oracle.oci.oci_database_database_actions – Perform actions on a Database resource in Oracle Cloud Infrastructure

Note

This plugin is part of the oracle.oci collection (version 4.11.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install oracle.oci.

To use it in a playbook, specify: oracle.oci.oci_database_database_actions.

New in version 2.9.0: of oracle.oci

Synopsis

  • Perform actions on a Database resource in Oracle Cloud Infrastructure

  • For action=disable_database_management, disables the Database Management service for the database.

  • For action=enable_database_management, enables the Database Management service for an Oracle Database located in Oracle Cloud Infrastructure. This service allows the database to access tools including Metrics and Performance hub. Database Management is enabled at the container database (CDB) level.

  • For action=migrate_vault_key, changes encryption key management from customer-managed, using the Vault service, to Oracle-managed.

  • For action=modify_database_management, updates one or more attributes of the Database Management service for the database.

  • For action=restore, restore a Database based on the request parameters you provide.

  • For action=rotate_vault_key, creates a new version of an existing Vault service key.

  • For action=upgrade, upgrades the specified Oracle Database instance.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter Choices/Defaults Comments
action
string / required
    Choices:
  • disable_database_management
  • enable_database_management
  • migrate_vault_key
  • modify_database_management
  • restore
  • rotate_vault_key
  • precheck
  • upgrade
  • rollback
The action to perform on the Database.
admin_password
string
The existing admin password of the database.
Applicable only for action=migrate_vault_key.
api_user
string
The OCID of the user, on whose behalf, OCI APIs are invoked. If not set, then the value of the OCI_USER_ID environment variable, if any, is used. This option is required if the user is not specified through a configuration file (See config_file_location). To get the user's OCID, please refer https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm.
api_user_fingerprint
string
Fingerprint for the key pair being used. If not set, then the value of the OCI_USER_FINGERPRINT environment variable, if any, is used. This option is required if the key fingerprint is not specified through a configuration file (See config_file_location). To get the key pair's fingerprint value please refer https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm.
api_user_key_file
string
Full path and filename of the private key (in PEM format). If not set, then the value of the OCI_USER_KEY_FILE variable, if any, is used. This option is required if the private key is not specified through a configuration file (See config_file_location). If the key is encrypted with a pass-phrase, the api_user_key_pass_phrase option must also be provided.
api_user_key_pass_phrase
string
Passphrase used by the key referenced in api_user_key_file, if it is encrypted. If not set, then the value of the OCI_USER_KEY_PASS_PHRASE variable, if any, is used. This option is required if the key passphrase is not specified through a configuration file (See config_file_location).
auth_purpose
string
    Choices:
  • service_principal
The auth purpose which can be used in conjunction with 'auth_type=instance_principal'. The default auth_purpose for instance_principal is None.
auth_type
string
    Choices:
  • api_key ←
  • instance_principal
  • instance_obo_user
  • resource_principal
The type of authentication to use for making API requests. By default auth_type="api_key" based authentication is performed and the API key (see api_user_key_file) in your config file will be used. If this 'auth_type' module option is not specified, the value of the OCI_ANSIBLE_AUTH_TYPE, if any, is used. Use auth_type="instance_principal" to use instance principal based authentication when running ansible playbooks within an OCI compute instance.
cert_bundle
string
The full path to a CA certificate bundle to be used for SSL verification. This will override the default CA certificate bundle. If not set, then the value of the OCI_ANSIBLE_CERT_BUNDLE variable, if any, is used.
config_file_location
string
Path to configuration file. If not set then the value of the OCI_CONFIG_FILE environment variable, if any, is used. Otherwise, defaults to ~/.oci/config.
config_profile_name
string
The profile to load from the config file referenced by config_file_location. If not set, then the value of the OCI_CONFIG_PROFILE environment variable, if any, is used. Otherwise, defaults to the "DEFAULT" profile in config_file_location.
credential_details
dictionary
Required for action=enable_database_management.
password_secret_id
string / required
The OCID of the Oracle Cloud Infrastructure secret.
user_name
string / required
The name of the Oracle Database user that will be used to connect to the database.
database_id
string / required
The database OCID.

