OCI provides a load balancing service which can be leveraged to distribute incoming traffic from clients amongst a set of servers. A simple example can...
OCI provides a load balancing service which can be leveraged to distribute incoming traffic from clients amongst a set of servers. A simple example can illustrate this feature. I have two compute instances in OCI running Apache HTTP Server. The Apaches are listening on port 80 for incoming requests. I have defined a Load Balancer in OCI which routes traffic to these two Backend servers. The Load Balancer accepts http requests over port 80 as shown in the figure above. From...
OCI provides a load balancing service which can be leveraged to distribute incoming traffic from clients amongst a set of servers. A simple example can illustrate this feature. I have two compute...
Introduction Compartments are a powerful feature in Oracle Cloud Infrastructure (OCI) for security isolation and access control. They accomplish that by...
Introduction Compartments are a powerful feature in Oracle Cloud Infrastructure (OCI) for security isolation and access control. They accomplish that by providing a global logical namespace where policies can be enforced, as folders in a file system. By being global, they stretch out to all OCI regions within a given tenancy. Through policy enforcement, they deliver the right access level according to the parameters defined by the organization for resource management and...
Introduction Compartments are a powerful feature in Oracle Cloud Infrastructure (OCI) for security isolation and access control. They accomplish that by providing a global logical namespace...
In a blog post a couple of months ago I described how the OAuth Device flow works and gave some general and hypothetical examples of when you might use it. Just...
In a blog post a couple of months ago I described how the OAuth Device flow works and gave some general and hypothetical examples of when you might use it. Just a couple of weeks ago I happened upon a real world use case for it and had a chance to put IDCS' Device Code support to actual use. In most cases when you log into a Unix server over SSH you should be using a key pair - you upload your public key to the server and then the ssh client uses your private key to prove to...
In a blog post a couple of months ago I described how the OAuth Device flow works and gave some general and hypothetical examples of when you might use it. Just a couple of weeks ago I happened upon a...
.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the...
.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the cloud for the cloud. It is fully standards-compliant and implements various standards like SAML (Security Assertion Markup Language), OAuth, OIDC (OpenID Connect), etc. Those standards help customers integrate with other products implementing that same standard. One use case that I came across, a few times recently, is...
.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the cloud for the cloud. It is...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair and upload it into OCI. Instead you can just run "oci session authenticate" and the CLI will open your browser and push you through a (much) simpler process that basically amounts to just logging in and clicking yes. If you use the CLI directly on your laptop this works swimmingly. But what if you want to run the CLI...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair and upload it into OCI. Instead you...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor Oracle Cloud Infrastructure (OCI), can detect risk, anomalies and potential security violations. In OCI, the target of CASB monitoring is a compartment. Once an OCI compartment is configured in CASB, out-of-box baseline monitoring kicks in to find security anomalies. However, policies still need to be configured to...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor Oracle Cloud Infrastructure (OCI), can...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the Dashboard in IDCS click the + under Applications to create a new Application 2: Select Confidential Application because we're creating a 3-legged app 3: Fill in the first screen Only name is required, and if you aren't sure what the other fields mean that's all you should enter. 4: Configure the App IDCS supports basically all...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the Dashboard in IDCS click the + under Applications...
Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS...
Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS Console or any application registered by customers in IDCS. At first sight, restricting access based on the user IP address may lead to the belief that IDCS can only blacklist a set of IP addresses. In other words, IDCS would only be able to block access from a set of well known IP addresses. That's far from the truth....
Introduction Oracle IDCS (Identity Cloud Service) supports restricting access to applications based on the user IP address. Such applications can be the IDCS Console or any application registered by...
* This blog was last tested on Oracle Identity Cloud Service 21.2.2-2105182223 by Jay Pearson (Oracle A-Team) * For other A-Team articles by Richard, click here...
* This blog was last tested on Oracle Identity Cloud Service 21.2.2-2105182223 by Jay Pearson (Oracle A-Team) * For other A-Team articles by Richard, click here Introduction Customers may want to restrict access to their Oracle Cloud Services to a set of IP ranges, for instance to only allow connections coming from their corporate office. That type of restriction is not possible within Oracle Analytics Cloud itself, but it possible to set up using the Identity Cloud Service....
* This blog was last tested on Oracle Identity Cloud Service 21.2.2-2105182223 by Jay Pearson (Oracle A-Team) * For other A-Team articles by Richard, click here Introduction Customers may want to...
