Intro to Oracle Cloud

Transcript

1. Intro to Oracle Cloud Justin Biard Principal Member of Technical

   Staff, Oracle July 14, 2025 (opinions presented are my own)

2. Building in the cloud As of Mid-2025: SaaS: Software as

   a Service PaaS: Platform as a Service IaaS: Infrastructure as a Service 2

3. 3 Overview of a Cloud Use Case Customers 10.0.1.0/24 IAM

   Policies Example OCI Service public ip private ip 129.1.2.3 Oracle Cloud Tenancy COMPARTMENT / REGION+

4. 4 Two primary resource types for Database Tools: • Connections

   • Use private endpoints (optional) • Store database connection details • Use secrets from Secrets in Vault • Private Endpoints • Access databases in private subnets • Access databases with a network access control list (ACL) Example OCI Service: Database Tools

5. 5 OCI Console Demo

6. Theory: What is Infrastructure as Code? Configuration of cloud infrastructure

   resources documented as code (a configuration language) terraform { ... } Network Load Balancer Database Fryer Compartment Policy Drying Rack Virtual Machine ./my-project/main.tf 6

7. Why use Tools like Terraform / OpenTofu? Abstraction: Abstract the

   logic of each cloud API to a Terraform provider Reconciliation: Reconcile changes to resources against a known good config Automation: Automate tedious or manual infrastructure tasks (vs. console clicks) Comprehension: Comprehend of the scope and scale of deployed infrastructure 7

8. Theory: Resource state reconciliation Terraform state is reconciled and updated

   based on changes to the actual cloud resources terraform { ... } Cloud Service Version Control {tfstate} 8

9. Enough theory! How do we code it? • Configure a

   remote backend or use local (default) • Declare and configure providers • Declare resources (defined as code) • Add variables and modules as needed (refactor?) • Add outputs as needed • Terraform apply -> Donuts as a Service! $ terraform apply 9

10. Automation: OCI Terraform Provider 10 • OCI Services are supported

    by the OCI Terraform provider: resource "oci_database_tools_database_tools_connection" "…" { user_name = "ADMIN" connection_string = each.value ... } docs.oracle.com/en-us/iaas/tools/terraform-provider-oci/latest/index.html

11. 11 Terraform Demo

12. Example use case: ADB w/ private endpoint 12 Resources: •

    VCN + Private Subnet • ADB • Vault • Private endpoint • Connection Vault will contain: • Password secret • Optionally: auto-login wallet secrets [endpoint] .adb.[region] .oraclecloud.com

13. Managing resources: Prerequisites 13 • Non-tenancy administrators will need IAM

    policies • Define a logical role (group) for "resource managers" • Create policies to manage resources in a compartment (or tenancy) References: • https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policies.htm allow group <group_name> to manage … in compartment <compartment_name>

14. Using resources, example: use connections 14 • Non-tenancy administrators will

    need IAM policies • Define a logical role (group) for "connection users" • Create policies to read secrets in the vault • Create policies to use Database Tools connections References: • https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/policies.htm • https://docs.oracle.com/en-us/iaas/database-tools/doc/policies.html allow group <group_name> to read secret-family in compartment <compartment_name> allow group <group_name> to use database-tools-connections in compartment <compartment_name>

15. Automation: OCI CLI 15 • OCI services are supported by

    the OCI CLI, for example: • CRUD and list operations are supported • Validation operations are supported for Connection resources $ oci dbtools connection get --connection-id ocid1...<your-connection-ocid-here> # see the help for more information about options $ oci dbtools --help docs.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/dbtools.html

16. Automation: OCI Language SDKs 16 docs.oracle.com/en-us/iaas/database-tools/doc/sdk-examples.html • Database Tools is

    supported by the OCI SDKs: (Java, Go, Python, etc.) response, err := client.CreateDatabaseToolsConnection(cfg.Ctx, databasetools.CreateDatabaseToolsConnectionRequest{ CreateDatabaseToolsConnectionDetails: details, }) if err != nil { return nil, err }

17. Thank you! Find me at: • icodealot.com • @icodealot -

    x.com, bsky.app 17