Before you create a catalog source, ensure that you have the information required to connect to the source system.
Perform the following tasks:
•Verify permissions.
•Verify authentication.
•Configure a connection to the Oracle Cloud Object Storage source system.
Verify permissions
To extract metadata and to configure other capabilities that a catalog source might include, you need account access and permissions on the source system. The permissions required might vary depending on the capability.
Permissions for metadata extraction
To extract Oracle Cloud Object Storage metadata, you need account access and permissions to the Oracle Cloud Object Storage source system.
Verify that the administrator performs the following tasks:
•Creates a minimal Oracle Cloud Infrastructure Identity and Access Management policy.
•Defines users, groups, and one or more compartments to hold the cloud resources for your organization.
•Creates one or more policies, each written in the policy language.
•Places users into appropriate groups depending on the compartments and resources they need to work with.
•Provides the users with the one-time passwords that they need to access the console and work with the compartments.
Permissions to perform data classification
You can perform data classification with the permissions required to perform metadata extraction.
Permissions to perform glossary association
You can perform glossary association with the permissions required to perform metadata extraction.
Verify authentication
To extract Oracle Cloud Object Storage metadata, you need to perform Simple or ConfigFile Authentication.
Simple Authentication is an API key-based authentication. You provide the authentication details in the Oracle Cloud Object Storage connection. You must place the private key file in the Secure Agent machine.
You need the following information to perform Simple Authentication:
•Tenancy
•User
•Fingerprint
•Private key location
Note: Place the private key in the runtime environment you use.
•Valid bucket name
•Region
Note: The region is populated by default.
ConfigFile authentication is based on the profile selected in a configuration file. For example:
By default, the Oracle Cloud Infrastructure CLI configuration file is located at ~/.oci/config. The ~/.oci/config file can contain multiple profiles. The default profile name is DEFAULT. You can change the default profile name to a new profile name based on the profiles that you add to the ~/.oci/config file. The ~/.oci/config file cannot contain two profiles with the same name.
You need the following information to perform ConfigFile Authentication:
•The configuration file location
Note: The file needs to contain user, tenancy, fingerprint, and the private key location present in the runtime environment.
•Valid bucket name
•Profile name marked in the configuration file
• Region
Note: The region is populated by default.
Create a connection
Before you configure the Oracle Cloud Object Storage catalog source, create a connection object in Administrator.
1In Administrator, select Connections.
2Click Add Connection.
3Enter the following connection details:
Property
Description
Connection Name
Name of the connection.
Each connection name must be unique within the organization. Connection names can contain alphanumeric characters, spaces, and the following special characters: _ . + -,
Maximum length is 255 characters.
Description
Description of the connection. Maximum length is 4000 characters.
Use Secret Vault
Stores sensitive credentials for this connection in the secrets manager that is configured for your organization.
This property appears only if secrets manager is set up for your organization.
When you enable the secret vault in the connection, you can select which credentials that the Secure Agent retrieves from the secrets manager. If you don't enable this option, the credentials are stored in the repository or on a local Secure Agent, depending on how your organization is configured.
Note: If you’re using this connection to apply data access policies through pushdown or proxy services, you cannot use the Secret Vault configuration option.
Type of connection. Ensure that the type is Oracle Cloud Object Storage.
Runtime Environment
The name of the runtime environment where you want to run tasks.
Select a Secure Agent or elastic runtime environment.
Authentication Type
The type of authentication to connect to Oracle Cloud Object Storage.
You can select one of the following authentication types:
- Simple Authentication
- ConfigFile Authentication
Default is ConfigFile Authentication.
The following table describes the basic connection properties for ConfigFile authentication:
Property
Description
Region
The Oracle Cloud Infrastructure region where the object storage bucket resides.
Select the Oracle Cloud Object Storage region from the list.
Bucket Name
The Oracle Cloud Object Storage bucket name that contains the objects.
The following table describes the advanced connection properties for ConfigFile authentication:
Property
Description
Configuration File Location
The absolute path of the configuration file on the Secure Agent machine.
If you do not enter the value, the Secure Agent uses the following configuration file path: ~/.oci/config
Profile Name
The name of the profile in the configuration file that you want to use.
Default is DEFAULT.
Folder Path
The folder under the specified Oracle Cloud Object Storage bucket.
For example, bucket/Dir_1/Dir_2/FileName.txt. Here, Dir_1/Dir_2 is the folder path.
The following table describes the basic connection properties for simple authentication:
Property
Description
User OCID
The unique identifier of the user in Oracle Cloud Infrastructure.
For example, ocid1.user.oc1..aaaaaaaaherdgpjknqzrwbdc7n5ksokkot7c5jngtx3pgolr7oqbw7xzksza
Fingerprint
The fingerprint of the public key.
Tenancy OCID
The unique identifier of the tenancy in Oracle Cloud Infrastructure. The tenancy is the globally unique name of the Oracle Cloud Infrastructure account.
For example, ocid1.tenancy.oc1..aaaaaaaaba3pv6wkcr4jqae5f44n2b2m2yt2j6rx32uzr4h25vqstifsfdsq
Private Key File Location
The location of the private key file in .PEM format on the Secure Agent machine.
Region
The Oracle Cloud Infrastructure region where the object storage bucket resides.
Select the Oracle Cloud Object Storage region from the list.
Bucket Name
The Oracle Cloud Object Storage bucket name that contains the objects.
The following table describes the advanced connection property for simple authentication:
Property
Description
Folder Path
The folder under the specified Oracle Cloud Object Storage bucket.
For example, bucket/Dir_1/Dir_2/FileName.txt. Here, Dir_1/Dir_2 is the folder path.