Fully-Automated Onboarding
Learn about the fully-automated onboarding option for OracleDB for Azure.
The fully-automated onboarding option for OracleDB for Azure is faster and more convenient than the guided account linking, but some organizations may have security policies that do not allow them to grant the required permissions to the Oracle Database Service enterprise application that runs in their Azure account.
The automated onboarding process requires that the Azure user onboarding to OracleDB for Azure have at least one of the following admin roles: Application Administrator, Cloud Application Administrator, Privileged Role Administrator, or Global Administrator.
Using this process, an Azure user:
- Logs into the OracleDB for Azure sign-up page using their Azure credentials.
- Grants OracleDB for Azure the permissions it needs to complete the automated onboarding process.
- Selects one or more Azure subscriptions to link to OracleDB for Azure.
- Logs into an existing OCI account or creates a new OCI account.
Once you complete these onboarding steps, OracleDB for Azure automatically does the following:
- Creates an Oracle Database Service (ODS) enterprise application and custom roles in the Azure tenant's Azure Active Directory.
- Grants the ODS application the permissions it needs in each of the selected subscriptions.
- Creates the OracleDB for Azure groups in the Azure tenant's Azure Active Directory.
- Creates a Multicloud Link (MCL) configuration in the user's OCI tenancy.
- Updates the MCL with configuration settings for each of the linked subscriptions.
- Creates and configures the private link between Azure and OCI using Oracle Interconnect for Azure.
-
Federates the Azure tenant's Azure Active Directory (AAD) to OCI IAM and configures it to only synchronize user accounts that are members of the OracleDB for Azure custom groups that OracleDB for Azure created in AAD.
Important
User records in Azure Active Directory must contain a last name and valid email address to work with OracleDB for Azure identity federation. - Redirects the browser to the OracleDB for Azure Portal at http://multicloud.oracle.com/azure.
When the automated configuration finishes, OracleDB for Azure is fully operational. The Azure user that completed onboarding can login and use the OracleDB for Azure portal to deploy and provision databases for use in their Azure environment. Before other Azure users can log into OracleDB for Azure, an Azure administrator must either add Azure users or groups to the custom Azure Active Directory groups ODSA created during onboarding, or assign the OracleDB for Azure custom roles to Azure users or groups.
To onboard an Azure tenancy with OracleDB for Azure, the onboarding using must be assigned as an owner in Azure for each of the Azure subscriptions being linked to OracleDB for Azure. For help completing this step, see Assign a user as an administrator of an Azure subscription in the Azure documentation.
Instructions
The three sets of instructions provided below are for three slightly different sign up scenarios. You only need to complete one of the tasks listed below.
- Go to https://signup.multicloud.oracle.com/azure.
-
Log into your Azure account using the Microsoft account login dialog. You will be asked to grant Oracle the necessary Azure permissions required for the OracleDB for Azure sign up.
Read the Permissions requested information, then click Accept to grant the permissions and continue your sign up. If you choose not to grant the permissions, you will see the Permissions not provided screen that explains that your OracleDB for Azure subscription cannot be activated, and provides you with a Contact Support button in case you have questions about the sign up process.
- On the Welcome to Oracle Database Service for Azure page, read the information provided, then click Start fully automated configuration.
- Read the Permissions requested Azure dialog for the Oracle Database Service app in Azure and grant the app permissions by clicking Accept. These permissions are needed for the account linking and service configuration tasks that are done on your behalf during the fully-automated sign up.
- On the Select Azure subscriptions page, select the subscriptions you want linked to OCI through OracleDB for Azure. Pick one or more subscriptions from the displayed list, or use the search feature to find the subscriptions in your Azure account that you want to use and select subscriptions from the search results. After you have finished selecting your subscriptions, click Continue.
- On the Sign in to your Oracle Cloud account page, under Not an Oracle Cloud customer yet?, click Sign Up.
-
On the Sign-up information for Oracle Cloud account page, enter your account details
- Select your Country.
- Home region: Select a home region for your OCI cloud account. Choose a region that offers the Oracle Interconnect for Microsoft Azure. (See Oracle Database Service for Azure Regional Availability for a list of OracleDB for Azure regions.) Your home region contains your account information and identity resources. It cannot be changed after your tenancy is provisioned. You can subscribe to additional regions in OCI later if you want to use OracleDB for Azure in other regions. See Oracle Database Service for Azure Regional Availability in this documentation for a complete list of OCI regions that support OracleDB for Azure. See The Home Region for more information on OCI home regions.
- Cloud account name: Name your new OCI cloud account. The cloud account name is used to sign in to the OCI Console, and can be changed later.
- Create password: Enter a password for your OCI cloud account.
- Re-enter password: Re-enter your password.
- Enter your Contact information, including your mailing address and phone number.
-
Identity Verification:
- Click Add credit or debit card to provide card details in the Pay pop-up dialog.
- Click Credit Card to add your credit card details. Only credit cards and debit cards are accepted for account verification. Prepaid cards and virtual cards cannot be used.
- Click Finish to submit your card information. When the verification is complete, you can close the Pay dialog.
- Check the box indicating that you have read and agreed to the terms of the Oracle Customer Agreement and Linking Azure and Oracle Cloud accounts documents. Click the link for each document to read it.
- Click Submit. The automated accounting linking process begins and usually takes 3-5 minutes to complete.