aliases: id
database_scn
string
Restores using the backup with the System Change Number (SCN) specified.
Applicable only for action=restore.
database_upgrade_source_details
dictionary
Applicable only for action=upgrade.
database_software_image_id
string
The database software image OCID of the image to be used to upgrade a database.
Required when source is 'DB_SOFTWARE_IMAGE'
db_home_id
string
The OCID of the Database Home.
Required when source is 'DB_HOME'
db_version
string
A valid Oracle Database version. To get a list of supported versions, use the ListDbVersions operation.
Required when source is 'DB_VERSION'
options
string
Additional upgrade options supported by DBUA(Database Upgrade Assistant). Example: "-upgradeTimezone false -keepEvents"
source
string / required
    Choices:
  • DB_HOME
  • DB_SOFTWARE_IMAGE
  • DB_VERSION
The source of the Oracle Database software to be used for the upgrade. - Use `DB_HOME` to specify an existing Database Home to upgrade the database. The database is moved to the target Database Home and makes use of the Oracle Database software version of the target Database Home. - Use `DB_VERSION` to specify a generally-available Oracle Database software version to upgrade the database. - Use `DB_SOFTWARE_IMAGE` to specify a database software image to upgrade the database.
kms_key_id
string
The OCID of the key container that is used as the master encryption key in database transparent data encryption (TDE) operations.
Required for action=migrate_vault_key.
kms_key_version_id
string
The OCID of the key container version that is used in database transparent data encryption (TDE) operations KMS Key can have multiple key versions. If none is specified, the current key version (latest) of the Key Id is used for the operation.
Applicable only for action=migrate_vault_key.
latest
boolean
    Choices:
  • no
  • yes
Restores to the last known good state with the least possible data loss.
Applicable only for action=restore.
management_type
string
    Choices:
  • BASIC
  • ADVANCED
The Database Management type.
Applicable only for action=enable_database_managementaction=modify_database_management.
port
integer
The port used to connect to the database.
Applicable only for action=enable_database_managementaction=modify_database_management.
private_end_point_id
string
The OCID of the private endpoint.
Required for action=enable_database_management.
protocol
string
    Choices:
  • TCP
  • TCPS
Protocol used by the database connection.
Applicable only for action=enable_database_managementaction=modify_database_management.
region
string
The Oracle Cloud Infrastructure region to use for all OCI API requests. If not set, then the value of the OCI_REGION variable, if any, is used. This option is required if the region is not specified through a configuration file (See config_file_location). Please refer to https://docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/regions.htm for more information on OCI regions.
role
string
    Choices:
  • SYSDBA
  • NORMAL
The role of the user that will be connecting to the database.
Applicable only for action=enable_database_managementaction=modify_database_management.
service_name
string
The name of the Oracle Database service that will be used to connect to the database.
Required for action=enable_database_management.
ssl_secret_id
string
The OCID of the Oracle Cloud Infrastructure secret.
Applicable only for action=enable_database_managementaction=modify_database_management.
tde_wallet_password
string
The existing TDE wallet password of the database.
Applicable only for action=migrate_vault_key.
tenancy
string
OCID of your tenancy. If not set, then the value of the OCI_TENANCY variable, if any, is used. This option is required if the tenancy OCID is not specified through a configuration file (See config_file_location). To get the tenancy OCID, please refer https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm
timestamp
string
Restores to the timestamp specified.
Applicable only for action=restore.
vault_id
string
The OCID of the Oracle Cloud Infrastructure vault.
Applicable only for action=migrate_vault_key.
wait
boolean
    Choices:
  • no
  • yes ←
Whether to wait for create or delete operation to complete.
wait_timeout
integer
Time, in seconds, to wait when wait=yes. Defaults to 1200 for most of the services but some services might have a longer wait timeout.

