General Information
Library Note
Morgan's Library Page Header
ACE Director Alum Daniel Morgan, founder of Morgan's Library, is scheduling
complimentary technical Workshops on Database Security for the first 30
Oracle Database customers located anywhere in North America, EMEA, LATAM, or
APAC that send an email to
asra_us@oracle.com . Request a Workshop for
your organization today.
Purpose
Administrative procedures for actions in the Oracle Autonomous Cloud Database environment.
AUTHID
DEFINER
Constants
Name
Data Type
Value
KMS Constants
CUSTOMER_MANAGED_KEY
DBMS_ID
'CUSTOMER_MANAGED'
ORACLE_MANAGED_KEY
DBMS_ID
'ORACLE_MANAGED'
??AWS ARN Credential
AWS_ARN_CRED
DBMS_ID
'"AWS$ARN"'
OCI Resource Principal Credential
OCI_RPST_CRED
DBMS_ID
'"OCI$RESOURCE_PRINCIPAL"'
Dependencies (not based on Autonomous Database)
Documented
No
Exceptions
Error Code
Reason
-20001
invalid_service
-20002
service_not_exist
-20003
default_service
First Available
21c
Security Model
Owned by SYS with no privileges granted
Source
{ORACLE_HOME}/rdbms/admin/dbms_cloud_admin.sql
{ORACLE_HOME}/rdbms/admin/prvt_cloud_admin_body.plb
Subprograms
CHANGE_CHARACTER_SET (new 21c)
Changes the database character set in a pluggable database, provided there are no user objects created yet. It does not intend to convert user data
dbms_cloud_admin_internal.change_character_set(name IN VARCHAR2);
SELECT parameter, value
FROM v$nls_parameters
WHERE parameter LIKE '%LANG%'
ORDER BY 1;
PARAMETER VALUE
------------------ ---------
NLS_DATE_LANGUAGE AMERICAN
NLS_LANGUAGE AMERICAN
exec dbms_cloud_admin.change_character_set ('AMERICAN');
CHANGE_NATIONAL_CHARACTER_SET (new 21c)
Changes the national character set in a pluggable database, provided there are no user objects created yet. It does not intend to convert user data
dbms_cloud_admin.change_national_character_set(name IN VARCHAR2);
exec dbms_cloud_admin.change_national_character_set ('??? ');
CREATE_DATABASE_LINK (new 21c)
Creates a database link in the current database to the target database identified by ostname, port, service_name, etc.
dbms_cloud_admin.create_database_link(
db_link_name IN VARCHAR2,
hostname IN VARCHAR2,
port IN NUMBER,
service_name IN VARCHAR2,
ssl_server_cert_dn IN VARCHAR2,
credential_name IN VARCHAR2,
directory_name IN VARCHAR2 DEFAULT 'DATA_PUMP_DIR',
gateway_link IN BOOLEAN DEFAULT FALSE,
public_link IN BOOLEAN DEFAULT FALSE);
TBD
DISABLE_APP_CONT (new 21c)
Disables application continuity for a given database service name
dbms_cloud_admin.disable_app_cont(service_name IN VARCHAR2);
exec dbms_cloud_admin.disable_app_cont ('pdbdev.morganslibrary.com');
DISABLE_AWS_ARN (new 21c)
Disables users to create Amazon Resource Name credential objects in the database
dbms_cloud_admin.disable_aws_arn(username IN VARCHAR2 DEFAULT NULL);
exec dbms_cloud_admin.disable_aws_arn ('C##DBUSER');
DISABLE_RESOURCE_PRINCIPAL (new 21c)
Disables users to access resource principal credential in the database
dbms_cloud_admin.disable_resource_principal(username IN VARCHAR2 DEFAULT NULL);
exec dbms_cloud_admin.disable_resource_principal ('UWCLASS');
DROP_DATABASE_LINK (new 21c)
Drops a given database link in the current database
dbms_cloud_admin.drop_database_link(
db_link_name IN VARCHAR2,
public_link IN BOOLEAN DEFAULT FALSE);
exec dbms_cloud_drop.create_database_link ('DBMS_CLRDBLINK', FALSE);
ENABLE_APP_CONT (new 21c)
Enables application continuity for a given database service name
dbms_cloud_admin.enable_app_cont(service_name IN VARCHAR2);
exec dbms_cloud_admin.enable_app_cont ('pdbdev.morganslibrary.com');
ENABLE_AWS_ARN (new 21c)
Enables users to create an Amazon Resource Name credential objects in the database
dbms_cloud_admin.enable_aws_arn(username IN VARCHAR2 DEFAULT NULL);
exec dbms_cloud_admin.enable_aws_arn ('UWCLASS');
ENABLE_RESOURCE_PRINCIPAL (new 21c)
Enables users to access resource principal credentials in the database
dbms_cloud_admin.enable_resource_principal(username IN VARCHAR2 DEFAULT NULL);
exec dbms_cloud_admin.enable_resource_principal ('UWCLASS');
GRANT_TABLESPACE_QUOTA (new 21c)
Grants tablespace quota to PDB users
dbms_cloud_admin.grant_tablespace_quota(
username IN VARCHAR2,
tablespace_quota IN VARCHAR2);
exec dbms_cloud_admin.grant_tablespace_quota ('UWCLASS', '2 128 G');
ROTATE_ENCRYPTION_KEY (new 21c)
Allows setting a custom key as encryption key for the database using a master key pre-created in cloud key management service,
and then generates a master encryption key for the database
dbms_cloud_admin.rotate_encryption_key(
credential_name IN VARCHAR2 DEFAULT NULL,
crypto_endpoint IN VARCHAR2 DEFAULT NULL,
master_key_id IN VARCHAR2 DEFAULT NULL,
vault_id IN VARCHAR2 DEFAULT NULL);
BEGIN
dbms_cloud_admin.rotate_encryption_key (
credential_name => 'NATIVE_CRED',
crypto_endpoint => 'https://...crypto.oraclecloud.com',
master_key_id => 'ocid1.key...');
END;
/
SWITCH_TO_ORACLE_MANAGED_KEY(new 21c)
Switches the key to Oracle Managed
dbms_cloud_admin.switch_to_oracle_managed_key;
exec dbms_cloud_admin.switch_to_oracle_managed_key ;