Merge branch 'main' into dependabot/pip/ai/generative-ai-service/image-to-text/streamlit-1.37.0

Author: AlexanderHodicke

cloud-infrastructure/ai-infra-gpu/ai-infrastructure/rag-langchain-vllm-mistral/files/requirements.txt

@@ -1,4 +1,4 @@
-aiohttp==3.10.2
+aiohttp==3.10.11
 aiosignal==1.3.1
 annotated-types==0.6.0
 anyio==4.3.0

cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/hsp/README.md

@@ -1,99 +1 @@
-# C3 Hosting Service Provider - IAM Policies for Isolation
-
-Reviewed: 18.11.2024
-
-The Hosting Service Provider (HSP) model on Compute Cloud@Customer (C3) allows
-hosting for multiple end customers, each isolated in a dedicated compartment
-with separate VCN(s) per customer. To ensure the end customer can only
-create resources in just their own compartment, a set of IAM policies are
-required.
-
-The HSP documentation suggests the following policies per end customer
-based on an example with two hosting customers, A & B. They assume that
-each end customer will have two roles for their
-staff: Customer Administrator and Customer End User. 
-
-## Example Policies for Customer Administrator
-```
-Allows the group specified to use all C3 services in the compartment
-listed:
-
-Allow group CustA-Admin-grp to manage all-resources in compartment
-path:to:CustA
-
-Allow group CustB-Admin-grp to manage all-resources in compartment
-path:to:CustB
-```
-Note that the above policy grants permissions in the CustA and CustB
-compartments of the C3 but **also in the same compartment in the OCI
-tenancy**! To prevent permissions being granted in the OCI tenancy
-append a condition such as:
-
-```Allow group CustA-Admin-grp to manage all-resources in compartment
-path:to:CustA where all {request.region != 'LHR',request.region !=
-'FRA'}
-
-Allow group CustB-Admin-grp to manage all-resources in compartment
-path:to:CustB where all {request.region != 'LHR',request.region !=
-'FRA'}
-```
-In the example above the condition prevents resource creation in London
-and Frankfurt regions. Adjust the list to include all regions the
-tenancy is subscribed to.
-
-The path to the end user compartment must be explicitly stated, using
-the comma format, relative to the compartment where the policy is
-created. 
-
-## Example Policies for Customer End User
-```
-Allow group CustA-Users-grp to manage instance-family in compartment
-path:to:CustA  
-Allow group CustA-Users-grp to use volume-family in compartment
-path:to:CustA  
-Allow group CustA-Users-grp to use virtual-network-family in compartment
-path:to:CustA  
-Allow group CustB-Users-grp to manage instance-family in compartment
-path:to:CustB  
-Allow group CustB-Users-grp to use volume-family in compartment
-path:to:CustB  
-Allow group CustB-Users-grp to use virtual-network-family in compartment
-path:to:CustB
-```
-As above append a condition to limit permissions to the C3 and prevent
-resource creation in OCI regions:
-```
-Allow group CustA-Users-grp to manage instance-family in compartment
-path:to:CustA where all {request.region != 'LHR',request.region !=
-'FRA'}  
-Allow group CustA-Users-grp to use volume-family in compartment
-path:to:CustA where all {request.region != 'LHR',request.region !=
-'FRA'}  
-Allow group CustA-Users-grp to use virtual-network-family in compartment
-path:to:CustA where all {request.region != 'LHR',request.region !=
-'FRA'}  
-Allow group CustB-Users-grp to manage instance-family in compartment
-path:to:CustB where all {request.region != 'LHR',request.region !=
-'FRA'}  
-Allow group CustB-Users-grp to use volume-family in compartment
-path:to:CustB where all {request.region != 'LHR',request.region !=
-'FRA'}  
-Allow group CustB-Users-grp to use virtual-network-family in compartment
-path:to:CustB where all {request.region != 'LHR',request.region !=
-'FRA'}
-```
-## Common Policy
-
-Currently any user of a C3 needs access to certain resources located at
-the tenancy level to use IaaS resources in the web UI.
-Backup policies, tag namespaces, platform images, all reside at the
-tenancy level and need a further policy to allow normal use of C3 IaaS
-services. Note that this is a subtle difference to the behaviour on OCI. 
-
-An extra policy as below is required (where CommonGroup contains **all**
-HSP users on the C3):
-```
-allow group CommonGroup to read all-resources in tenancy where
-target.compartment.name='root-compartment-name'
-```
 

cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/hsp/iam-policies-for-isolation/README.md

