1. Administrator's Guide for Oracle Autonomous Databases
  2. Discover Autonomous Databases
  3. Perform Prerequisite Tasks
  4. Prerequisite Tasks for Autonomous Databases – Dedicated

Prerequisite Tasks for Autonomous Databases – Dedicated

To discover Autonomous Data Warehouse – Dedicated and Autonomous Transaction Processing – Dedicated in Oracle Enterprise Manager deployed on Oracle Cloud Infrastructure or on premises, you must first perform the prerequisite tasks listed in these sections:

Oracle Enterprise Manager Deployed on Oracle Cloud Infrastructure

You can use Oracle Enterprise Manager deployed on Oracle Cloud Infrastructure and discover Autonomous Databases – Dedicated.

Before you discover Autonomous Databases – Dedicated, you must ensure that you have performed the following tasks:

  • Create an Autonomous Database – Dedicated in Oracle Cloud Infrastructure. After you create the database, you must download the OCI Client Credential (Wallet) and save the .zip file to provide client access to the Autonomous Database – Dedicated.

    For information, see:

  • Configure and deploy Oracle Enterprise Manager on Oracle Cloud Infrastructure. Oracle Enterprise Manager should be deployed in a Public or Private subnet in the same VCN as the Autonomous Database – Dedicated.

    The Enterprise Manager Oracle Management Service (OMS) includes a central Oracle Management Agent to discover Autonomous Databases, which are treated as non-host targets. The central agent is installed by default on the OMS host and must have SQL*Net access to the Autonomous Database – Dedicated. Although, it is recommended that you use the central agent, you also have the option of using any other agent that is deployed on an existing Oracle Cloud Infrastructure Database system.

    For information, see the Setting Up Oracle Enterprise Manager 13.4 on Oracle Cloud Infrastructure tutorial.

  • Review and use the specified connectivity option to connect Oracle Enterprise Manager on Oracle Cloud Infrastructure with the Autonomous Database – Dedicated. The network path to an Autonomous Database – Dedicated is through a Virtual Cloud Network (VCN) and subnet defined by the dedicated infrastructure hosting the database. Usually, the subnet is defined as Private, meaning that there is no Public Internet access to the database. Private IP addresses are used to connect Oracle Enterprise Manager with the Autonomous Database – Dedicated in the VCN.

    For information, see:

The following diagram provides an overview of how Oracle Enterprise Manager deployed on Oracle Cloud Infrastructure connects with Autonomous Databases – Dedicated.


Description of em_oci_deployment_overview.png follows
Description of the illustration em_oci_deployment_overview.png

In the diagram:

  • Oracle Enterprise Manager is deployed using a Marketplace image in a Public subnet in a VCN.

    Note that in the diagram, the other Web Servers in the Public subnet are not a part of the Oracle Enterprise Manager deployment, but a part of a sample scenario that depicts a typical Oracle Cloud Infrastructure application deployment that connects with Autonomous Databases – Dedicated.

  • Autonomous Databases – Dedicated are created in a Private subnet in the same VCN.
  • Oracle Enterprise Manager connects with Autonomous Databases – Dedicated using a Private IP address.

Other Prerequisite Tasks

After the major components are in place, you must perform the following prerequisite tasks to discover an Autonomous Database – Dedicated.

  1. Create an Oracle Cloud Infrastructure Identity and Access Management (IAM) group named EMGroup, and add the DBA who will be managing and monitoring the Autonomous Database – Dedicated using Oracle Enterprise Manager to this group. Note that this DBA user must have an account in Oracle Cloud Infrastructure.

    See To create a group in Oracle Cloud Infrastructure documentation.

  2. Create the following policies to allow the DBA in EMGroup to manage and monitor the Autonomous Database – Dedicated using Oracle Enterprise Manager.

    Allow group EMGroup to manage autonomous-database in compartment <compartment in which the Autonomous Database resides>

    Allow group EMGroup to manage orm-stacks in compartment <compartment in which the Oracle Enterprise Manager stack resides>

    Allow group EMGroup to manage instance-family in compartment <compartment in which the Oracle Enterprise Manager stack resides>

    Allow group EMGroup to manage volume-family in compartment <compartment in which the Oracle Enterprise Manager stack resides>

    Allow group EMGroup to manage load-balancers in compartment <compartment in which the Oracle Enterprise Manager stack resides>

    Allow group EMGroup to manage virtual-network-family in compartment <compartment in which the Oracle Enterprise Manager stack resides>

    Allow group EMGroup to manage file-family in compartment <compartment in which the Oracle Enterprise Manager stack resides>

    Allow group EMGroup to manage autonomous-database-family in compartment <compartment in which the Oracle Enterprise Manager stack resides>

    Allow group EMGroup to manage orm-jobs in compartment <compartment in which the Oracle Enterprise Manager stack resides>

    Allow group EMGroup to read resource-availability in compartment <compartment in which the Autonomous Database resides> and <compartment in which the Oracle Enterprise Manager stack resides>

    Allow group EMGroup to read limits in compartment <compartment in which the Autonomous Database resides> and <compartment in which the Oracle Enterprise Manager stack resides>

    Note:

    For the last two policies listed above, to grant read access to resource-availability and limits, you must use separate statements for each compartment.

