Oracle Cloud Infrastructure Documentation

Create a Database API Gateway Configuration Pool

ORDS can be configured with one or more connection pools. Each pool manages a set of connections to a specific database and can have its own features and security settings. When making a request to ORDS, you can choose which pool to use by providing the pool route value either in the request path or in a request header. For more information, see Database API Gateway Configuration Pool Settings.

    1. To create a pool, enter the following settings:

      • Name: Enter a user-friendly name to help you identify this pool.

      • Compartment: Select the compartment that contains the Database Tool Connection.

      • Connection: Select the Database Tools Connection OCID that ORDS uses to build the pool.

      • Pool route value: Enter the string ORDS uses to select the target pool. ORDS can be globally configured to look for this value in the URL path or in the request header.

      • Features
        • Enables REST-enabled SQL Service: Enables REST-Enabled SQL, which is a REST API that allows you to run ad-hoc SQL and SQL Scripts. You can POST one or more SQL statements to the service. Database Actions, which is included in ORDS, requires this feature.

      • Pool size

        • Max pool size: Enter the maximum number of database connections allowed for the pool.
        • Min pool size: Enter the minimum number of database connections allowed for the pool.
        • Initial pool size: Enter the initial number of database connections that is created for the pool.

      • JWT authentication

        Configures how ORDS validates incoming JSON Web Tokens (JWTs), including signature verification, issuer and audience validation, and optionally role claim mapping.

        • JWKS URL (required for Bearer authentication): URL of the JSON Web Key Set (JWKS) used to validate JWT signatures.
        • Allowed issuer (required for Bearer authentication): The Issuer of acceptable JWT Tokens. ORDS matches this to the JWT iss claim.
        • Allowed audience (required for Bearer authentication): The Audience of acceptable JWT Tokens. ORDS matches this to the JWT aud claim.
        • Role claim name (optional): JSON pointer to the claim that contains user roles.
          • If not set, then ORDS uses Scope-Based Access Control.
          • If set, then ORDS uses Role-Based Access Control.

          • Specifies the JSON pointer to the claim in the JWT token that contains the roles of users.

          • The role claim name must be a valid JSON pointer and should start with /. Example: /roles.

        Advanced properties: You can add additional pool settings supported by ORDS configuration files, except:
        • Global settings already defined in the standard fields, and
        • Database-related settings such as db.username, db.password, db.*, and so on.

  • Use the oci dbtools-runtime database-api-gateway-config-pool create default command to create a Database API Gateway Configuration Pool. 

    oci dbtools-runtime database-api-gateway-config-pool create default --database-api-gateway-config-id <config-ocid>
--display-name <pool-name) --pool-route-value <route> --database-tools-connection-id <connection-ocid>
[--max-pool-size <number>] [--min-pool-size <number>] [--initial-pool-size <number>] [--jwt-profile-jwk-url <url>] 
[--jwt-profile-issuer <issuer>] [--jwt-profile-audience <audience>] [--jwt-profile-role-claim-name <claim>] 
[--database-actions-status <value>] [--rest-enabled-sql-status <value>] [--advanced-properties <json>]

    For a complete list of parameters and values for CLI commands, see the Command Line Interface (CLI).

  • Use the CreateDatabaseToolsDatabaseApiGatewayConfigPool API to create a Database API Gateway Configuration Pool.

    For information about using the API and signing requests, see REST API and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.