Merge branch 'lvb-import-vault-key' of https://github.com/oracle-devrel/technology-engineering into lvb-import-vault-key

Rebased

Author: lvbirgelen

manageability-and-operations/operations-advisory/center-of-excellence/README.md

@@ -10,12 +10,12 @@ A **Cloud Center of Excellence**:  The CCOE is an extended multidisciplinary tea
 
 A **Change Management Plan**: Create a change management plan to make a company-wide engagement.
 
-Reviewed: 30.01.2024
+Reviewed: 09.10.2024
 
 # License
 
 Copyright (c) 2024 Oracle and/or its affiliates.
 
 Licensed under the Universal Permissive License (UPL), Version 1.0.
 
-See [LICENSE](https://github.com/oracle-devrel/technology-engineering/blob/main/LICENSE) for more details.
+See [LICENSE](https://github.com/oracle-devrel/technology-engineering/blob/main/LICENSE) for more details.

manageability-and-operations/operations-advisory/finops/README.md

@@ -2,7 +2,7 @@
 
 **FinOps** is a cloud financial management practice that supports organizations to optimize their cloud spending by providing a dedicated framework to achieve maximum business value by helping engineering, finance & business teams to collaborate on data-driven spending decision
 
-Reviewed: 30.09.2024
+Reviewed: 10.10.2024
 
 
 **The FinOps Framework** describes 

manageability-and-operations/operations-advisory/fsdr/fsdr-operations/README.md

@@ -1,7 +1,7 @@
 
 # Full Stack Disaster Recovery (FSDR) Operations Workshop
 
-Reviewed: 30.01.2024
+Reviewed: 08.10.2024
 
 ## Objectives
 

manageability-and-operations/operations-advisory/infrastructure-as-code/README.md

@@ -11,7 +11,7 @@ Infrastructure As Code (IaC) is a methodology in which scripts automate infrastr
 
 **Consistency** IaC makes it possible to avoid human errors and inconsistency and minimize drift over time.
 
-Reviewed: 13.11.2023
+Reviewed: 08.10.2024
 
 # Declarative Automation
 

manageability-and-operations/operations-advisory/integration-patterns/sentinel/README.md

@@ -1,6 +1,6 @@
 # Sentinel
 
-Reviewed: 30.01.2024
+Reviewed: 27.09.2024
 
 # License
 

manageability-and-operations/operations-advisory/operating-model/README.md

@@ -6,6 +6,8 @@ This chapter is aimed at outlining the Operating Model importance and the possib
 - Multi-cloud provider
 - Hybrid 
 
+Reviewed: 30.08.2024
+
 # License
 
 Copyright (c) 2024 Oracle and/or its affiliates.

manageability-and-operations/tenancy-usage-cost-reports/README.md

@@ -4,7 +4,7 @@ Usage2ADW is a tool that uses the Python SDK to extract the usage and cost repor
 
 OCI automatically generates usage data and is stored in an Oracle-owned Object Storage bucket. It contains one row per each OCI resource per hour along with consumption information, metadata, namespace, and tags. Usage2ADW load this data to the ADW database and OAC visualizations can be created on top of this database.
 
-Reviewed: 30.01.2024
+Reviewed: 09.10.2024
 ​
 # When to use this asset?
 ​

others/best-practices/finops-and-operations/README.md

@@ -2,7 +2,7 @@
 
 This paper describes some best practices for managing OCI tenancy costs. 
 
