You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: security/security-design/README.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ The Cloud Security Design Advisory team is covering end-to-end OCI security topi
4
4
We are working closely with OCI Domain Specialists (networking, infrastructure security, data management, and observability), to provide the customer the best deep dive expertise, both on Cloud Security and Cloud Solutions.
- Protect your most valuable data in the cloud and on-premises with Oracle’s security-first approach. Oracle has decades of experience securing data and applications; Oracle Cloud Infrastructure delivers a more secure cloud to our customers, building trust and protecting their most valuable data.
- Protect your most valuable data in the cloud and on-premises with Oracle’s security-first approach. Oracle has decades of experience securing data and applications; Oracle Cloud Infrastructure delivers a more secure cloud to our customers, building trust and protecting their most valuable data.
- Oracle is committed to helping customers operate globally in a fast-changing business environment and address the challenges of an ever more complex regulatory environment.
54
54
-[Security in OCI - OCI Best Practices for security adoption](https://www.oracle.com/cloud/oci-best-practices-guide/#security-on-oci)
55
55
-[Security Checklist for OCI](https://docs.oracle.com/en/solutions/oci-security-checklist/#GUID-D27BD123-8CFB-49A4-84AF-3546022638CE)
-[Integrate APEX with OCI IAM Domains](https://docs.oracle.com/en/learn/apex-identitydomains-sso/index.html#task-4-create-a-new-authentication-scheme-in-oracle-apex-for-the-sample-application)
59
+
-[Integrate APEX with OCI IAM Domains](https://docs.oracle.com/en/learn/apex-identitydomains-sso/index.html#task-4-create-a-new-authentication-scheme-in-oracle-apex-for-the-sample-application)
60
60
- Oracle APEX is the premier low code tool. With Oracle OCI IAM you can add proper governance to user management and authorization governance though OCI IAM groups mapped to APEX roles. Since APEX is using OAUTH for integration with Oracle OCI IAM, users is not required to managed within APEX, only user and group assignments to users is managed in APEX. If you want to manage user profile within APEX, this can easily be added by adding a post. In the post below, step 7 and 8 gives one example of how a post authentication function can be built. This can be extended to use REST to retrieve additional attributes from OCI IAM Domains, or more common use case, create a local user profile in a local table, if a local user profile does not exist for the current user. The elegant piece, is that the OCI IAM Domain integration provides username and authorization available though standard APEX API for later usage in your code
61
61
The link above details how to integrate APEX with OCI IAM Domain, utilizing OAUTH, and then leave the user governance entirely to OCI IAM Domains.
Copy file name to clipboardExpand all lines: security/security-design/shared-assets/bastion-session-script/README.md
+3-1Lines changed: 3 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,8 +1,10 @@
1
1
# Bastion Session Script
2
2
3
+
Owner: Leon van Birgelen
4
+
Reviewed: 29.10.2024
5
+
3
6
This shell script can be used to easily connect to the OCI Bastion service based on temporary SSH keys. Authorization is granted based on OCI CLI authentication and OCI Permissions. For OCI CLI authentication both the use of exchanged API keys and session security tokens is supported. This script works also directly on OCI Cloud Shell, however only for Managed SSH Sessions since port forwarding is not supported on OCI Cloud Shell.
0 commit comments