Update May 31st, 2021 – Seems like there was documentation bug so I’ve updated part about Agents. They are disabled by default so you need to enable them always if you want to use Bastion Service Managed session. I’ve always had slight dislike on requiring Bastion (Jump) server on any cloud which is self-managed. Sure,…
Get notified on unwanted network changes with OCI Cloud Guard
Oracle introduced Cloud Guard some time ago to OCI, in this post I’ll take a brief look what Cloud Guard is and how you can get notified on unwanted changes in your tenancy. As an example, I have a public VCN which is required for my project. I might have several admins managing the VCN…
OCI DBCS Clone from backup fails when Database Vault is enabled
Recently I was creating a DBCS database clone but the creation failed, luckily we could find out the node IPs through support and from the dcs-agent-debug.log we could see following statement failing: When looking this script what it tries to do is set the default password limits for DEFAULT profile. While trying it out on…
How I studied for the Oracle Cloud Infrastructure 2019 Certified Architect Professional 1Z0-997
Earlier this week I took the 1Z0-997 Oracle Cloud Infrastructure 2019 Certified Architect Professional. In this post I’ll try to share on how I studied on the test and what areas I feel helped me on passing the certification. I won’t be posting any questions or answers but rather want to help you on studying…
Rewriting Terraform security list configuration in OCI with Terraform 0.12
I’ve been a big fan of Terraform for quite some time but one of the things I have been complaining about has been some things which have not been possible when you use Terraform modules. Why do we use modules? It gives us a way to reuse our code so that each resource creation is…
Security in Oracle Cloud Infrastructure and why you should care less about it
I recently attended Accenture’s Oracle leadership council and was asked to speak about Oracle Cloud Infrastructure security. I’ve said that I’m definitely not an expert on security and that’s why the subject was actually a cool one to speak about! If you’ve used any of the major cloud providers (Azure, AWS, GCP) you know the…
Oracle Cloud Infrastructure and Dynamic Groups – what are they?
You might have seen dynamic groups mentioned when browsing through OCI console or when you’ve read the documentation. One of the most important things when creating services is handling access to specific services so that your access keys are not compromised. This is one neat way of managing that in the cloud. Instead of storing…
Passbolt v1.6.0 is out
Since I’ve written earlier about Passbolt as team password manager I thought it would make sense to notify there is new version 1.6.0 out as I installed version 1.4.0 for us. My earlier post about Passbolt is here: https://finnishingthoughts.wordpress.com/2017/03/01/passbolt-for-team-password-management/ The biggest thing we noticed previously was the lack of group management in Passbolt but luckily…
Passbolt for team password management
I was thinking recently that we need some tool where we store our team’s passwords for all the different logins we have. Few requirements what I came up with: The server or the password file needs to be hosted on our network There needs to be mechanism to share passwords within specific persons or groups…