@@ -0,0 +1,99 @@
+# C3 Hosting Service Provider - IAM Policies for Isolation
+
+Reviewed: 18.11.2024
+
+The Hosting Service Provider (HSP) model on Compute Cloud@Customer (C3) allows
+hosting for multiple end customers, each isolated in a dedicated compartment
+with separate VCN(s) per customer. To ensure the end customer can only
+create resources in just their own compartment, a set of IAM policies are
+required.
+
+The HSP documentation suggests the following policies per end customer
+based on an example with two hosting customers, A & B. They assume that
+each end customer will have two roles for their
+staff: Customer Administrator and Customer End User. 
+
+## Example Policies for Customer Administrator
+```
+Allows the group specified to use all C3 services in the compartment
+listed:
+
+Allow group CustA-Admin-grp to manage all-resources in compartment
+path:to:CustA
+
+Allow group CustB-Admin-grp to manage all-resources in compartment
+path:to:CustB
+```
+Note that the above policy grants permissions in the CustA and CustB
+compartments of the C3 but **also in the same compartment in the OCI
+tenancy**! To prevent permissions being granted in the OCI tenancy
+append a condition such as:
+
+```Allow group CustA-Admin-grp to manage all-resources in compartment
+path:to:CustA where all {request.region != 'LHR',request.region !=
+'FRA'}
+
+Allow group CustB-Admin-grp to manage all-resources in compartment
+path:to:CustB where all {request.region != 'LHR',request.region !=
+'FRA'}
+```
+In the example above the condition prevents resource creation in London
+and Frankfurt regions. Adjust the list to include all regions the
+tenancy is subscribed to.
+
+The path to the end user compartment must be explicitly stated, using
+the colon delimited format, relative to the compartment where the policy is
+created. 
+
+## Example Policies for Customer End User
+```
+Allow group CustA-Users-grp to manage instance-family in compartment
+path:to:CustA  
+Allow group CustA-Users-grp to use volume-family in compartment
+path:to:CustA  
+Allow group CustA-Users-grp to use virtual-network-family in compartment
+path:to:CustA  
+Allow group CustB-Users-grp to manage instance-family in compartment
+path:to:CustB  
+Allow group CustB-Users-grp to use volume-family in compartment
+path:to:CustB  
+Allow group CustB-Users-grp to use virtual-network-family in compartment
+path:to:CustB
+```
+As above append a condition to limit permissions to the C3 and prevent
+resource creation in OCI regions:
+```
+Allow group CustA-Users-grp to manage instance-family in compartment
+path:to:CustA where all {request.region != 'LHR',request.region !=
+'FRA'}  
+Allow group CustA-Users-grp to use volume-family in compartment
+path:to:CustA where all {request.region != 'LHR',request.region !=
+'FRA'}  
+Allow group CustA-Users-grp to use virtual-network-family in compartment
+path:to:CustA where all {request.region != 'LHR',request.region !=
+'FRA'}  
+Allow group CustB-Users-grp to manage instance-family in compartment
+path:to:CustB where all {request.region != 'LHR',request.region !=
+'FRA'}  
+Allow group CustB-Users-grp to use volume-family in compartment
+path:to:CustB where all {request.region != 'LHR',request.region !=
+'FRA'}  
+Allow group CustB-Users-grp to use virtual-network-family in compartment
+path:to:CustB where all {request.region != 'LHR',request.region !=
+'FRA'}
+```
+## Common Policy
+
+Currently any user of a C3 needs access to certain resources located at
+the tenancy level to use IaaS resources in the web UI.
+Backup policies, tag namespaces, platform images, all reside at the
+tenancy level and need a further policy to allow normal use of C3 IaaS
+services. Note that this is a subtle difference to the behaviour on OCI. 
+
+An extra policy as below is required (where CommonGroup contains **all**
+HSP users on the C3):
+```
+allow group CommonGroup to read all-resources in tenancy where
+target.compartment.name='root-compartment-name'
+```
+

cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/hsp/restrict-access-to-oci-console/README.md

