Oracle DBMS_CLOUD_ADMIN
Version 21c

General Information
Library Note Morgan's Library Page Header
ACE Director Alum Daniel Morgan, founder of Morgan's Library, is scheduling complimentary technical Workshops on Database Security for the first 30 Oracle Database customers located anywhere in North America, EMEA, LATAM, or APAC that send an email to asra_us@oracle.com. Request a Workshop for your organization today.
Purpose Administrative procedures for actions in the Oracle Autonomous Cloud Database environment.
AUTHID DEFINER
Constants
Name Data Type Value
 KMS Constants
CUSTOMER_MANAGED_KEY DBMS_ID 'CUSTOMER_MANAGED'
ORACLE_MANAGED_KEY DBMS_ID 'ORACLE_MANAGED'
 ??AWS ARN Credential
AWS_ARN_CRED DBMS_ID '"AWS$ARN"'
 OCI Resource Principal Credential
OCI_RPST_CRED DBMS_ID '"OCI$RESOURCE_PRINCIPAL"'
Dependencies (not based on Autonomous Database)
DBMS_STANDARD    
Documented No
Exceptions
Error Code Reason
-20001 invalid_service
-20002 service_not_exist
-20003 default_service
First Available 21c
Security Model Owned by SYS with no privileges granted
Source {ORACLE_HOME}/rdbms/admin/dbms_cloud_admin.sql
{ORACLE_HOME}/rdbms/admin/prvt_cloud_admin_body.plb
Subprograms
CHANGE_CHARACTER_SET ENABLE_APP_CONT
CHANGE_NATIONAL_CHARACTER_SET ENABLE_AWS_ARN
CREATE_DATABASE_LINK ENABLE_RESOURCE_PRINCIPAL
DISABLE_APP_CONT GRANT_TABLESPACE_QUOTA
DISABLE_AWS_ARN ROTATE_ENCRYPTION_KEY
DISABLE_RESOURCE_PRINCIPAL SWITCH_TO_ORACLE_MANAGED_KEY
DROP_DATABASE_LINK  
 
CHANGE_CHARACTER_SET (new 21c)
Changes the database character set in a pluggable database, provided there are no user objects created yet. It does not intend to convert user data dbms_cloud_admin_internal.change_character_set(name IN VARCHAR2);
SELECT parameter, value
FROM v$nls_parameters
WHERE parameter LIKE '%LANG%'
ORDER BY 1;

PARAMETER          VALUE
------------------ ---------
NLS_DATE_LANGUAGE AMERICAN
NLS_LANGUAGE      AMERICAN

exec dbms_cloud_admin.change_character_set('AMERICAN');
 
CHANGE_NATIONAL_CHARACTER_SET (new 21c)
Changes the national character set in a pluggable database, provided there are no user objects created yet. It does not intend to convert user data dbms_cloud_admin.change_national_character_set(name  IN VARCHAR2);
exec dbms_cloud_admin.change_national_character_set('???');
 
CREATE_DATABASE_LINK (new 21c)
Creates a database link in the current database to the target database identified by ostname, port, service_name, etc. dbms_cloud_admin.create_database_link(
db_link_name       IN VARCHAR2,
hostname           IN VARCHAR2,
port               IN NUMBER,
service_name       IN VARCHAR2,
ssl_server_cert_dn IN VARCHAR2,
credential_name    IN VARCHAR2,
directory_name     IN VARCHAR2 DEFAULT 'DATA_PUMP_DIR',
gateway_link       IN BOOLEAN  DEFAULT FALSE,
public_link        IN BOOLEAN  DEFAULT FALSE);
TBD
 
DISABLE_APP_CONT (new 21c)
Disables application continuity for a given database service name dbms_cloud_admin.disable_app_cont(service_name IN VARCHAR2);
exec dbms_cloud_admin.disable_app_cont('pdbdev.morganslibrary.com');
 
DISABLE_AWS_ARN (new 21c)
Disables users to create Amazon Resource Name credential objects in the database dbms_cloud_admin.disable_aws_arn(username IN VARCHAR2 DEFAULT NULL);
exec dbms_cloud_admin.disable_aws_arn('C##DBUSER');
 
DISABLE_RESOURCE_PRINCIPAL (new 21c)
Disables users to access resource principal credential in the database dbms_cloud_admin.disable_resource_principal(username IN VARCHAR2 DEFAULT NULL);
exec dbms_cloud_admin.disable_resource_principal('UWCLASS');
 
DROP_DATABASE_LINK (new 21c)
Drops a given database link in the current database dbms_cloud_admin.drop_database_link(
db_link_name IN VARCHAR2,
public_link  IN BOOLEAN DEFAULT FALSE);
exec dbms_cloud_drop.create_database_link('DBMS_CLRDBLINK', FALSE);
 
ENABLE_APP_CONT (new 21c)
Enables application continuity for a given database service name dbms_cloud_admin.enable_app_cont(service_name IN VARCHAR2);
exec dbms_cloud_admin.enable_app_cont('pdbdev.morganslibrary.com');
 
ENABLE_AWS_ARN (new 21c)
Enables users to create an Amazon Resource Name credential objects in the database dbms_cloud_admin.enable_aws_arn(username IN VARCHAR2 DEFAULT NULL);
exec dbms_cloud_admin.enable_aws_arn('UWCLASS');
 
ENABLE_RESOURCE_PRINCIPAL (new 21c)
Enables users to access resource principal credentials in the database dbms_cloud_admin.enable_resource_principal(username IN VARCHAR2 DEFAULT NULL);
exec dbms_cloud_admin.enable_resource_principal('UWCLASS');
 
GRANT_TABLESPACE_QUOTA (new 21c)
Grants tablespace quota to PDB users dbms_cloud_admin.grant_tablespace_quota(
username         IN VARCHAR2,
tablespace_quota IN VARCHAR2);
exec dbms_cloud_admin.grant_tablespace_quota('UWCLASS', '2 128 G');
 
ROTATE_ENCRYPTION_KEY (new 21c)
Allows setting a custom key as encryption key for the database using a master key pre-created in cloud key management service, and then generates a master encryption key for the database dbms_cloud_admin.rotate_encryption_key(
credential_name IN VARCHAR2 DEFAULT NULL,
crypto_endpoint IN VARCHAR2 DEFAULT NULL,
master_key_id   IN VARCHAR2 DEFAULT NULL,
vault_id        IN VARCHAR2 DEFAULT NULL);
BEGIN
  dbms_cloud_admin.rotate_encryption_key(
    credential_name => 'NATIVE_CRED',
    crypto_endpoint => 'https://...crypto.oraclecloud.com',
    master_key_id => 'ocid1.key...');
END;
/
 
SWITCH_TO_ORACLE_MANAGED_KEY(new 21c)
Switches the key to Oracle Managed dbms_cloud_admin.switch_to_oracle_managed_key;
exec dbms_cloud_admin.switch_to_oracle_managed_key;

Related Topics
Built-in Functions
Built-in Packages
Database Security
DBMS_APP_CONT_ADMIN
DBMS_APP_CONT_PRVT
DBMS_APP_CONT_REPORT
DBMS_CLOUD
DBMS_CLOUD_CAPABILITY
DBMS_CLOUD_CORE
DBMS_CLOUD_INTERNAL
DBMS_CLOUD_MACADM
DBMS_CLOUD_REQUEST
DBMS_CLOUD_TASK
DBMS_CLOUD_TYPES
What's New In 19c
What's New In 20c-21c

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2023 Daniel A. Morgan All Rights Reserved
  DBSecWorx