Examples

- name: Perform action disable_database_management on database
  oci_database_database_actions:
    # required
    database_id: "ocid1.database.oc1..xxxxxxEXAMPLExxxxxx"
    action: disable_database_management

- name: Perform action enable_database_management on database
  oci_database_database_actions:
    # required
    credential_details:
      # required
      user_name: user_name_example
      password_secret_id: "ocid1.passwordsecret.oc1..xxxxxxEXAMPLExxxxxx"
    private_end_point_id: "ocid1.privateendpoint.oc1..xxxxxxEXAMPLExxxxxx"
    service_name: service_name_example
    database_id: "ocid1.database.oc1..xxxxxxEXAMPLExxxxxx"
    action: enable_database_management

    # optional
    management_type: BASIC
    protocol: TCP
    port: 56
    ssl_secret_id: "ocid1.sslsecret.oc1..xxxxxxEXAMPLExxxxxx"
    role: SYSDBA

- name: Perform action migrate_vault_key on database
  oci_database_database_actions:
    # required
    kms_key_id: "ocid1.kmskey.oc1..xxxxxxEXAMPLExxxxxx"
    database_id: "ocid1.database.oc1..xxxxxxEXAMPLExxxxxx"
    action: migrate_vault_key

    # optional
    kms_key_version_id: "ocid1.kmskeyversion.oc1..xxxxxxEXAMPLExxxxxx"
    vault_id: "ocid1.vault.oc1..xxxxxxEXAMPLExxxxxx"
    tde_wallet_password: example-password
    admin_password: example-password

- name: Perform action modify_database_management on database
  oci_database_database_actions:
    # required
    database_id: "ocid1.database.oc1..xxxxxxEXAMPLExxxxxx"
    action: modify_database_management

    # optional
    credential_details:
      # required
      user_name: user_name_example
      password_secret_id: "ocid1.passwordsecret.oc1..xxxxxxEXAMPLExxxxxx"
    private_end_point_id: "ocid1.privateendpoint.oc1..xxxxxxEXAMPLExxxxxx"
    management_type: BASIC
    service_name: service_name_example
    protocol: TCP
    port: 56
    ssl_secret_id: "ocid1.sslsecret.oc1..xxxxxxEXAMPLExxxxxx"
    role: SYSDBA

- name: Perform action restore on database
  oci_database_database_actions:
    # required
    database_id: "ocid1.database.oc1..xxxxxxEXAMPLExxxxxx"
    action: restore

    # optional
    database_scn: database_scn_example
    timestamp: timestamp_example
    latest: true

- name: Perform action rotate_vault_key on database
  oci_database_database_actions:
    # required
    database_id: "ocid1.database.oc1..xxxxxxEXAMPLExxxxxx"
    action: rotate_vault_key

- name: Perform action precheck on database
  oci_database_database_actions:
    # required
    database_id: "ocid1.database.oc1..xxxxxxEXAMPLExxxxxx"
    action: PRECHECK

    # optional
    database_upgrade_source_details:
      # required
      db_home_id: "ocid1.dbhome.oc1..xxxxxxEXAMPLExxxxxx"
      source: DB_HOME

      # optional
      options: options_example

- name: Perform action upgrade on database
  oci_database_database_actions:
    # required
    database_id: "ocid1.database.oc1..xxxxxxEXAMPLExxxxxx"
    action: PRECHECK

    # optional
    database_upgrade_source_details:
      # required
      db_home_id: "ocid1.dbhome.oc1..xxxxxxEXAMPLExxxxxx"
      source: DB_HOME

      # optional
      options: options_example

- name: Perform action rollback on database
  oci_database_database_actions:
    # required
    database_id: "ocid1.database.oc1..xxxxxxEXAMPLExxxxxx"
    action: PRECHECK

    # optional
    database_upgrade_source_details:
      # required
      db_home_id: "ocid1.dbhome.oc1..xxxxxxEXAMPLExxxxxx"
      source: DB_HOME

      # optional
      options: options_example

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
database
complex
on success
Details of the Database resource acted upon by the current operation

