RedThunder.Blog

Oracle Cloud Infrastructure OCI Gen-2 Cloud Security – Part IV (Key Management)

So far, I have discussed generic security concepts, IAM and Networking pertains to OCI Gen-2 Cloud. In this part I am going to discuss the Key Management Service that is available in Oracle Cloud Infrastructure OCI Gen-2 Cloud.

Oracle Cloud Infrastructure Key Management Service OCI KMS is a managed service that provides you with centralized management of the encryption of your data. KMS can be used to create master encryption keys and data encryption keys. KMS helps to rotate keys to generate new cryptographic material, enable or disable keys for use in cryptographic operations, assign keys to resources, and use keys for encryption and decryption.

Oracle Cloud Infrastructure OCI Gen-2 Cloud Security – Part III (Networking)

In my previous blog posts, I have discussed the generic security concepts and Identity and Access Management in OCI. This part of the series discusses OCI Networking Service. Its concepts and best practices for securing networks in OCI.

High-throughput and reliable networking is fundamental to public-cloud infrastructure that delivers compute and storage services at scale. As a result, Oracle has invested significant innovation in Oracle Cloud Infrastructure networking to support requirements of enterprise customers and their workloads. Oracle Cloud Infrastructure regions have been built with a state-of-the-art, non-blocking Clos network that is not over-subscribed and provides customers with a predictable, high-bandwidth, low latency network. The data centers in a region are networked to be highly available and have low-latency connectivity between them.

In this post, I will go into depth on the components that make up the networking layer, and the security rules which can be applied to them.

Continue reading “Oracle Cloud Infrastructure OCI Gen-2 Cloud Security – Part III (Networking)”

Oracle Cloud Infrastructure OCI Gen-2 Cloud Security – Part II (Identity and Access Management)

In my previous blog post Oracle Cloud Infrastructure OCI Gen-2 Cloud Security – Part I , I have discussed the seven pillars of information security upon which Oracle Cloud Infrastructure OCI (Oracle Gen-2 Cloud) is built. The cloud shared security and responsibility model was discussed along with the concepts such as Regions, Availability Domains and Fault Domains. This part discusses the Identity and Access Management for OCI. It provides authentication and authorisation for all the OCI resources and services.

An enterprise can use single tenancy shared by various business units, teams, and individuals while maintaining the necessary security, isolation, and governance, and this post will go into the concepts involved in this.

Oracle Cloud Infrastructure OCI Gen-2 Cloud Security – Part I

Previously, I have discussed Oracle’s overall information security portfolio in blog entry – Oracle Information Security – Where it begins, Where it ends. It was pertaining to information security in Oracle Cloud Infrastructure – Classic and On-Premises suite of products including Identity and Access Management and Database Security.

In a series of five blog posts, I am going to cover the security concepts in Oracle Cloud Infrastructure (aka OCI or Oracle Gen-2 Cloud). The Oracle Cloud Infrastructure (OCI) is a trusted enterprise cloud platform that offers customers deep control with unmatched security. It provides Oracle customers with effective and manageable security to confidently run their mission-critical workloads and store their data.

AUSOUG Connect 2018 – Talking Dev

In November 2018, I had the privilege to attend the Australian Oracle User Group national conference “#AUSOUG Connect” in Melbourne. My role was to have video interviews with as many of the speakers and exhibitors at the conference. Overall, 10 interviews over the course of the day, 90 mins of real footage, 34 short clips to share and plenty of hours reviewing and post-editing to capture the best parts.

Continue reading “AUSOUG Connect 2018 – Talking Dev”

Oracle Engagement Cloud Event Processing using Sales Cloud Adapter within Oracle Integration Cloud !!!

Recently, I been part of one POC where I have learned how we can consume Business Events from Oracle Engagement Cloud.

Oracle Engagement Cloud is a Software as a Service (SaaS) offering from Oracle which provides unified Sales and Service Capabilities, includes sales force automation to manage the full sales lifecycle including leads, accounts, contacts, opportunities, assets, activities, assessments, and forecasts. Leverage content on mobile, the web, and email applications etc.

Beneath the hood, there are several business object e.g. Account, Contact, Plan, Opportunity, service request etc. which form the data model to store data in back-end and exchange data with other systems.

In this blog, I will be simply demonstrating the prerequisite which are required to configure inside Oracle Engagement Cloud and OIC Sales Cloud Adapter configuration.

Continue reading “Oracle Engagement Cloud Event Processing using Sales Cloud Adapter within Oracle Integration Cloud !!!”

Visual Builder Cloud Service – Dynamic Elements

I’ve been using VBCS for awhile now and it has really evolved over the past nine months. I guess that’s one of the wonderful things about these PaaS offerings from Oracle; we don’t have to wait so long for new features and capabilities.

One thing I wanted to do, but it isn’t directly supported in VBCS yet, is to have dynamic displays. I’ve done quite a bit of programming in native JavaScript and Oracle JET where I’ve used web sockets to make my graphs and gauges change automatically without the need for a refresh button.

Well, I figured out a way to do this in VBCS. Now I will admit right away, this is pretty ugly, so if you are a software development purist, please turn off your TV now!

Continue reading “Visual Builder Cloud Service – Dynamic Elements”

Teaching How to Generate Wildcard SSL Certificates for your LBaaS

Security is super important, but also annoying. From a backend developer mindset, all I want is to build great services exposed as APIs that the world can consume with ease. The problem is that in most cases, consumption of my endpoints will be blocked by browsers and other tools/client unless they are exposed as HTTPS with valid SSL certificates.

In this blog, I am going to show you how to use Let’s Encrypt to create your own “Wildcard SSL Certificate” for your existing domain, for example: *.mydomain.com – Then I am going to show you how to assign this certificate to your Oracle LBaaS Listener endpoint.

Continue reading “Teaching How to Generate Wildcard SSL Certificates for your LBaaS”

Oracle MFT – OIC Integration

Even in a day and age where event-based and real-time data exchange is prevalent and growing, the truth is there are still massive amounts of data exchanged using file transfer mechanisms. Oracle has always played in this realm, but with limited success. The Oracle Managed File Transfer (MFT) application is pretty good, but nothing to write home about… or write a blog about! 😀

One reason is because moving files around and using FTP servers is not very glamorous. Another reason is because the Oracle MFT management dashboard is pretty limited. It is able to monitor various aspects of a file transfer, report success or failure and allow you to resend files. But it has no business context or the ability to understand how a file might be part of a larger business process.

Selection_341

Continue reading “Oracle MFT – OIC Integration”

Teaching How to Get Started with Oracle Container Engine for Kubernetes (OKE)

In a previous blog, I explained how to provision a Kubernetes cluster locally on your laptop (either as a single node with minikube or a multi-node using VirtualBox), as well as remotely in the Oracle Public Cloud IaaS. In this blog, I am going to show you how to get started with Oracle Container Engine for Kubernetes (OKE). OKE is a fully-managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud on Kubernetes.