    See To create a policy in Oracle Cloud Infrastructure documentation.

  3. Create a security list and add the following ingress rules to ensure secure access:
    • Rule for accessing Oracle Enterprise Manager from the public network, allow Transmission Control Protocol (TCP) traffic for port 7803.
    • Rule for accessing Autonomous Database – Dedicated from Oracle Enterprise Manager subnet and VCN, allow TCP/TCPS traffic for the port value specified in the tnsnames.ora file in the OCI Client Credential (Wallet).

    For information, see:

  4. Unlock the adbsnmp user, which is created out-of-the-box when the Autonomous Database – Dedicated is created in Oracle Cloud Infrastructure. This account is locked by default and you can reset the password and unlock it using Oracle Enterprise Manager or a SQL client.

Oracle Enterprise Manager Deployed On Premises

You can use Oracle Enterprise Manager deployed on premises to discover Autonomous Databases – Dedicated, including Autonomous Databases – Dedicated on Oracle Exadata Cloud at Customer.

Before you discover Autonomous Databases – Dedicated, you must ensure that you have performed the following tasks:

  • Create an Autonomous Database – Dedicated in Oracle Cloud Infrastructure. After you create the database, you must download the OCI Client Credential (Wallet) and save the .zip file to provide client access to the Autonomous Database – Dedicated.

    For information, see:

  • Deploy Oracle Enterprise Manager in your on-premises network. The OMS includes a central Oracle Management Agent that can be used to discover Autonomous Databases, which are treated as non-host targets. The central agent is installed by default on the OMS host and must have SQL*Net access to the Autonomous Database – Dedicated. Note that if you have an existing on-premises database or an Oracle Cloud Infrastructure Database system in the same VCN where the Autonomous Database – Dedicated resides, you have the option of using the agent that monitors them, instead of the central agent.

    For information, see:

  • Review and use the specified connectivity options to connect Oracle Enterprise Manager deployed on premises with the Autonomous Database – Dedicated. Oracle Enterprise Manager on premises connects with the Autonomous Database – Dedicated using a Private IP address, and you can use one of the following options to connect Oracle Enterprise Manager deployed in your on-premises network to the Autonomous Database – Dedicated in your VCN.
    • VPN Connect, which is an Internet Protocol Security (IPSec) VPN. IPSec VPN provides standards-based IPSec encryption over public internet. See VPN Connect in Oracle Cloud Infrastructure documentation.
    • FastConnect, which provides an easy way to create a dedicated, private connection between the on-premises network and the VCN in Oracle Cloud Infrastructure. See FastConnect in Oracle Cloud Infrastructure documentation.

    Note that you do not have host access to the Autonomous Database – Dedicated in Oracle Cloud Infrastructure. If required, web server instances in the Private subnet can initiate connections to the internet by way of a NAT gateway. See NAT Gateway in Oracle Cloud Infrastructure documentation.

The following diagram provides an overview of how Oracle Enterprise Manager deployed on premises connects and interacts with Autonomous Databases – Dedicated in Oracle Cloud Infrastructure.


Description of em_onprem_deployment_overview.png follows
Description of the illustration em_onprem_deployment_overview.png

In the diagram:

  • Oracle Enterprise Manager is deployed in an on-premises network.
  • The Autonomous Databases – Dedicated are created in Private subnets in a VCN in Oracle Cloud Infrastructure.
  • The two connectivity options, VPN Connect and FastConnect, are displayed to demonstrate how Oracle Enterprise Manager deployed on premises connects with the Autonomous Database – Dedicated using these options.

Other Prerequisite Tasks

After the major components are in place, you must perform the following prerequisite tasks to discover an Autonomous Database – Dedicated.

  1. Create an Oracle Cloud Infrastructure IAM group named EMGroup, and add the DBA who will be managing and monitoring the Autonomous Database – Dedicated using Oracle Enterprise Manager to this group. Note that this DBA user must have an account in Oracle Cloud Infrastructure.

    See To create a group in Oracle Cloud Infrastructure documentation.

  2. Create the following policy to allow the DBA in EMGroup to manage and monitor the Autonomous Database – Dedicated using Oracle Enterprise Manager:

    Allow group EMGroup to manage autonomous-database in compartment <compartment in which the Autonomous Database resides>

    See To create a policy in Oracle Cloud Infrastructure documentation.

  3. Create a security list and add the following ingress rule to ensure secure access:

    Rule for accessing Autonomous Database – Dedicated in the Oracle Cloud Infrastructure VCN from Oracle Enterprise Manager deployed on premises, allow TCP/TCPS traffic for the port value specified in the tnsnames.ora file in the OCI Client Credential (Wallet).

    For information, see:

  4. Unlock the adbsnmp user, which is created out-of-the-box when the Autonomous Database – Dedicated is created in Oracle Cloud Infrastructure. This account is locked by default and you can reset the password and unlock it using Oracle Enterprise Manager or a SQL client.