Sample:
{'character_set': 'character_set_example', 'compartment_id': 'ocid1.compartment.oc1..xxxxxxEXAMPLExxxxxx', 'connection_strings': {'all_connection_strings': {}, 'cdb_default': 'cdb_default_example', 'cdb_ip_default': 'cdb_ip_default_example'}, 'database_management_config': {'management_status': 'ENABLING', 'management_type': 'BASIC'}, 'database_software_image_id': 'ocid1.databasesoftwareimage.oc1..xxxxxxEXAMPLExxxxxx', 'db_backup_config': {'auto_backup_enabled': True, 'auto_backup_window': 'SLOT_ONE', 'backup_destination_details': [{'id': 'ocid1.resource.oc1..xxxxxxEXAMPLExxxxxx', 'internet_proxy': 'internet_proxy_example', 'type': 'NFS', 'vpc_password': 'example-password', 'vpc_user': 'vpc_user_example'}], 'recovery_window_in_days': 56}, 'db_home_id': 'ocid1.dbhome.oc1..xxxxxxEXAMPLExxxxxx', 'db_name': 'db_name_example', 'db_system_id': 'ocid1.dbsystem.oc1..xxxxxxEXAMPLExxxxxx', 'db_unique_name': 'db_unique_name_example', 'db_workload': 'db_workload_example', 'defined_tags': {'Operations': {'CostCenter': 'US'}}, 'freeform_tags': {'Department': 'Finance'}, 'id': 'ocid1.resource.oc1..xxxxxxEXAMPLExxxxxx', 'is_cdb': True, 'kms_key_id': 'ocid1.kmskey.oc1..xxxxxxEXAMPLExxxxxx', 'kms_key_version_id': 'ocid1.kmskeyversion.oc1..xxxxxxEXAMPLExxxxxx', 'last_backup_timestamp': '2013-10-20T19:20:30+01:00', 'lifecycle_details': 'lifecycle_details_example', 'lifecycle_state': 'PROVISIONING', 'ncharacter_set': 'ncharacter_set_example', 'pdb_name': 'pdb_name_example', 'sid_prefix': 'sid_prefix_example', 'source_database_point_in_time_recovery_timestamp': '2013-10-20T19:20:30+01:00', 'time_created': '2013-10-20T19:20:30+01:00', 'vault_id': 'ocid1.vault.oc1..xxxxxxEXAMPLExxxxxx', 'vm_cluster_id': 'ocid1.vmcluster.oc1..xxxxxxEXAMPLExxxxxx'}
 
character_set
string
on success
The character set for the database.

Sample:
character_set_example
 
compartment_id
string
on success
The OCID of the compartment.

Sample:
ocid1.compartment.oc1..xxxxxxEXAMPLExxxxxx
 
connection_strings
complex
on success
The Connection strings used to connect to the Oracle Database.

   
all_connection_strings
dictionary
on success
All connection strings to use to connect to the Database.

   
cdb_default
string
on success
Host name based CDB Connection String.

Sample:
cdb_default_example
   
cdb_ip_default
string
on success
IP based CDB Connection String.

Sample:
cdb_ip_default_example
 
database_management_config
complex
on success

   
management_status
string
on success
The status of the Database Management service.

Sample:
ENABLING
   
management_type
string
on success
The Database Management type.

Sample:
BASIC
 
database_software_image_id
string
on success
The database software image OCID

Sample:
ocid1.databasesoftwareimage.oc1..xxxxxxEXAMPLExxxxxx
 
db_backup_config
complex
on success

   
auto_backup_enabled
boolean
on success
If set to true, configures automatic backups. If you previously used RMAN or dbcli to configure backups and then you switch to using the Console or the API for backups, a new backup configuration is created and associated with your database. This means that you can no longer rely on your previously configured unmanaged backups to work.

Sample:
True
   
auto_backup_window
string
on success
Time window selected for initiating automatic backup for the database system. There are twelve available two-hour time windows. If no option is selected, a start time between 12:00 AM to 7:00 AM in the region of the database is automatically chosen. For example, if the user selects SLOT_TWO from the enum list, the automatic backup job will start in between 2:00 AM (inclusive) to 4:00 AM (exclusive).
Example: `SLOT_TWO`

Sample:
SLOT_ONE
   
backup_destination_details
complex
on success
Backup destination details.

     
id
string
on success
The OCID of the backup destination.

