2.3.1 Downloading dump with PAR URL
This topic describes about downloading dump using PAR URL.
User can get an initial dump before proceeding with the database import.
- Pre-authenticated Request (PAR) URL received from OBCS SaaS for the dump files in Object Storage.
- Decrypt the Cipher text DEK: User can perform the Decrypt Cipher text
DEK using the same Vault and Key as follows:
- The tenant uses the same vault and master encryption key to decrypt the cipher text DEK.
- The API returns the plain text DEK.
- The source code for Decrypt Data Using Cipher text are as
follows:
filename: oci-vault-dek-request-sdk-ciphertext-decrypt.py # This is an automatically generated code sample. # To make this code sample work in your Oracle Cloud tenancy, # please replace the values for any parameters whose current values do not fit # your use case (such as resource IDs, strings containing ‘EXAMPLE’ or ‘unique_id’, and # boolean, number, and enum parameters with values not fitting your use case). import oci # Create a default config using DEFAULT profile in default location # Refer to https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm #SDK_and_CLI_Configuration_File# For more info config = oci.config.from_file(file_location="~/.oci/config") service_endpoint = "<replace with Cryptographic Endpoint of Vault from Customer's tenancy>" # Initialize service client with default config file key_management_client = oci.key_management.KmsCryptoClient ( config, service_endpoint=service_endpoint) # Send the request to service, some parameters are not required, see API # doc for more info decrypt_response = key_management_client.decrypt( decrypt_data_details=oci.key_management.models.DecryptDataDetai ls( ciphertext="QZGCZ05MM9VlAOrKPXL9r<----readacted--->lAC5NhEcQgeFslxpPBPI89WCIeJ1LcarYZlKJgAAAAA=", key_id="<replace with key OCID of Master Encryption Key in the Vault from Customer's tenancy>", encryption_algorithm="AES_256_GCM")) # Get the data from response print(decrypt_response.data)
- Exporting initial seed data set: For performing this action, users should check
for the following:
- Oracle Data Pump version 19.9 or later
- tnsnames.ora
- Policies to access Customer OCI Vault
- Decrypt Cipher text DEK using SDK/API/OCI CLI - Decrypt
Cipher text DEK - Customer's will be shared with Cipher text DEK in the
PAR URL.
Note:
Customers will be shared with a PAR URL to the Exported DMP files on object storage. The user can download the DMP files and run impdp to import to their target ATP.
Follow the steps below to execute:
- Connect to Target ATP.
- Create a directory to store the dump files containing the exported
data.
Create a directory
CREATE DIRECTORY data_export_dir as 'data_export';Run Data Pump Import with the dump file parameter set to the list of file URLs on your Cloud Object Storage. The Data Pump supports using an Oracle Cloud Infrastructure Object Storage pre-authenticated URL for the dump file parameter.Note:
- If a user provides a pre-authenticated URL, the credential parameter is required, and impdp ignores it.
- If a user employs a pre-authenticated URL for the dump file, then user may utilize a NULL value for the credential in the subsequent step.
IMPDP
impdp admin/<replace with ADMIN password>@<replace
with atp instance name service name - high> \ directory=data_export_dir \
credential=NULL \ dumpfile=<PRE_AUTHENTICATED_OBJECT_STORAGE_URL> \ parallel=16 \
ENCRYPTION_PASSWORD=\"<use the plaintext DEK generated in prerequisite step>\" \
exclude=cluster,indextype,db_linkNote:
PRE_AUTHENTICATED_OBJECT_STORAGE_URL - Seed Data PAR URL from Data Export Status screen.The working use case is
depicted in the image below:
Figure 2-28 Working Use Case
Parent topic: Import Data from Object Storage