Amazon RDS Oracle
On This Page
Amazon RDS for Oracle is a fully managed commercial database that makes it easy to set up, operate, and scale Oracle deployments in the cloud. Amazon RDS frees you up to focus on innovation and application development by managing time-consuming database administration tasks including provisioning, backups, software patching, monitoring, and hardware scaling.
Refer to Oracle on Amazon RDS for the supported Oracle database versions.
Oracle database version is 12c and above.
Redo Log replication is enabled, if Pipeline mode is Redo Log.
Hevo’s IP addresses are whitelisted. The database user must have
CREATE/MANAGE SECURITY GROUPSprivileges in Amazon RDS to do this.
Perform the following steps to configure your Amazon RDS Oracle Source:
Set up Redo Logs for Replication
A redo log is a collection of log files that record information about modifications made to data objects on an Oracle server instance. Oracle LogMiner uses redo logs to track these modifications and determine the rows requiring updates in the Destination system.
To set up redo logs for replication, connect to your Oracle server and perform the following steps:
ARCHIVE log mode
You need to enable archiving for redo logs.
To do this:
Check the current log mode. This should be
SELECT LOG_MODE FROM "V$DATABASE";
ARCHIVELOGmode if the current log mode is
BEGIN rdsadmin.rdsadmin_util.set_configuration('archivelog retention hours', 72); END;
Note: The minimum value for
archivelog retention hoursis 72. The archive log retention must be 72 hours at a minimum. This avoids any data loss that may occur due to downtimes in the Source database.
2. Enable supplemental logging
Supplemental logging ensures that the Oracle server logs all the columns of every changed Event.
Check if supplemental logging is enabled:
SELECT SUPPLEMENTAL_LOG_DATA_MIN FROM "V$DATABASE"
This returns either of the following values:
YES: Represents that the supplemental logging is enabled.
IMPLICIT: Represents that the supplemental logging is disabled.
If the value returned in the previous step is
IMPLICIT, enable supplemental logging of primary key columns :
BEGIN rdsadmin.rdsadmin_util.alter_supplemental_logging('ADD','ALL'); END;
Optionally, if you’re using Oracle 12, grant the following permission:
GRANT LOGMINING TO "<user_name>";
Whitelist Hevo’s IP Addresses
You need to whitelist the Hevo IP address for your region to enable Hevo to connect to your Amazon RDS Oracle database. You can do this by creating a VPC security group and adding inbound and outbound access rules for the Hevo IP addresses. A VPC group controls access to the database instances and virtual server instances inside a VPC. To do this:
1. Create a VPC security group
Access the Amazon RDS console..
In the left navigation pane, under Dashboard, select Databases (or Instances if you are using an older version).
In the Databases section on the right, select the read replica or master database instance that you want to connect.
In the Connectivity & Security tab, click the hyperlink under Security, VPC security groups.
In the Security Groups page, click Create security group.
You can also click on an existing group, which you have used for other database instances, and modify it (or use the Security group selected by Default).
In the Create security group page, specify the following:
Security group name: An appropriate name for the security group.
Description: A brief description of the security group.
VPC ID: A unique identifier for the VPC.
2. Add inbound rules
In the Inbound Rules section:
Click Add Rule and specify the following:
Port range: The port of your Amazon RDS Oracle instance. For example, 1521.
Source: Select Custom from the drop-down and enter Hevo’s IP addresses for your region.
Click Save rule.
Add more rules for all the Hevo IPs you want to whitelist.
Create a Database User and Grant Privileges
You can log in to Oracle as a
masteruser or create a new database user for Hevo.
1. Create a database user (optional)
If a database user does not exist already, create a database user by logging in to Oracle as a
masteruser and entering the following commands:
CREATE USER "hevo" IDENTIFIED BY "password"; GRANT CONNECT, CREATE SESSION TO "hevo";
2. Grant privileges to the user
The database user you specify in the Hevo Pipeline must have the
To assign this privilege, log in to Oracle as a
masteruser or a user with
GRANT privilege and enter the following commands:
Grant SELECT privilege to all or specific tables:
# Grant access to all tables GRANT SELECT ANY TABLE TO hevo; # Grant access to specific tables GRANT SELECT ON "<schema>"."<table>" TO hevo;
Optionally, if you are using Redo Logs as the Pipeline mode, grant access to Oracle LogMiner:
GRANT SELECT ON SYS.V_$DATABASE TO hevo; GRANT SELECT ON SYS.V_$ARCHIVED_LOG TO hevo; GRANT SELECT ON SYS.V_$LOGMNR_CONTENTS TO hevo; GRANT EXECUTE ON DBMS_LOGMNR TO hevo; GRANT EXECUTE ON DBMS_LOGMNR_D TO hevo;
Now you can try connecting to Oracle using Redo Logs pipeline mode, with the user configured in the above steps.
Retrieve the Hostname, Service ID, and Port Number
Note: The RDS hostnames start with your database name and end with rds.amazonaws.com.
Host: oracle-database-1.xxxxxxxxx.rds.amazonaws.com Service ID: ORCL
In the left navigation pane of the Amazon RDS console, click Databases (or Instances if you are using an older version).
In the Databases section on the right, click the DB identifier of the Amazon RDS Oracle instance.
Click the Connectivity & Security tab, and copy the values under Endpoint and Port as the hostname and port number. You will specify these while creating your Hevo Pipeline.
Click the Configuration tab, and copy the value under DB name. You will use this DB name as the Service Name while creating your Pipeline.
Hevo does not support the flashback method to track incremental updates.
Redo Log does not support user-defined data types. Therefore, fields with such data types are not captured in the log and are lost.
- Connecting Through Reverse SSH Tunnel
- Oracle User-Defined Types
- Redo Log
- Pipeline failure due to Redo Log expiry
Refer to the following table for the list of key updates made to this page:
|Date||Release||Description of Change|
|Feb-07-2022||1.81||Updated section, Whitelist Hevo’s IP Address to remove details about Outbound rules as they are not required.|
|Dec-06-2021||1.77||Added a See Also link to the Pipeline failure due to Redo Log expiry page.|
|Nov-22-2021||NA||Updated the Limitations section.|
|Mar-09-2021||1.58||Added section Retrieve the Hostname, Service ID, and Port Number.|