Before You Begin with Oracle Essbase

Before you begin to set up Oracle Essbase deployment, here are pre-requisite lists of metadata you must gather and tasks that you must complete.

The quick-start process, which deploys Essbase on Oracle Cloud Infrastructure using Marketplace, uses default settings on Marketplace. The process assumes, and at times provides, less prohibitive access to infrastructure components. You're recommended to use the information here, as well as the default settings, only as a guide, and to determine the appropriate security and access requirements for your organization. You can also use Oracle Cloud Infrastructure documentation as a reference.

When Essbase is deployed on Oracle Cloud Infrastructure, you receive access to the required services based on your defined role and policies, including Oracle Cloud Infrastructure Compute Service and Oracle Identity Cloud Service.

A text worklist is provided at the end of this page, which you can copy to a text file and use for storing names, IDs, and other values needed during setup.

Table 2-1 Pre-deployment metadata

Prerequisite Metadata Links to overviews and tasks / examples Record values needed for deployment
Account and environment for Oracle Cloud Infrastructure (OCI) - Account
Command Line Interface (CLI) tool installed from OCI CLI Quickstart -
User name for OCI administrator Administrator Access Requirements Admin user name and password
Identity Cloud Service (IDCS) system administrator user ID (or create it later with REST API for IDCS) Administrator Access Requirements IDCS system admin user ID
IDCS Essbase administrator user name, as defined during stack creation Administrator Access Requirements Initial Essbase administrator name
Sufficient quota in target region and target availability domain Regions and Availability Domains


Availability domain

Vault secret and OCIDs for secrets created to encrypt your Essbase administrator password, DB system administrator password and IDCS application client secret, using Oracle Cloud Infrastructure Vault provisioning encryption Create Vault, Secrets, and Encrypt Values,

Also see, Overview of Vault in Oracle Cloud Infrastructure documentation.

Vault encryption key OCID

[Optional] Load balancer to specify shape and subnets Overview of Load Balancing Load balancer shape and subnets
Compute shape for Essbase compute instance Supported Compute Shapes Compute shape
[Optional] Use existing network setup option - if used, you must configure network infrastructure with security lists, or ask Oracle Support to create an instance Creating a Virtual Cloud Network Existing virtual cloud network Name
Essbase administrator user name, as defined during stack creation. Administrator Access Requirements. Also see Create Stack step on entering Essbase System Admin User Name. Also known as Essbase 911 user name (administrator who manages the WebLogic server on which Essbase runs)
Essbase Node Public IP - If creating a private Essbase subnet, record the Essbase node private IP and the VCN on which it is deployed.
Essbase URL for Essbase web interface and confidential application use - Essbase URL
[Optional] Enable Monitoring service Monitor Operations and Resources Using Oracle Cloud Infrastructure Monitoring Service -
[Optional] Enable and set up Notifications service Get Event Notifications Using Oracle Cloud Infrastructure Notifications Service Notifications topic OCID

Table 2-2 Pre-deployment tasks to be completed

Prerequisite Tasks Links to overviews and tasks / examples Record values needed for deployment
1. Select one of these database options:
  • New Oracle Autonomous Database
  • Existing Oracle Autonomous Database Serverless or Oracle Autonomous Database on Dedicated Exadata Infrastructure that you deployed from Oracle Cloud Infrastructure Console
  • Existing Database System that you deployed from Oracle Cloud Infrastructure

Creating an Autonomous Database

Creating a Database System

How to Use Network Components

Set Up Rules for Database Connectivity

Set Relational Database Connectivity

  • For Oracle-created database: admin name and password
  • For existing Autonomous database: admin name and password, and compartment
  • For existing Database System: admin name and password, database name and home, and compartment
2. As shown in the table above, if you haven't already done so, use Oracle Cloud Infrastructure Vault provisioning secrets and OCIDs for secrets created for:
  • Essbase administrator password
  • Database system administrator password
  • Identity Cloud Service application client secret
Create Vault, Secrets, and Encrypt Values -

Vault encryption key OCID. The OCIDs need to be noted for Essbase administrator password, Database system administrator password, and Identity Cloud Service application client secret

3. Log in to OCI tenancy as Administrator - In OCI console, log in to your tenancy as the admin subscribed to that tenancy. [Optional]: Create OCI admin user - Add user to admin group (Identity>Groups>Administrator>Create User), close browser, change password using email you receive, and log in as new admin. Administrator Access Requirements -
4. Create an SSH key pair - In Oracle Cloud Infrastructure (OCI) console, create SSH public key and corresponding private key to access Essbase compute instances. Creating a Key Pair

SSH public key

Path to private key

5. Create compartment(s) - In OCI console, choose or create a compartment (Identity>Compartments>Create Compartment) where you want to deploy Essbase. Choosing a Compartment Compartment ID (OCID) and name
6. Create dynamic group - In OCI console, create a dynamic group to allow resources to allow OCI resources to be created and networked together dynamically without explicit approvals. You can associate groups with policies. Create Dynamic Groups Dynamic group name
7. Set up policies - In OCI console, set up policies to enable you to manage or create resources in OCI. Set Up Policies

Common Policies

How Policies Work.

Policy statements (enter in text worklist doc for entry convenience)
8. Set up Essbase access - In Oracle Identity Cloud Service (IDCS), set up Essbase access. Set Up Essbase Access in Identity Cloud Service -
9. Set up confidential application to register Essbase - In Oracle Identity Cloud Service, for each compartment in which you plan to deploy Essbase, create a confidential Oracle Identity Cloud Service application, and activate the confidential application. Create a Confidential Identity Cloud Service Application

Confidential application name

IDCS Instance GUID

IDCS Application Client ID

IDCS Application Client Secret

Storing Recorded Metadata for Deployment

Copy and paste the following to a text file, for your convenience, and enter the relevant values, to be used during deployment. If you fail to record any needed deployment metadata, an Oracle Cloud Infrastructure administrator can collect them from the Variables page or Application Information page of Oracle Cloud Infrastructure Resource Manager. Make sure to protect and dispose of the metadata text file appropriately.

Target availability domain:
Oracle Cloud Infrastructure administrator user:
OCI administrator group name:
IDCS system administrator:
DB system admin password:
Existing virtual cloud network name (optional):
Compute node shape:
Essbase node OCID (OCI ID of the compute node):
Load balancer shape and subnets (optional):
SSH-2 RSA key pair, stored locally:
Path to private key:
Compartment ID:
Compartment name:
Dynamic group name:
Policy statements:
Confidential application details
 IDCS instance GUID (IDCS host):
 IDCS application client ID:
 IDCS application client secret:
IDCS Essbase admin user and password (Initial Essbase admin):
Essbase admin user (also known as WebLogic user--defined during stack creation):
SSH access details:
  Essbase node private IP (when creating private subnet):
  Essbase node public IP (when not creating private subnet): 
  Essbase URL (for web interface):
  Essbase IP (for confidential application):
Notification topic OCID (optional):