RDS Oracle does not support on-prem AD authentication. How do you control/monitor/track what DB users/admin do on the Oracle RDS instances?
I'm not sure if this is what you need, but you can enable cloudTrail on your db instance, to monitor api calls and db access.
Please read more on: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/logging-using-cloudtrail.html
Related
I have a DB System in Oracle Cloud with a database.
I was wondering if connections directly to the database in the VM are encrypted. I know that connections to AWS RDS databases are encrypted.
I'm connected directly from SQL Developer to the database without SSH tunneling.
The database is inside a VM Machine and not an autonomous database.
Can anyone help with that please ?
Here is the connection string :
Easy connect connection string
someprefix.subXXXXXXXXXX.xxxxxxx.oraclevcn.com:1521/Some_Name.subXXXXXXXXXX.xxxxxxx.oraclevcn.com
Long connection string
(DESCRIPTION=(CONNECT_TIMEOUT=5)(TRANSPORT_CONNECT_TIMEOUT=3)(RETRY_COUNT=3)(ADDRESS_LIST=(LOAD_BALANCE=on)(ADDRESS=(PROTOCOL=TCP)(HOST=10.0.0.85)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=Some_Name.subXXXXXXXXXX.xxxxxxx.oraclevcn.com)))
Thanks.
Cheers,
While connecting to Oracle 12c database from Java 8 client code, I got error -"ORA-28040: No matching authentication protocol exception" This was resolved by adding SQLNET.ALLOWED_LOGON_VERSION=8 in sqlnet.ora file.
Now, when I connect to AWS oracle RDS instance from code running in EC2 instance (RDS and java application running in same subnet), result in same error. Is there an option to add parameter(SQLNET.ALLOWED_LOGON_VERSION=8) in AWS Oracle RDS instance? How can resolve this issue?
The AWS docs list the params you can alter for your needs.
sqlnetora.sqlnet.allowed_logon_version_client
sqlnetora.sqlnet.allowed_logon_version_server
I suggest you to play with those.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ModifyInstance.Oracle.sqlnet.html
I'm looking for Amazon RedShift Service Provider. Despite myinvestigations, I only find provider Amazon S3 Bucket. How can find service provider and user's guide.
if Service Provider is a way to connect to the DB and run queries you can use some standard SQL provider or Postgres provider
I am trying to configure Oracle Apex on Amazon AWS ec2 and using Oracle RDS as Database instance. I have registered as free user for learning purpose. This is the first time I am configuring ec2 + ORDS for oracle Apex.
While i am configuring ORDS for Oracle Apex (ec2) and hitting command: java -jar ords.war
It asks to "Enter the username with SYSDBA privileges to verify the installation [SYS]:" but I my user doesn't have SYS privileges and I am unable to grant SYS privileges to it.enter image description here
Could some help me out with this. I am stuck at this point and unable to start APEX due to this.
I have attached the error
According to user MichaelB#AWS (Amazon staff account):
For the issues with ORDS, you should skip (by entering "2") steps
involving the ORDS schema and PL/SQL gateway. The ORDS schema is not
required to support the APEX RESTful listener, and is not currently
supported on RDS Oracle. The specific options may vary between
versions of ORDS.
https://forums.aws.amazon.com/thread.jspa?messageID=711534
The APEX+APEX_DEV options do not create the correct ORDS users, in particular there's no ORDS_METADATA created which is where most of the important ORDS packages and data are stored. Without SYSDBA (not available on RDS) you won't be able to install ORDS either.
From the documentation:
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.html
the minimal ORDS.war configuration and associated schemas needed to get APEX working is available on Amazon's RDS as a replacement for the deprecated APEX Express Listener. It isn't a complete install of ORDS for RESTful services.
The solutions are:
Wait for Amazon to support ORDS on RDS
Install Oracle yourself on an EC2 instance and forget RDS
I'm trying to connect into my mac with the endpoint that AWS give me but i can't.
Yes, You can.
These are the AmazonRDS settings.
and this is the SQL Developer connection window
database host name should be the AWS endpoint & SID should be the AWS DB Name.
You can connect to database instance in RDS by using the endpoint and the credentials associated with the rds instance
Refer the below link for guidance:
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_GettingStarted.CreatingConnecting.Oracle.html
Also ensure that the security group associated with the RDS instance has appropriate port open for oracle connection.