Recommended Setup for a Single Cloud Service

If you are using a single Oracle Utilities cloud service (such as Customer Cloud Service) consider the following recommended setup:

Oracle Cloud Infrastructure - IAM and Object Storage

Compartments and Buckets

• Root Compartment

• CCS-Prod (Compartment)

• CCS-Non-Prod (Compartment)

• CCS-Shared (Compartment)

• CMA-Files (Bucket)

[for the system Configuration Migration Assistant]

• CONV-Upload (Bucket)

[for Data Conversion]

• CONV-Output (Bucket)

[for Data Conversion]

Application Users and User Groups for Object Storage Access

• CCSDEV (for the Development environment)

[part of User Group CCSObjectStorageAppNonProdAccess]

• CCSTEST (for the Testing environment)

[part of User Group CCSObjectStorageAppNonProdAccess]

• CCSPROD (for the production environment)

[part of User Group CCSObjectStorageAppProdAccess]

Additional environments will each have their own unique User with the "CCS" prefix and will be a part of the CCSObjectStorageAppNonProdAccess User Group.

Policies for Object Storage

• Policy for application access to object storage in the Production Compartment:

• Defined under the root compartment.

• Open only to production user groups.

• Allows read, create and modify access to buckets and objects in the Production Compartment and the Shared Compartment.

• Policy for application access to object storage in the Non-Production Compartment

• Defined under the root compartment.

• Open only to non-production user groups.

• Allows read, create and modify access to buckets and objects in the Non-Production Compartment and the Shared Compartment.

Example: Oracle Utilities Customer Cloud Service

The following example references the setup in the Customer Cloud Service (CCS) application outlined above.

File Storage Configuration

The following File Storage Configuration extendable lookup values should be defined to correspond to the cloud infrastructure setup above:

• OS-SHARED: This value will point to the Shared Compartment:

• The user ID will be different in each environment (CCSDEV, CCSTEST, CCSPROD)

• The key ring can be the same in all environment but each environment key ring will have different key pairs (generated separately in each environment).

• Additional values can be defined based on the file location your specific processes will need to access, for example:

• OS-Payment: for Payment upload interface

• OS-MR-Up: for Meter Reads upload interface

• OS-MR-Dl: for Meter Reads download interface

• The Extendable Lookup values (the name) will be the same in each environment but some of the information that is defined for them will be different in each environment:

• User ID, compartment (Prod vs Non-Prod) and keys.