@@ -0,0 +1,34 @@
+# C3 HSP - Restricting Access to the OCI Console
+
+In the HSP scenario where end users are not employees of the rack
+operator it's probably not appropriate for them to be able to access the
+OCI console and to, possibly, create resources in the public cloud.
+
+In an OCI tenancy using Identity Domains, i.e. all new tenancies, then
+there is an option to use [IAM Sign-On
+Policies](https://docs.oracle.com/en-us/iaas/Content/Identity/signonpolicies/managingsignonpolicies.htm#understand-sign-policies)
+to prevent access to the OCI Console. There is a [specific Sign-On
+Policy that controls access to the OCI
+Console](https://docs.oracle.com/en-us/iaas/Content/Identity/signonpolicies/managingsignonpolicies.htm#understand-sign-policies__securitypolicy-console-signonpolicy)
+and adding a new Sign-On Rule will disable access. Note that all users
+of a C3 must be created in the **default identity domain**. The Security
+Policy for OCI Console sign-on policy is activated by default and
+preconfigured with Oracle security best practices. Once located a new
+Sign-On rule as below will deny access to a specifed group:  
+![](./files/media/image1.png)
+
+Once the new Sign-On rule is created then it should be added to the
+Policy as shown, in this case before the MFA rule: 
+
+![](./files/media/image2.png)
+
+Note!
+
+Even with OCI console access disabled there are still "live" OCI users
+who will have access to create/delete/modify resources via teh API in the OCI tenancy
+as well as the C3 as the policies and compartments are common across
+both. It would be wise to further restrict the capability of these users
+as per
+<https://docs.oracle.com/en-us/iaas/Content/Identity/users/edit-users-capabilities.htm>.   
+  
+Ideally a policy should be implemented that restricts permissions **only** to the C3, see [this](../iam-policies-for-isolation/README.md) note.

cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/hsp/restrict-access-to-oci-console/files/media/image1.png

@@ -2,52 +2,68 @@
 
 Welcome to the SQL repository of the Data Development team at Oracle. This repository is designed to provide comprehensive resources, tips, and tools to help you master SQL and leverage the latest features of Oracle23ai. Below you'll find an index to all the sections available in this repository, along with a brief introduction to what you can expect in each section.
 
-Reviewed: 23.10.2024
+Structured Query Language (SQL) is the standard programming language used for managing and manipulating relational databases. SQL allows you to perform a variety of operations such as querying data, updating records, creating and modifying schema, and controlling access to the database. It is a crucial skill for data developers and analysts, enabling efficient data retrieval and manipulation to support data-driven decision-making.
+
+PL/SQL, the Oracle procedural extension of SQL, is a portable, high-performance transaction-processing language. PL/SQL offers several advantages over other programming languages: from being tightly integrated with SQL to leveraging High Performance and High Productivity. PL/SQL is a portable and scalable Procedural Language which also increase Manageability and support for Object Oriented Programming. 
+
+Reviewed: 18.11.2024
 
 # Table of Contents
-- [What is SQL?](#what-is-sql);
-- [SQL Tools](#sql-tools); 
-- [SQL Tips](#sql-tips);
-- [SQL Oracle23ai](#sql-oracle23ai);
-- [SQL DO It Yourself](#sql-do-it-yourself)
+- [Team Publications](#team-publications);
 - [Useful Links](#useful-links);
 
+  [What is SQL? ]: # 
 
-# What is SQL?
+  [ SQL Tools ]: # 
+ [ SQL Tips ]: #
+ [ SQL Oracle23ai ]: #
+ [ SQL DO It Yourself ]: #
 
