Do you know steampipe.io by Turbot? When you search for steampipe.io you will get this answer: “Steampipe is an open-source tool to instantly query your cloud services like AWS, Azure….” And this looks like a perfect match for my Oracle Cloud Infrastructure account. With steampipe.io and simple SQL query syntax, you can gather data from your account like running compute instances, block volume used and so on. The tool supports a large number of vendors like Zoom, Splunk, GitHub and many more, not only the cloud providers. From the technical perspective, a PostgreSQL foreign data wrapper extension (FDW) is used to get data from the specified API, in this case the API from Oracle Cloud Infrastructure. Sure, for Oracle Cloud…
Read MoreOracle 19c – How to exclude AUDSYS schema data in a Datapump full export – it’s all about the filter
22.11.2022 – Update with Inputs from Roy Swonger, thank you Roy Why do we have AUDSYS data in our Oracle Data Pump full export? In a customer project, I was asked why there is always data of schema owner AUDSYS included in an Oracle Data Pump full export. The AUDSYS schema contains Unified Audit Trail Records and therefore the data is included when the feature is enabled. The demo case is a 19.15 Container Database with a PDB. The demo schema HR is loaded and there is a Unified Auditing Policy which gathers information whenever data from the schema HR are selected. SQL> SELECT parameter, value FROM v$option WHERE parameter = ‘Unified Auditing’; PARAMETER VALUE ——————– ——————– Unified Auditing…
Read MoreOracle Cloud Infrastructure – Vulnerability Scanning Report Deletion – Quick Tip
When I tried to delete and old compartment where VCN, Compute Instances and Co. were already deleted, the action failed because there were old Vulnerability Scanning reports available for hosts and ports. And they need to be deleted first before a compartment can be deleted. The error message with the resource ids: Method A) – click by click Here are the scan reports for tab Hosts. You can delete them one by one when clicking on the dropdown menu of the line. But, this is not really an option with over 300 list entries… Method B) – OCI CLI Bulk Delete Based on installed OCI CLI, this is a small script which iterates over all entries of a specific compartment…
Read MoreOracle Cloud Infrastructure – iSCSI Block Volume Attachment – the magic Way
Have you always attached an OCI Block Volume to a Compute Instance? If yes, I assume by console or OCI CLI and then executed manually the iSCSI commands to attach the device on OS level. But wait, here is a magic way to attach the Block Volume – by the Oracle Cloud Agent. Prerequisites Attached Service Gateway in VCN Oracle Cloud Agent software installed on the instance Enable the Block Volume Management plugin Verify Compute Instance disk status Create a Block Volume and attach Block Volume to Compute Instance OCI Tool oci-iscsi-config The OCI CLI method – the expressway If you want to auto-attach a high-performance block volume (multipath enabled) or a block volume where auto-tune is enabled, these two…
Read MoreOracle Cloud Infrastructure – Identity Service Vulnerability – Verify your Accounts NOW!
Today I was called by an allied sales from Oracle Switzerland (thanks Andreas). The main contact of the OCI tenant got an email in case of an identity service vulnerability in the past days. As I am not the main contact but the technical admin, I asked the tenant contact. An indeed, there was a mail arrived at 14th of June which was not forwarded to me. Oracle Security Notification for Oracle Cloud Infrastructure (OCI) Identity Service vulnerability CVE-2022-21503 (Doc ID 2861245.1) As a result of this vulnerability, administrators and their designees with read-access to the OCI audit-records in your tenancy could have viewed some credentials in clear text. These administrators and their designees could have used such credentials to…
Read More