rw

Published August 26th, 2024.
Updated August 29th, 2024 with a Terraform deployment module.

Introduction Oracle Analytics Platform

The Oracle Analytics platform comprises OAC (Oracle Analytics Cloud) and OAS (Oracle Analytics Server). It supports the efforts of every analytics user role. AI and ML are embedded throughout the platform to accelerate productivity and power better business decisions. Features include:

  • Data visualization and storytelling
  • Machine learning
  • Mobile analytics
  • Open data source connectivity
  • Data preparation and enrichment
  • Enterprise data modeling

OAC PLATFORM

This post guides you in preparing the following OCI (Oracle Cloud Infrastructure) identity components before provisioning Oracle Analytics services such as OAC and FDI:

  • Compartment
    • Identity Domain
      • Administrative User Account
    • Identity Domain Region Replication
  • Policy

It includes architectural diagrams, component descriptions, deployment scenarios, and links to other references.

Prerequisites

Following the guidance in this post requires:

  • An existing OCI tenancy.
  • An OCI Administrator with the authority to:
    • Manage Compartments
    • Manage Identity Domains
    • Manage Policies
Topics
rw
Architecture
Initial State

Slide53

This diagram depicts an OCI region in a customer’s cloud account (tenancy).

Prepared State

Slide54

This diagram depicts the initial OCI components recommended for Oracle Analytics services.

rw
Components

The prepared architecture has these components:

  • Compartment
    • Identity Domain
      • User Group
        • User Account
    • Identity Domain Replication
  • Policy
    • Policy Rules

Compartment

Oracle recommends a separate compartment for each Oracle Analytics environment for the separation of duties; for example, a Service Administrator in a test environment may not be a service administrator in the production environment.

Compartments organize and isolate cloud resources. They span all subscribed regions in the tenancy.

Identity Domain

Oracle recommends a separate identity domain for each Oracle Analytics environment for the separation of duties.

Identity domains are containers for managing users and roles, federating and provisioning users, applications, Single Sign-On (SSO) configurations, Identity Providers, and security settings (such as MFA). They represent user and group populations in OCI.

User Account

The user that provisions an identity domain receives a user account assigned to the prebuilt Domain Administrators group. This group has prebuilt privileges and is granted, via OCI policy rules, the additional privileges necessary to provision Oracle Analytics services in a compartment and the identity domain.

Identity Domain Replication

Identity domain replication is required if resources are provisioned into a domain in a region that is not the tenancy’s home region.

An identity domain in IAM is replicated to additional regions to enable users in the domain to interact with OCI resources in the replicated region.

Policy

A policy consists of one or more policy rules.

A policy rule grants a group privileges to interact with resources in a tenancy or compartment. Before creating services, Identity Domain administrators must have privileges to manage resources in a compartment.

rw
Deploy

OCI Terraform

The OCI Terraform provider allows you to use Terraform to interact with OCI resources.
Refer to the Deploy Initial Components for Oracle Analytics Services blog post for a Terraform deployment module and guidance on using it.

Several other frameworks exist to deploy the components:

  • OCI Console

    The OCI Console provides a single interface to manage all cloud services.

  • OCI APIs (Application Programming Interface)

    The OCI APIs are REST APIs that use HTTPS requests and responses.

  • OCI CLI (Command Line Interface)

    The OCI CLI is a small footprint tool that can be used alone or with the OCI Console to complete OCI tasks. The CLI provides the same core functionality as the Console, plus additional commands. Some of these, such as the ability to run scripts, extend Console functionality.

A typical provisioning sequence illustration follows:

  • Create a compartment for each planned environment, e.g., Production, Development, and Testing.
  • Create an identity domain in each compartment.
    • If the region designated for Oracle Analytics services is different than the tenancy’s home region, replicate the domain to the designated region.
  • Create a Policy and Policy Rule allowing the Domain Administrators group to manage the resources in the environment’s compartment.
rw
Explore More

An example environment that is ready for OAC has been provisioned.

Explore more about Oracle Analytics by visiting the community, blogs, and library.

Explore Analytics Platform Features
rw
var coll = document.getElementsByClassName(“collapsible”); var i; for (i = 0; i < coll.length; i++) { coll[i].addEventListener("click", function() { this.classList.toggle("active"); var content = this.nextElementSibling; if (content.style.display === "block") { content.style.display = "none"; } else { content.style.display = "block"; } }); }