-Structured Query Language (SQL) is the standard programming language used for managing and manipulating relational databases. SQL allows you to perform a variety of operations such as querying data, updating records, creating and modifying schema, and controlling access to the database. It is a crucial skill for data developers and analysts, enabling efficient data retrieval and manipulation to support data-driven decision-making.
+
+# Team Publications 
+- [23ai New Features Series - Part 1](https://www.linkedin.com/posts/sonnemeyer_23aispecialists-23ainewsabrpart1-developer-activity-7196221427056889856-3HF2?utm_source=share&utm_medium=member_desktop) - 23ai Database New Features on Linkedin Post - I 
+- [23ai New Features Series - Part 2](https://www.linkedin.com/posts/cristina-varas-menadas-591825119_oracle-oracle23ai-sql-activity-7198945654272864256-wduQ/?utm_source=share&utm_medium=member_ios) - 23ai Database New Features on Linkedin Post - II 
+- [23ai New Features Series - Part 3](https://www.linkedin.com/posts/sonnemeyer_23aispecialists-23ainewsabrpart3-developer-activity-7201958687005982721-Oo3B?utm_source=share&utm_medium=member_desktop) - 23ai Database New Features on Linkedin Post - III 
+- [23ai New Features Series - Part 4](https://www.linkedin.com/posts/sonnemeyer_23aispecialists-23ainewsabrpart4-teammates-activity-7204946957843267584-x664?utm_source=share&utm_medium=member_desktop) - 23ai Database New Features on Linkedin Post - IV 
+- [23ai New Features Series - Part 5](https://www.linkedin.com/posts/ppaolucci_cristinavarasmenadas-sonjameyer-activity-7207374755878887425-a--C?utm_source=share&utm_medium=member_desktop) - 23ai Database New Features on Linkedin Post - V 
 
 
-# SQL Tools
+## SQL Tools
 
-In the [SQL Tools](SQL_Tools/README.md) section, you'll find a collection of essential tools and utilities that can help streamline your SQL development process. This includes:
+[SQL Tools](SQL_Tools/README.md): In this section, you'll find a collection of essential tools and utilities that can help streamline your SQL development process. This includes:
 - SQL client software recommendations
 - Database management tools
 - Productivity-enhancing plugins and extensions
 
 
-# SQL Tips
+[# SQL Tips]: #
+
+[ The SQL Tips(SQL_Tips/README.md) section is dedicated to providing ]: #
+
+[practical advice and best practices for writing efficient and effective SQL]: # 
+
+<!-- [ queries. Topics covered include]: 
+
+[ - Query optimization techniques]: #
+[ - Common pitfalls and how to avoid them ]: #
+[ - Advanced SQL functions and their use cases]:  -->
 
-The [SQL Tips](SQL_Tips/README.md) section is dedicated to providing practical advice and best practices for writing efficient and effective SQL queries. Topics covered include:
-- Query optimization techniques
-- Common pitfalls and how to avoid them
-- Advanced SQL functions and their use cases
 
 
-# SQL Oracle23ai
+[# SQL Oracle23ai ]: #
 
-Explore the latest advancements with Oracle's cutting-edge AI capabilities in the [SQL Oracle23ai](SQL_Oracle23ai/README.md) section. Here, you will find:
+<!-- Explore the latest advancements with Oracle's cutting-edge AI capabilities in the [SQL Oracle23ai](SQL_Oracle23ai/README.md) section. Here, you will find:
 - New features and enhancements in Oracle23ai
 - Tutorials on integrating AI with your SQL queries
-- Case studies and real-world applications of Oracle23ai
+- Case studies and real-world applications of Oracle23ai -->
 
 
-# SQL Do It Yourself
+<!-- # SQL Do It Yourself
 
 The [SQL Do It Yourself](SQL_Do_It_Yourself/README.md) section encourages hands-on learning by providing a variety of exercises and projects. This includes:
 - Practice problems with solutions
 - Step-by-step project guides
-- Interactive SQL challenges to test your skills
+- Interactive SQL challenges to test your skills -->
 
