Oracle Autonomous Database: APIs and OCI-CLI

This post is part of a series of blog posts on the Oracle Autonomous Database.

Autonomous Database – REST APIs

  • Permit interaction with Oracle ADB cloud services programmatically over REST rather than log into the OCI Cloud Console and click through screens
  • A mechanism for developing customized deployment and management scripts that can be saved and reused for deployments, set gold standards, and store entire application infrastructure stacks as version controlled code
  • The Oracle Cloud Infrastructure APIs are typical REST APIs that use HTTPS requests and responses and support HTTPS and SSL protocol TLS 1.2
  • Calls to Oracle Cloud Infrastructure using REST APIs can be written in popular scripting languages such as node.js, Python, Ruby, Perl, Java, C#, bash or curl
  • All OCI API requests must be signed for authentication purposes

The steps to create and sign API requests are:

  • Form the HTTPS request (SSL protocol TLS 1.2 protocol required)
  • Create the signing string, which is based on parts of the request
  • Create the signature from the signing string, using your private key and the RSA-SHA256 algorithm
  • Add the resulting signature and other required information to the Authorization header in the request
  • You will also need to generate an ssh key pair in the pem format

These avoid using username/passwords (insecure communication of the internet)

Autonomous Database – Using OCI-CLI

  • The Command Line Interface (CLI) is a small footprint tool that you can use on its own or with the Shell Console to complete OCI tasks.
  • The CLI provides the same core functionality as the Service Console, plus additional commands. Some of these, such as the ability to run scripts, extend the Console’s functionality.
  • The CLI is built on Python. The Python code makes calls to OCI APIs to provide the functionality implemented for the various services.
  • Preinstalled in OL7 (or download using yum or curl or download from github)

To install and use the CLI, you must have:

  • An OCI account
  • A user created in that account, in a group with a policy that grants the desired permissions
  • A keypair used for signing API requests, with the public key uploaded to Oracle. Only the user calling the API should possess the private key

The Cloud shell will start up a shell console to access your tenancy. It is an ephemeral machine from which you can run OS commands and scripts across your whole tenancy.

$ oci db autonomous-database

Please refer to the documentation for the available commands:

e.g.

change-compartment
create
create-from-backup-id
create-from-backup-timestamp
create-from-clone
create-refreshable-clone
data-safe
deregister
register
delete
disable-operations-insights
enable-operations-insights
fail-over
generate-wallet
get
list
list-clones
manual-refresh
restart
restore
rotate-key
start
stop
switchover
update

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s