Amazon RDS Oracle

Prerequisites

• Oracle database version is 12c and above.

• Redo Log replication is enabled, if Pipeline mode is Redo Log.

• Hevo’s IP addresses are whitelisted. The database user must have CREATE/MANAGE SECURITY GROUPS privileges in Amazon RDS to do this.

• SELECT privileges are granted to the database user.

• Database hostname and port number of the Source instance are available.

• You are assigned the Team Administrator, Team Collaborator, or Pipeline Administrator role in Hevo, to create the Pipeline.

Perform the following steps to configure your Amazon RDS Oracle Source:

Set up Redo Logs for Replication

A redo log is a collection of log files that record information about modifications made to data objects on an Oracle server instance. Oracle LogMiner uses redo logs to track these modifications and determine the rows requiring updates in the Destination system.

To set up redo logs for replication, connect to your Oracle server and perform the following steps:

1. Enable ARCHIVE log mode

You need to enable archiving for redo logs.

To do this:

1. Check the current log mode. This should be ARCHIVELOG.

   SELECT LOG_MODE FROM "V$DATABASE";
   

2. Enable ARCHIVELOG mode if the current log mode is NOARCHIVELOG.

   BEGIN
   rdsadmin.rdsadmin_util.set_configuration('archivelog retention hours', 72);
   END;
   

   Note: The minimum value for archivelog retention hours is 72. The archive log retention must be 72 hours at a minimum. This avoids any data loss that may occur due to downtimes in the Source database.

2. Enable supplemental logging

Supplemental logging ensures that the Oracle server logs all the columns of every changed Event.

1. Check if supplemental logging is enabled:

   SELECT SUPPLEMENTAL_LOG_DATA_MIN FROM "V$DATABASE";
   

   This returns either of the following values:

   • YES: Represents that the supplemental logging is enabled.

   • IMPLICIT: Represents that the supplemental logging is disabled.

2. If the value returned in the previous step is IMPLICIT, enable supplemental logging of primary key columns :

   BEGIN
   rdsadmin.rdsadmin_util.alter_supplemental_logging('ADD','ALL');
   END;
   

3. Optionally, if you’re using Oracle 12, grant the following permission:

   GRANT LOGMINING TO "<user_name>";
   

Whitelist Hevo’s IP Addresses

You need to whitelist the Hevo IP address for your region to enable Hevo to connect to your Amazon RDS Oracle database. You can do this by creating a VPC security group and adding inbound and outbound access rules for the Hevo IP addresses. A VPC group controls access to the database instances and virtual server instances inside a VPC. To do this:

1. Create a VPC security group

1. Access the Amazon RDS console..

2. In the left navigation pane, under Dashboard, select Databases (or Instances if you are using an older version).

3. In the Databases section on the right, select the read replica or master database instance that you want to connect.

   

4. In the Connectivity & Security tab, click the hyperlink under Security, VPC security groups.

   

5. In the Security Groups page, click Create security group.

   You can also click on an existing group, which you have used for other database instances, and modify it (or use the Security group selected by Default).

   

6. In the Create security group page, specify the following:

   • Security group name: An appropriate name for the security group.

   • Description: A brief description of the security group.

   • VPC ID: A unique identifier for the VPC.

2. Add inbound rules

In the Inbound Rules section:

1. Click Add Rule and specify the following:

   • Port range: The port of your Amazon RDS Oracle instance. For example, 1521.

   • Source: Select Custom from the drop-down and enter Hevo’s IP addresses for your region.

2. Click Save rule.

3. Add more rules for all the Hevo IPs you want to whitelist.

Create a Database User and Grant Privileges

You can log in to Oracle as a masteruser or create a new database user for Hevo.

1. Create a database user (optional)

CREATE USER "hevo" IDENTIFIED BY "password";
GRANT CONNECT, CREATE SESSION TO "hevo";

2. Grant privileges to the user

The database user you specify in the Hevo Pipeline must have the SELECT privilege.

To assign this privilege, log in to Oracle as a masteruser or a user with GRANT privilege and enter the following commands:

• Grant SELECT privilege to all or specific tables:

  # Grant access to all tables
  GRANT SELECT ANY TABLE TO "hevo";
  
  # Grant access to specific tables
  GRANT SELECT ON "<schema>"."<table>" TO "hevo";
  

• Optionally, if you are using Redo Logs as the Pipeline mode, grant access to Oracle LogMiner:

  GRANT SELECT ON SYS.V_$DATABASE TO "hevo";
  GRANT SELECT ON SYS.V_$ARCHIVED_LOG TO "hevo";
  GRANT SELECT ON SYS.V_$LOGMNR_CONTENTS TO "hevo";
  GRANT EXECUTE ON DBMS_LOGMNR TO "hevo";
  GRANT EXECUTE ON DBMS_LOGMNR_D TO "hevo";
  

Now you can try connecting to Oracle using Redo Logs pipeline mode, with the user configured in the above steps.

Retrieve the Hostname, Service ID, and Port Number

Note: The RDS hostnames start with your database name and end with rds.amazonaws.com.
For example:
Host: oracle-database-1.xxxxxxxxx.rds.amazonaws.com Service ID: ORCL
Port: 1521

1. In the left navigation pane of the Amazon RDS console, click Databases (or Instances if you are using an older version).

2. In the Databases section on the right, click the DB identifier of the Amazon RDS Oracle instance.

   

3. Click the Connectivity & Security tab, and copy the values under Endpoint and Port as the hostname and port number. You will specify these while creating your Hevo Pipeline.

   

4. Click the Configuration tab, and copy the value under DB name. You will use this DB name as the Service Name while creating your Pipeline.