 
 # Useful Links
@@ -58,10 +74,14 @@ To support your development journey, here are some valuable resources related to
 - [Oracle Live SQL](https://livesql.oracle.com/) 
 - [Oracle Learning Library](https://www.oracle.com/learning-library/)
 - [Oracle Database 23ai: Application Development](https://www.oracle.com/database/technologies/application-development.html)
+- [@ThatJeffSmith](https://www.thatjeffsmith.com/)
+- [SQL Blog by Chris Saxon](https://blogs.oracle.com/sql)
+- [The Magic of SQL by Chris Saxon - YouTube Channel](https://www.youtube.com/c/TheMagicofSQL)
+- [SQL and Database explained! By Connor McDonald - YouTube Channel](https://www.youtube.com/@DatabaseDude)
 
 ---
 
-We hope you find these resources helpful in your SQL journey. If you have any questions or suggestions, please feel free to contribute or reach out to the team. Happy querying!
+<!-- We hope you find these resources helpful in your SQL journey. If you have any questions or suggestions, please feel free to contribute or reach out to the team. Happy querying! -->
 
 
 # License

cloud-infrastructure/private-cloud-and-edge/compute-cloud-at-customer/hsp/restrict-access-to-oci-console/files/media/image2.png

@@ -90,7 +90,7 @@ To look for examples and deep dive into Oracle 23ai New Features in Database spe
 This asset contains a brief set of Oracle Database 23ai new features examples which are then included in a specific asset file for consultation.
 The list of New Features will be periodically updated and adjusted.
 
---## Features
+<!-- --## Features
 --### Aggregation over INTERVAL Data Types
 -- - **Description**: Pass INTERVAL data types to SUM and AVG aggregate functions.
 -- - **Example**: ```sqlSELECT SUM(interval_column) FROM table_name;`
@@ -138,16 +138,20 @@ The list of New Features will be periodically updated and adjusted.
 -- - **Example**: `INSERT INTO table_name VALUES (1, 'value');`
 -- ### Ubiquitous Search With DBMS_SEARCH Packages
 -- - **Description**: Index multiple schema objects for full-text search using DBMS_SEARCH.
--- - **Example**: `EXEC DBMS_SEARCH.CREATE_INDEX('index_name', 'table_name');`
+-- - **Example**: `EXEC DBMS_SEARCH.CREATE_INDEX('index_name', 'table_name');-->
+
+
+
 
 
 
 # Team Publications
+
 - [23ai New Features Series - Part 1](https://www.linkedin.com/posts/sonnemeyer_23aispecialists-23ainewsabrpart1-developer-activity-7196221427056889856-3HF2?utm_source=share&utm_medium=member_desktop)
 - [23ai New Features Series - Part 2](https://www.linkedin.com/posts/cristina-varas-menadas-591825119_oracle-oracle23ai-sql-activity-7198945654272864256-wduQ/?utm_source=share&utm_medium=member_ios)
 - [23ai New Features Series - Part 3](https://www.linkedin.com/posts/sonnemeyer_23aispecialists-23ainewsabrpart3-developer-activity-7201958687005982721-Oo3B?utm_source=share&utm_medium=member_desktop)
 - [23ai New Features Series - Part 4](https://www.linkedin.com/posts/sonnemeyer_23aispecialists-23ainewsabrpart4-teammates-activity-7204946957843267584-x664?utm_source=share&utm_medium=member_desktop)
-- [23ai New Features Series - Part 5](https://www.linkedin.com/posts/ppaolucci_cristinavarasmenadas-sonjameyer-activity-7207374755878887425-a--C?utm_source=share&utm_medium=member_desktop)
+- [23ai New Features Series - Part 5](https://www.linkedin.com/posts/ppaolucci_cristinavarasmenadas-sonjameyer-activity-7207374755878887425-a--C?utm_source=share&utm_medium=member_desktop) -->
 
 
 
@@ -156,10 +160,10 @@ The list of New Features will be periodically updated and adjusted.
 - [Oracle Database 23ai New Features](https://apex.oracle.com/database-features/)
 
 
-# Release Information
+<!-- # Release Information
 - **Version**: 23ai
 - **Applicable Offerings**: All Oracle Database offerings .................
-For more detailed information, please visit the [Oracle Database Features](https://apex.oracle.com/database-features/) page.
+For more detailed information, please visit the [Oracle Database Features](https://apex.oracle.com/database-features/) page. -->
 
 # License