-Reviewed: 07.03.2024
+Reviewed: 07.10.2024
 
 # When to use this asset?
 

security/security-design/README.md

@@ -56,6 +56,10 @@ Reviewed: 01.02.2024
  - [Zero Trust Security Model](https://www.oracle.com/security/what-is-zero-trust/)
  - [Cloud Security Documentation](https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security.htm#Security_Guide_and_Announcements)
  - [OCI Architecture Center](https://www.oracle.com/uk/cloud/architecture-center/)
+- [Integrate APEX with OCI IAM Domains](https://docs.oracle.com/en/learn/apex-identitydomains-sso/index.html#task-4-create-a-new-authentication-scheme-in-oracle-apex-for-the-sample-application)
+     - Oracle APEX is the premier low code tool. With Oracle OCI IAM you can add proper governance to user management and authorization governance though OCI IAM groups mapped to APEX roles. Since APEX is using OAUTH for integration with Oracle OCI IAM, users is not required to managed within APEX, only user and group assignments to users is managed in APEX. If you want to manage user profile within APEX, this can easily be added by adding a post. In the post below, step 7 and 8 gives one example of how a post authentication function can be built. This can be extended to use REST to retrieve additional attributes from OCI IAM Domains, or more common use case, create a local user profile in a local table, if a local user profile does not exist for the current user. The elegant piece, is that the OCI IAM Domain integration provides username and authorization available though standard APEX API for later usage in your code
+The link above details how to integrate APEX with OCI IAM Domain, utilizing OAUTH, and then leave the user governance entirely to OCI IAM Domains.
+
 
 # License
 

security/security-design/shared-assets/oci-security-health-check-standard/README.md

@@ -2,7 +2,7 @@
 
 Owner: Olaf Heimburger
 
-Version: 240822
+Version: 241011
 
 Reviewed: 01.02.2024
 
@@ -29,26 +29,40 @@ See the *OCI Security Health Check - Standard Edition* in action and watch the [
 
 Before running the *OCI Security Health Check - Standard Edition* you should download and verify it.
 
-  - Download the latest distribution [oci-security-health-check-standard-240822.zip](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-240822.zip).
+  - Download the latest distribution [oci-security-health-check-standard-241011.zip](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.zip).
   - Download the respective checksum file:
-    - [oci-security-health-check-standard-240822.sha512](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-240822.sha512).
-    - [oci-security-health-check-standard-240822.sha512256](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-240822.sha512256).
+    - [oci-security-health-check-standard-241011.sha512](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.sha512).
+    - [oci-security-health-check-standard-241011.sha512256](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.sha512256).
   - Verify the integrity of the distribution. Both files must be in the same directory (for example, in your downloads directory).
 
     On MacOS:
     ```
     cd <your_downloads_directory>
-    shasum -a 512256 -c oci-security-health-check-standard-240822.sha512256
+    shasum -a 512256 -c oci-security-health-check-standard-241011.sha512256
     ```
 
     On Linux (including Cloud Shell):
     ```
     cd <your_downloads_directory>
-    sha512sum -c oci-security-health-check-standard-240822.sha512
+    sha512sum -c oci-security-health-check-standard-241011.sha512
     ```
 
 **Reject the downloaded file if the check fails!**
 
+### In OCI Cloud Shell
+
+In OCI Cloud Shell you can do a short cut without downloading the files mentioned above to your desktop:
+
+1. Login to your OCI console.
+2. Open Cloud Shell
+3. Run these commands in your Cloud Shell:
+  ```
+  wget -q https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.zip
+  wget -q https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.sha512
+  sha512sum -c oci-security-health-check-standard-241011.sha512
+  unzip -q oci-security-health-check-standard-241011.zip
+  ```
+
 ## Prepare the OCI Tenancy
 
 ### Single Run
@@ -100,7 +114,16 @@ For a detailed description go to [Run the OCI Security Health Check in OCI Cloud
 
 After a completed run you will find a directory with a name starting with your tenancy name followed by a timestamp in your working directory (like `tenancy_name_YYYYMMDDHHmmss_standard`). A zip archive for easier download using the same name will be created, too. Both hold data files for your review.
 
-To start with reviewing the results, open the file named [cis_html_summary_report.html](files/resources/cis_html_summary_report.html)(sample report).
+To start with reviewing the results, open the file named `tenancy_name_YYYYMMDDHHmmss_standard_cis_html_summary_report.html`.
+
+It may look like this example:
+![Flyer](./files/resources/Example_Output.png)
+
+# Known Issues
+
+1. Diagrams are not part of the HTML page.
+   This may be because of broken `numpy installation`. The following command should resolve this:
+   `pip3 install --upgrade --force-reinstall --user numpy`
 
 # Credits