Tuesday, November 20, 2018

#666 Managing OIC - Instance Management - Users & Roles

I see the above when I log into my account at cloud.oracle.com
I click on Autonomous Integration

In the above, I can manage existing OIC instances and provision new ones.

Let's look at Management first -

OIC Instance Management

The first menu option takes me to the OIC home page, when I can create integrations, processes etc.

Start/Stop -

Stop does the following -
-Integration endpoints are quiesced.
-Process instances are quiesced.
-Runtime is quiesced.
-Scheduled integrations do not execute.
-Database purging continues to run.
-REST APIs are available for use.
-Design time is available for use.

Start - starts all of the quiesced above.

Add Tags - tags can be used for categorising and searching your instances.

Scale Instance - from the docs -

You can increase or decrease the number of message packs for your instance based
on the demand. The maximum number of message packs for an instance is based on
your license type. For a bring your own license type (BYOL), the instance can have a
maximum of 3 message packs and each message pack adds 20K Messages per Hour
Pack to your instance. If you don’t have a BYOL license type, the instance can have a
maximum of 12 message packs and each message pack adds 5K Messages per Hour
Pack to your instance.

So what happens if you need to cater for more than 60k msgs per hour?
You simply add another OIC instance.

Remember, you are charged hourly, based on the number of 5K msg packs you specify.
So scaling here will directly affect your charges.

Change License Type - enables BYOL

Delete - scraps the OIC instance

OIC Provisioning 

Very simple -

Note: I have selected the BYOL option above

If I select the other license type -

That's it!

Read a couple of pages of The Hare of the Dog, available from Amazon, and then your instance is ready for use.

Provisioning users and assigning OIC Roles

So what do users, with these roles, see when they login to OIC?

Let's create one -

I define the user in ID CS -

I assign the roles to that user, back in the user management of OIC -

ServiceUser Role

Let's assign the role ServiceUser to Nuada

I now login to OIC as Nuada -

Note - I only see the Integrations IDE link.

But I have limited permissions within Integration.

I have View Only access to Integrations -

I cannot activate an integration -

I do, however, see all of the monitoring dashboards -

However, this role can be used for OIC Integration clients.
e.g. my integration is exposed as a REST service and my client want to
test this from Postman. My client needs to authenticate herself against OIC.
Giving her this role allows her to call the api but doesn't allow her to do anything in
OIC designtime.

ServiceDeployer Role

I now assign the above role to Nuada.

I login to OIC and see -

I click on the Integrations link

So the ServiceDeployer has no permissions whatsoever.
It is not applicable to Integration.

ServiceMonitor Role

Nuada can now only see the Monitoring page(s).

ServiceDeveloper Role

I login to OIC -

and have full functionality.

No comments: