPM Cloud Users and Roles
- About EPM Cloud User and Role Management
- Understanding Predefined Roles
- Domain-Level Administrator Roles
- Managing Users
- Assigning Roles to Users
- Using Identity Cloud Service Groups to Assign Predefined Roles to Users in Oracle Cloud Console (IAM) (for OCI (Gen2) Only)
-
Using SCIM to Synchronize Users and Groups on Oracle
Identity Cloud (for OCI (Gen2) Only)
- Synchronizing Users and Groups Between Two Different IDCS Identity Domains
- Synchronizing Users and Groups from Microsoft Entra ID to Oracle Cloud Console (IAM)
- Creating Groups for Application-Level Role Assignment
- Email Notifications
- Setting Password Policies
- Resetting User Password
- Default Oracle SFTP User Accounts (for Classic EPM Cloud Only)
- Audit and User Reports in Identity Cloud Service (OCI (Gen2))
-
8
Securing EPM Cloud
-
Configuring Single Sign-On
- Configuring SSO with OCI EPM Cloud Using Microsoft Entra ID as the Identity Provider
- Setting up Single Sign-on Using Oracle Identity Cloud Service as an Identity Provider (for Classic EPM Cloud Only)
- Configuring Single Sign-On Between EPM Cloud and Oracle Cloud
- Configuring Multiple Identity Providers for a Domain in Oracle Cloud Console (IAM) (for OCI (Gen2) only)
- Customizing Logout URL for SSO-Enabled OCI (Gen2) Environments
- Managing User Credentials in SSO-Enabled EPM Cloud Environments
- Making Smart View (Mac and Browser) Work after Enabling SSO
- Setting up Secure Access
- Setting up Network Perimeter for OCI (Gen2) EPM Cloud
- Restricting Access to OCI (Gen2)Environments Using Sign-On Policies
- Ensuring Task Manager Displays Oracle Cloud ERP Tasks
- Accessing Compliance Reports
- Finding EPM Cloud IP Addresses
-
Relocating an EPM Cloud Environment to a Different Identity Domain
- Supported Relocation Scenarios
- Considerations
- Preparing to Relocate an Environment
- Scheduling the Daily Maintenance Process
- Completing Relocation Tasks in Oracle Fusion Cloud EPM
- Importing Users into the Target Identity Domain and Assigning Roles
- Importing Maintenance Snapshot into the Relocated Environment
- Emailing Access Details
- Managing Navigation Flows
-
Understanding EPM Cloud Security Compliance
Features
- Transport Layer Security (TLS) 1.2 for Communication
- Periodic TLS Certificate Renewal
- Data Encryption Using Transparent Data Encryption
- Data Encryption Using OCI Block Volume Encryption
- Encryption Keys Stored in FIPS 140-2 Compliant HSM for OCI (Gen2) Environments
- Password Encryption for Secure EPM Automate Access
- Secure Storage of User Credentials
- Data Masking in Snapshots
- Data Isolation
- Externalized Authentication (Single Sign-On)
- Synchronize Users and Groups Using SCIM
- Use of APIs and Commands to Manage Access to EPM Cloud
- Use of OAuth 2 Tokens for REST APIs, EPM Automate, and EPM Integration Agent (for OCI (Gen2) only)
- Multiple Password Policies
- API Gateway Support for REST APIs and EPM Automate
- Role-Based Access Control For End Users
- Virus Scan on Uploaded Files in OCI (Gen2) Environments
- Network Restricted Access
- Air-Gapped Backup in a Secondary Region
- Setup IP AllowList for Connections from EPM Cloud
- Deactivate Access to OCI (Gen 2) Environments
- Sign-On Policies to Restrict Access to OCI (Gen 2) Environments
- Maximum Session Duration in OCI (Gen2) Environments
- Idle Session Timeout
- Protection Using Web Application Firewall (WAF) in OCI (Gen 2) Environments
- Compliance with Oracle Global Trade Policy
- Secure HTTP Headers in OCI (Gen 2) Environments
- DKIM Support for EPM Cloud OCI (Gen 2) Environments
- SPF Support
- DMARC Support for EPM Cloud OCI (Gen 2) Environments
- Bring Your Own Key Functionality for Database Access
- Control Manual Database Access
- Monitor Manual Database Access
- Restrict Data Access by Oracle
- Access Log for Information on Each Access to the Environment
- Audit Reports, Login Reports, and Audit Logs in EPM Cloud on OCI (Gen 2)
- User Login Report for Security Audit
- Activity Report to Monitor Application Performance
- Integration with Custom SIEM Tools
- Oracle Software Security Assurance (OSSA)
- Oracle's Monitoring of Environments Using Realtime Dashboards and Alerts
- Threat and Vulnerability Management
- Secure Access to Cloud Environments by Oracle
- Automatic Security Patching
- Periodic Penetration Testing and Ethical Hacking to Identify and Fix Vulnerabilities
- External Security Audits
- Backup Data Residency and Retention on OCI (Gen 2)
- 24X7 Support
- EPM Cloud for the United States Government
- EPM Cloud for the United Kingdom Government
-
Configuring Single Sign-On
- 9 Backing Up and Restoring an Environment Using the Maintenance Snapshot
-
10
Setting Up EPM Cloud Environments
- Configuring EPM Cloud Appearance
- Feature Updates to EPM Cloud
- Managing Daily Maintenance
- Setting Content Upgrade Start Time
- Helping Oracle Collect Diagnostic Information Using the Provide Feedback Utility
- Creating a Custom Description for an Environment
- Using Vanity URLs
- Understanding Encryption Levels
- Changing Idle Session Timeout Settings
- EPM Cloud Sender Email Address
- Configuring SPF Record for Oracle Fusion Cloud EPM Email Verification
- DKIM Support for EPM Cloud OCI (Gen 2) Environments
- Retrieving Data After Service Termination
- 11 Integrating EPM Cloud with Oracle Guided Learning
-
12
Monitoring EPM Cloud
- Using the Activity Report
-
Activity Report Contents
- Information About Your Environment
- User Information
- Interface Usage and Response Data
- Operational Metrics
- Jobs in the Last Hour
- Application Size
- Essbase Statistics
- Calculation Script Statistics
- Manual Database Access Information
- Manual Essbase Access Information
- Business Rules Information
- Application Design and Runtime Information
- Account Reconciliation Metrics
- Enterprise Journal Runtime Metrics
- Profitability and Cost Management Design and Runtime Metrics
- Supplemental Data Manager Design and Runtime Metrics
- Task Manager Design and Runtime Metrics
- Most Recent Metadata Validation Errors and Warnings
- Consolidation and Translation Jobs Statistics
- Reports and Books Execution Statistics
- CPU and Memory Usage Statistics
- Browser,Smart View, and Excel Usage Information
- Using Access Logs to Monitor Usage
- Viewing and Downloading Activity Reports and Access Logs
- Automating Activity Report and Access Log Download
- Using the Role Assignment Report to Monitor Users
- Monitoring Environments Using Oracle Cloud Applications
- Monitoring Metrics in Oracle Fusion Cloud EPM Portal
- A Frequently Asked Questions