Create a Oracle Cloud Object Storage connection to read data from or write data to Oracle Cloud Object Storage files. You can use Oracle Cloud Object Storage connections to specify sources and targets in mappings and mapping tasks.
Prerequisites
Before you create an Oracle Cloud Object Storage connection to read from or write to Oracle Cloud Object Storage, be sure to complete the prerequisites.
Configure Oracle Cloud Infrastructure policies
As a user, you can use Oracle Cloud Object Storage Connector after the organization administrator creates a minimal Oracle Cloud Infrastructure (OCI) Identity and Access Management (IAM) policy for Oracle Cloud Object Storage Connector.
The Oracle Cloud Infrastructure policy defines the resources that users and groups can access in an OCI account and how to access them. You can use policies to manage certain types of resources in a specific compartment in certain ways.
You need to perform the following tasks:
1Define users, groups, and one or more compartments to hold the cloud resources for your organization.
2Create the policies.
3Place users into the appropriate groups depending on the compartments and resources they need to work with.
4Provide the users with the one-time passwords that they need to access the console and work with the compartments.
Allow group <group_name> to <verb> <resource-type> in compartment <compartment_name>
For example,
Allow group ObjectReaders to read buckets in compartment ABC
Allow group ObjectWriters to manage objects in compartment ABC where any {request.permission='OBJECT_CREATE', request.permission='OBJECT_INSPECT'}
You need to add the following policies to configure the Oracle Cloud Object Storage connection, access objects, and run mappings:
•Policies for Oracle Cloud Object Storage test connection
Allow group <group_name> to inspect object-family in compartment <compartment_name>
Allow group <group_name> to inspect buckets in compartment <compartment_name>
•Policies for Oracle Cloud Object Storage sources
Allow group <group_name> to inspect buckets in compartment <compartment_name>
Allow group <group_name> to read object-family in compartment <compartment_name>
•Policies for Oracle Cloud Object Storage targets
Allow group <group_name> to manage inspect buckets in compartment <compartment_name>
Allow group <group_name> to manage object-family in compartment <compartment_name>
Prepare for authentication
You can configure the following authentication methods for Oracle Cloud Object Storage Connector:
ConfigFile authentication
The ConfigFile authentication uses identity credentials of Oracle Cloud Infrastructure (OCI) account provided through a configuration file for authentication. This authentication method is based on the profile selected in the configuration file.
You can create a configuration file in the following format:
You require the user OCID, fingerprint, and tenancy OCID information from the OCI account for the configuration file.
For more information about the steps to extract the identity credentials from the Oracle Cloud Infrastructure Console, see the Oracle Cloud Infrastructure documentation.
By default, the OCI configuration file is located at ~/.oci/config on the Secure Agent machine. The ~/.oci/config file can contain several profiles. The default profile name is DEFAULT. You can change the default profile name to any new profile names based on the profiles that you add to the ~/.oci/config file. The ~/.oci/config file cannot contain two profiles with the same name.
Simple authentication
The simple authentication uses API keys for authentication. You can provide the authentication details in the Oracle Cloud Object Storage connection. You need to place the private key file in the Secure Agent machine.
You require the user OCID, fingerprint, and tenancy OCID information from the Oracle Cloud Infrastructure account to create an Oracle Cloud Object Storage connection.
For more information about the steps to extract the identity credentials from the Oracle Cloud Infrastructure Console, see the Oracle Cloud Infrastructure documentation.
Connect to Oracle Cloud Object Storage
Let's configure the Oracle Cloud Object Storage connection properties to connect to Oracle Cloud Object Storage.
Before you begin
Before you get started, configure the Oracle Cloud Infrastructure policies and get the required information from your Oracle Cloud Infrastructure account based on the authentication type that you want to configure.
Check out Prerequisites to learn more about these tasks.
Connection details
When you create an Oracle Cloud Object Storage connection, configure the connection properties.
The following table describes the basic connection properties:
Property
Description
Connection Name
The name of the connection.
Each connection name must be unique within the organization. Connection names can contain alphanumeric characters, spaces, and the following special characters: _ . + -,
Maximum length is 255 characters.
Description
The description of the connection. Maximum length is 4000 characters.
Type
Oracle Cloud Object Storage
Runtime Environment
The name of the runtime environment where you want to run tasks.
Select a Secure Agent.
Authentication types
You can configure ConfigFile or simple authentication to connect to Oracle Cloud Object Storage. Select the required authentication type and then configure the authentication-specific parameters.
Default is ConfigFile Authentication.
ConfigFile authentication
The following table describes the basic connection properties for ConfigFile authentication:
Property
Description
Region
The Oracle Cloud Infrastructure region where the object storage bucket resides.
Select the Oracle Cloud Object Storage region from the list.
Bucket Name
The Oracle Cloud Object Storage bucket name that contains the objects.
Advanced settings
The following table describes the advanced connection properties for ConfigFile authentication:
Property
Description
Configuration File Location
The absolute path of the configuration file on the Secure Agent machine.
If you do not enter the value, the Secure Agent uses the following configuration file path: ~/.oci/config
Profile Name
The name of the profile in the configuration file that you want to use.
Default is DEFAULT.
Folder Path
The folder under the specified Oracle Cloud Object Storage bucket.
For example, bucket/Dir_1/Dir_2/FileName.txt. Here, Dir_1/Dir_2 is the folder path.
Simple authentication
The following table describes the basic connection properties for simple authentication:
Property
Description
User OCID
The unique identifier of the user in Oracle Cloud Infrastructure.
For example, ocid1.user.oc1..aaaaaaaaherdgpjknqzrwbdc7n5ksokkot7c5jngtx3pgolr7oqbw7xzksza
Fingerprint
The fingerprint of the public key.
Tenancy OCID
The unique identifier of the tenancy in Oracle Cloud Infrastructure. The tenancy is the globally unique name of the Oracle Cloud Infrastructure account.
For example, ocid1.tenancy.oc1..aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq
Private Key File Location
The location of the private key file in .PEM format on the Secure Agent machine.
Region
The Oracle Cloud Infrastructure region where the object storage bucket resides.
Select the Oracle Cloud Object Storage region from the list.
Bucket Name
The Oracle Cloud Object Storage bucket name that contains the objects.
Advanced settings
The following table describes the advanced connection property for simple authentication:
Property
Description
Folder Path
The folder under the specified Oracle Cloud Object Storage bucket.
For example, bucket/Dir_1/Dir_2/FileName.txt. Here, Dir_1/Dir_2 is the folder path.
Proxy server settings
If your organization uses an outgoing proxy server to connect to the Internet, the Secure Agent connects to Informatica Intelligent Cloud Services through the proxy server.
You can configure the Secure Agent to use the proxy server on Windows and Linux. You can use the unauthenticated or authenticated proxy server.
Note: You cannot use a proxy server with managed identity authentication.
You can use one of the following types of proxy servers:
•Unauthenticated proxy - Requires only the host and port address for configuration.
•Authenticated proxy - Requires the host address, port address, user name, and password for configuration.
To configure proxy settings for the Secure Agent, use one of the following methods:
•Configure the Secure Agent through the Secure Agent Manager on Windows or shell command on Linux.