Link the Microsoft Azure and Oracle Accounts
A Microsoft Azure administrator must first onboard, or link, an Azure environment with Oracle Database Service for Microsoft Azure (OracleDB for Azure). Once that process completes, the administrator and database administrators or developers use the OracleDB for Azure Portal to provision Oracle Cloud Infrastructure (OCI) database products for use in the onboarded Azure environment.
During account linking, OracleDB for Azure creates the configuration that connects an Azure tenancy to an OCI tenancy. You must complete this step before accessing the OracleDB for Azure Portal. Account linking accomplishes the following:
- Creates OracleDB for Azure groups in the Azure Active Directory.
- Creates an Oracle Database Service Enterprise Application and custom roles in the Azure tenant’s Azure Active Directory.
- Automated Configuration: You consent to a compete set of permissions and the workflow is fully automated to configure the Oracle Database Service for Microsoft Azure (OracleDB for Azure) Portal, including Identity Federation. The Azure user onboarding to OracleDB for Azure must be an Administrator in Azure and is assigned as an Owner for each Azure subscription linked to OracleDB for Azure.
- Guided Configuration: You can choose to automate Roles and Subscription setup and Identity Federation independently.
Use Automated Configuration to Link the Accounts
If you have an OCI tenancy, then a Microsoft Azure administrator can sign up for Oracle Database Service for Microsoft Azure (OracleDB for Azure) and use the automated configuration to onboard and link an Azure environment with OracleDB for Azure.
When the automated service configuration completes successfully, you're directed to the OracleDB for Azure Portal.
Enable Identity Federation
Enable identity federation between Azure and OCI to allow OracleDB for Azure users to use a single set of credentials to log into both cloud environments to perform tasks.
When using identity federation with Oracle Cloud Infrastructure Identity and Access Management, Azure users must have last names and email addresses in the Azure Active Directory.
Automated Configuration creates identity federation for you. Identity federation is optional with Guided Account Linking.
Add Oracle Users in Microsoft Azure
Oracle Database Service for Microsoft Azure creates user groups in Azure Active Directory (AAD) during the initial account linking stage of your OracleDB for Azure sign up.
Upon completion of the cloud linking, two new tiles appear at the top of the OracleDB for Azure Portal, to assign roles and link your subscriptions.
To complete the sign up process for OracleDB for Azure, you will need an Azure user account with administration privileges and ownership of the Azure subscriptions you want to link to OCI.
- Global Administrator
- Application Administrator
- Cloud Application Administrator
- Privileged Role Administrator
Perform the following tasks sequentially: