Tip:
Highlight text to annotate it
X
[intro music]
Hi. My name is Rick Green and I'm a curriculum developer at Oracle.
In another video, I showed how to request and activate a trial subscription to an
Oracle Cloud service.
In this video, I will show you how to administer a new Oracle Cloud
trial subscription, including the management of users and roles.
Before we proceed, let's view a diagram of the Cloud Service Provisioning workflow
to look at the role players involved in setting up an Oracle Cloud Service.
In part one of this video series, we saw that the person who requests a free trial
subscription to an Oracle Cloud Service
is automatically assigned the roles of Account Administrator, Service
Administrator, and Identity Domain Administrator.
A key task of the Identity Domain Administrator is to define the users and
the user roles that will give users their access privileges.
This is performed in a security page of the My Services application of the
cloud dot Oracle dot com website.
The Identity Domain Administrator creates users and roles for all of the
Cloud Services.
The job the Service Administrator is to develop and administer one particular
Cloud Service.
Typically it is the Service Administrator who assigns roles to each user of that
Cloud Service.
The Service Administrator is also the person who will likely provide their
users
the URL and sign in credentials to access the service.
In my role as the Identity Domain Administrator,
I will open the My Services application of the Oracle Cloud.
One way to open My Services is to click the My Services URL
in the notification email sent to the person who requested the trial
subscription.
The My Services application opens at the dashboard page.
In this example, we see two Oracle Cloud database services listed.
You manage users and roles in the security page.
I click "Security" in the upper right corner to open the security page.
In the security page
I see only one user and that's me--the person who ordered the trial
subscriptions to the Oracle Cloud database service.
In a moment, I'll add some users and assign roles to the user's
but first, let's examine the roles that are initially assigned to me.
To the far right of the listing of my username,
I click the icon with four short horizontal bars which opens a menu.
I choose "Manage Roles."
A list of roles is displayed.
Roles give users privileges. In this dialog you can assign and revoke roles.
The first row listed is my role as the Identity Domain Administrator.
Because I have ordered two subscriptions to the Oracle Cloud Database Service,
the remaining roles initially assigned to me are database related...
Database User, Database Developer, and Database Administrator.
I have sets of these three roles for both by database server subscriptions.
Now I will cancel out of this dialogue. Later we will look at creating and
assigning user roles.
I am ready to create a new user.
Note that only an Identity Domain Administrator can create users.
Then either Identity Domain Administrators or Service Administrators
can assign or revoke roles to those users. We are back in the security page.
Note the five tabs running across the top of this page.
We are in the users tab. Later we will explore the other four tabs.
In the users tab, there are two buttons. The Add button is for adding an
individual user.
The Import button is for batch uploading definitions for multiple users
by importing a CSV file. There is another video that shows you how to perform
these batch uploads of users.
Go to the Oracle Learning Library and search for the title
"How to Upload Users in Batch." In this video,
I'll add an individual user by clicking the Add button.
The Add User dialog appears.
I enter the following information...first name,
last name, and email address.
If I don't want to use the email address as the username,
I deselect the check box
and I add a user name.
I shuttle one or more roles
from the available roles
to the assigned roles.
I click Add.
After the user account is created, Oracle Cloud sends an email notifying the user
that an account was created.
the email includes the user's sign in name, a temporary password which they are
required to change when they
sign in the first time, and the name of the identity domain.
So while this e-mail gives the user the required credentials to sign in
it does not give the user the URL's to access the cloud service.
The Identity Domain Administrator or the Service Administrator must provide each
user
the URL for the My Services application and the URLs for their subscribed
services
such as the Database Cloud service.
Returning to the security page, a list of users is displayed
including my new user and myself. There are several ways to examine which roles
are assigned
to which users. One way is to simply hover the mouse cursor over the name of the
user in the Users tab.
The Identity Domain Administrator will see all rules for all Oracle Cloud
services in your identity domain.
The service administrator will only see all rules related to the services that
he or she manages
in the identity domain. We have been working in the
Users tab of the security page. The Users tab
is where administrators can add user accounts, input a batch of user accounts,
assign roles to users, modify user accounts, reset passwords,
and remove user accounts.
While we are in the security page, let's look briefly at
the four other tabs.
The SFTP users tab
is where administrators set passwords for the secure FTP system user accounts.
You use the SFTP accounts to sign in to the SFTP server
so you can upload and download files related to your Oracle Cloud service.
The roles tab... is where administrators can view a list of all the predefined
roles created by Oracle Cloud,
and link to a list of users assigned the role you select.
The custom roles tab is where Identity Domain Administrators can view,
add, and remove roles created for customized access to your Oracle Cloud
services.
The identity self service tab
is where users can change their password and change their challenge questions.
When administrators give users access to the My Service application,
the identity self service tab is the only tab that users can access in the security
page...
Let's finish this video by taking a brief look at some of the administrative
areas that can be monitored
in the My Services application.
We click "Dashboard.
In the list of services, you click the name of one of the services...
to drill down to the details of that service.
In the service details page, there are five
tiles running vertically on the left.
This overview tile is the default tile that appears. It uses a calendar to show the historical
status and availability of the service.
It also displays two graphs that illustrate two key metrics.
It displays additional information about the service including
plan, service state, subscription ID, order ID,
account, customer support identifier number (for contacting customer support),
the buyer, data center, version, status, identity domain, SFTP user account,
and service SFTP user account. The
administrative tile is for archiving applications, and locking and unlocking
the service.
The exports tile is for exporting data structures and data using
service SFTP users.
The metrics tile shows detailed historical usage data collected per day
for the past seven days for this service.
The associations tile shows if there are any associated cloud services
for this cloud service.
Let's summarize what you saw. After the user account is created, Oracle sends an email notifying the user that
an account was created.
The email provides the sign in name, a temporary password,
and the identity domain name.
After the user account is created, either an Identity Domain Administrator
or a Service Administrator must explicitly assign one or more roles to
the user.
The role controls access to applications, resources, and services.
In addition, the Identity Domain Administrator must provide the URL for
the Oracle Identity console to the user,
and provide one more service URLs to the user
depending upon the service type the user is allowed to access.
And that's it. You've now seen how to manage a new Oracle Cloud service.
including the creation of user accounts and assignment of roles.
I'm Rick Green. Thanks for watching.
[closing music]