What's next?
After the automated service configuration is complete, you will be directed to the OracleDB for Azure portal. You can now assign additional Azure users to the OracleDB for Azure user groups. Assigned users can begin provisioning Oracle Databases.
These instructions apply to users starting a sign up on the Oracle for Azure website. See Preparation and Prerequisites for OracleDB for Azure before starting your sign up.
To use OracleDB for Azure with an existing OCI account, the home region of the OCI account must be a region with the Oracle Interconnect for Microsoft Azure.
If you do not have an OCI account, use the instructions in To sign up for OracleDB for Azure without an existing OCI account (fully automated configuration).
See Preparation and Prerequisites for OracleDB for Azure before starting your sign up.
- Go to https://signup.multicloud.oracle.com/azure.
-
Log into your Azure account using the Microsoft account login dialog. You will be asked to grant Oracle the necessary Azure permissions required for the OracleDB for Azure sign up.
Read the Permissions requested information, then click Accept to grant the permissions and continue your sign up. If you choose not to grant the permissions, you will see the Permissions not provided screen that explains that your OracleDB for Azure subscription cannot be activated, and provides you with a Contact Support button in case you have questions about the sign up process.
- On the Welcome to Oracle Database Service for Azure page, read the information provided, then click Start fully automated configuration.
- Read the Permissions requested Azure dialog for the Oracle Database Service app in Azure and grant the app permissions by clicking Accept. These permissions are needed for the account linking and service configuration tasks that are done on your behalf during the fully-automated sign up.
- On the Select Azure subscriptions page, select the subscriptions you want linked to OCI through OracleDB for Azure. Pick one or more subscriptions from the displayed list, or use the search feature to find the subscriptions in your Azure account that you want to use and select subscriptions from the search results. After you have finished selecting your subscriptions, click Continue.
-
On the Sign in to your Oracle Cloud account page, enter your Oracle Cloud account name.
- Read and agree to the terms of the Linking Azure and Oracle Cloud accounts document. Click the link for the document to read it, then check the box beside the link to agree to the terms.
- Click Continue.
-
On the Oracle Cloud Account Sign In page, enter your OCI User Name and Password, then click Sign in.
- Select Region: Select the primary region where you will deploy OracleDB for Azure databases and resources. See Oracle Database Service for Azure Regional Availability in this documentation for a complete list of OCI regions that support OracleDB for Azure.
- Click Continue. The automated accounting linking process begins and usually takes 3-5 minutes to complete.
If your sign up fails because your OCI and Azure accounts could not be linked, see Azure and Oracle Cloud Account Linking Fails (OCI Tenancies Without Identity Domains).
What's next?
After the automated service configuration is complete, you will be directed to the OracleDB for Azure portal. You can now assign additional Azure users to the OracleDB for Azure user groups. Assigned users can begin provisioning Oracle Databases.
These instructions are for customers working with Oracle Sales who have received the Please activate your Oracle for Azure subscription email.
- Open the Please activate your Oracle for Azure subscription email from Oracle and click the Activate link in the email to begin your sign up.
-
Log into your Azure account using the Microsoft account login dialog. You will be asked to grant Oracle the necessary Azure permissions required for the OracleDB for Azure sign up.
Read the Permissions requested information, then click Accept to grant the permissions and continue your sign up. If you choose not to grant the permissions, you will see the Permissions not provided screen that explains that your OracleDB for Azure subscription cannot be activated, and provides you with a Contact Support button in case you have questions about the sign up process.
- On the Welcome to Oracle Database Service for Azure page, read the information provided, then click Start fully automated configuration.
- Read the Permissions requested Azure dialog for the Oracle Database Service app in Azure and grant the app permissions by clicking Accept. These permissions are needed for the account linking and service configuration tasks that are done on your behalf during the fully-automated sign up.
- On the Select Azure subscriptions page, select the subscriptions you want linked to OCI through OracleDB for Azure. Pick one or more subscriptions from the displayed list, or use the search feature to find the subscriptions in your Azure account that you want to use and select subscriptions from the search results. After you have finished selecting your subscriptions, click Continue to begin creating your OCI account.
-
On the Create Oracle Cloud account page, enter the following:
- Cloud account name: Name your new OCI cloud account. The cloud account name is used to sign in to the OCI Console, and can be changed later.
- Home region: Select a home region for your OCI cloud account. Choose a region that offers the Oracle Interconnect for Microsoft Azure. (See Oracle Database Service for Azure Regional Availability for a list of OracleDB for Azure regions.) Your home region contains your account information and identity resources. It cannot be changed after your tenancy is provisioned. You can subscribe to additional regions in OCI later if you want to use OracleDB for Azure in other regions. See Oracle Database Service for Azure Regional Availability in this documentation for a complete list of OCI regions that support OracleDB for Azure. See The Home Region for more information on OCI home regions.
- Check the box indicating that you have read and agreed to the terms of the Oracle Customer Agreement and Linking Azure and Oracle Cloud accounts documents. Click the link for each document to read it.
- Click Submit. The automated accounting linking process begins and usually takes 3-5 minutes to complete.
What's next?
After the automated service configuration is complete, you will be directed to the OracleDB for Azure portal. You can now assign additional Azure users to the OracleDB for Azure user groups. Assigned users can begin provisioning Oracle Databases.