Oracle Cloud Infrastructure Documentation

Oracle Cloud Database-related Prerequisites

In order to enable and use Ops Insights with your cloud databases, you must ensure all prerequisites are met.

Prerequisites for Oracle Cloud Databases

  • To enable and use Ops Insights for Oracle Cloud Databases, you must grant a database user, such as DBSNMP, the privileges required to access and monitor the Oracle Cloud Database. Important: When selecting a CDB, the database user must be a common user for all PDBs within the CDB.
    SQL> GRANT SELECT ANY DICTIONARY, SELECT_CATALOG_ROLE TO DBSNMP;
    For instructions on how to set up Oracle Database monitoring credentials, see Creating the Oracle Database Monitoring Credentials for Oracle Cloud Infrastructure Database Management and Ops Insights (Doc ID 2857604.1).
  • Before starting to add databases in Ops Insights execute the best practice script steps outlined in OCI : Best Practices / Troubleshooting Guide For Monitoring Databases In Ops Insights (Doc ID 2942938.1).
    Note

    It is strongly recommended the script be run every 6 months or if any databases are missing the storage or tablespace data.
  • Security best practices require that you change your passwords frequently, especially database passwords. The Security Technical Implementation Guide (STIG) and the Center for Internet Security (CIS) security benchmarks require regular password rotation. Oracle Database password lifetime is controlled through the user profiles, for more information see: Using a Password Management Policy.

    Changing the passwords for interactive database users such as DBAs is easy; they are forced to change it the next time they log into the database after their password has expired. However, the situation is more complicated when the database account is supporting an application like Database Management or Ops Insights running on multiple mid-tiers. If the password is changed in the database but not yet in these systems, they could repeatedly attempt to log in with the old password. This could result in account lockouts and potential service interruptions.

    Now you can follow security best practices for password update AND maintain application availability, this feature is available for Oracle Databases 19.12 and above. For more information see: Managing Gradual Database Password Rollover for Applications.