Sample:
ocid1.resource.oc1..xxxxxxEXAMPLExxxxxx
     
internet_proxy
string
on success
Proxy URL to connect to object store.

Sample:
internet_proxy_example
     
type
string
on success
Type of the database backup destination.

Sample:
NFS
     
vpc_password
string
on success
For a RECOVERY_APPLIANCE backup destination, the password for the VPC user that is used to access the Recovery Appliance.

Sample:
example-password
     
vpc_user
string
on success
For a RECOVERY_APPLIANCE backup destination, the Virtual Private Catalog (VPC) user that is used to access the Recovery Appliance.

Sample:
vpc_user_example
   
recovery_window_in_days
integer
on success
Number of days between the current and the earliest point of recoverability covered by automatic backups. This value applies to automatic backups only. After a new automatic backup has been created, Oracle removes old automatic backups that are created before the window. When the value is updated, it is applied to all existing automatic backups.

Sample:
56
 
db_home_id
string
on success
The OCID of the Database Home.

Sample:
ocid1.dbhome.oc1..xxxxxxEXAMPLExxxxxx
 
db_name
string
on success
The database name.

Sample:
db_name_example
 
db_system_id
string
on success
The OCID of the DB system.

Sample:
ocid1.dbsystem.oc1..xxxxxxEXAMPLExxxxxx
 
db_unique_name
string
on success
A system-generated name for the database to ensure uniqueness within an Oracle Data Guard group (a primary database and its standby databases). The unique name cannot be changed.

Sample:
db_unique_name_example
 
db_workload
string
on success
The database workload type.

Sample:
db_workload_example
 
defined_tags
dictionary
on success
Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Sample:
{'Operations': {'CostCenter': 'US'}}
 
freeform_tags
dictionary
on success
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.
Example: `{"Department": "Finance"}`

Sample:
{'Department': 'Finance'}
 
id
string
on success
The OCID of the database.

Sample:
ocid1.resource.oc1..xxxxxxEXAMPLExxxxxx
 
is_cdb
boolean
on success
True if the database is a container database.

Sample:
True
 
kms_key_id
string
on success
The OCID of the key container that is used as the master encryption key in database transparent data encryption (TDE) operations.

Sample:
ocid1.kmskey.oc1..xxxxxxEXAMPLExxxxxx
 
kms_key_version_id
string
on success
The OCID of the key container version that is used in database transparent data encryption (TDE) operations KMS Key can have multiple key versions. If none is specified, the current key version (latest) of the Key Id is used for the operation.

Sample:
ocid1.kmskeyversion.oc1..xxxxxxEXAMPLExxxxxx
 
last_backup_timestamp
string
on success
The date and time when the latest database backup was created.

Sample:
2013-10-20T19:20:30+01:00
 
lifecycle_details
string
on success
Additional information about the current lifecycle state.

Sample:
lifecycle_details_example
 
lifecycle_state
string
on success
The current state of the database.

Sample:
PROVISIONING
 
ncharacter_set
string
on success
The national character set for the database.

Sample:
ncharacter_set_example
 
pdb_name
string
on success
The name of the pluggable database. The name must begin with an alphabetic character and can contain a maximum of thirty alphanumeric characters. Special characters are not permitted. Pluggable database should not be same as database name.

Sample:
pdb_name_example
 
sid_prefix
string
on success
Specifies a prefix for the `Oracle SID` of the database to be created.

Sample:
sid_prefix_example
 
source_database_point_in_time_recovery_timestamp
string
on success
Point in time recovery timeStamp of the source database at which cloned database system is cloned from the source database system, as described in RFC 3339

Sample:
2013-10-20T19:20:30+01:00
 
time_created
string
on success
The date and time the database was created.

Sample:
2013-10-20T19:20:30+01:00
 
vault_id
string
on success
The OCID of the Oracle Cloud Infrastructure vault.

Sample:
ocid1.vault.oc1..xxxxxxEXAMPLExxxxxx
 
vm_cluster_id
string
on success
The OCID of the VM cluster.

Sample:
ocid1.vmcluster.oc1..xxxxxxEXAMPLExxxxxx


Authors

  • Oracle (@oracle)