Merge branch 'main' into security-update-20240229

Author: AlexanderHodicke

app-dev/oke/atp-operator-nodejs/Dockerfile

@@ -4,16 +4,16 @@ WORKDIR /
 
 RUN apt-get update && apt-get install -y libaio1
 
-ENV LD_LIBRARY_PATH=/instantclient_21_7
+ENV LD_LIBRARY_PATH=/instantclient_23_3
 
 COPY ["package.json", "package-lock.json*", "./"]
 
 RUN npm install
 
 COPY . .
 
-RUN unzip instantclient-basic-linux.x64-21.7.0.0.0dbru.zip
+RUN unzip instantclient-basic-linux.x64-23.3.0.0.0.zip
 
-RUN rm -f instantclient-basic-linux.x64-21.7.0.0.0dbru.zip
+RUN rm -f instantclient-basic-linux.x64-23.3.0.0.0.zip
 
 CMD [ "node", "server.js" ]

app-dev/oke/atp-operator-nodejs/nodejs.yaml

@@ -26,7 +26,7 @@ spec:
         - containerPort: 3000
         volumeMounts:
             - name: secret-volume
-              mountPath: /instantclient_21_7/network/admin
+              mountPath: /instantclient_23_3/network/admin
         env:
           - name: ATP_PWD
             valueFrom:

app-dev/oke/atp-operator-nodejs/source/server.js

@@ -44,8 +44,9 @@ const app = express();
 const path = require('path');
 
 const password = process.env.ATP_PWD;
+console.log("atp password:" + password);
 
-oracledb.initOracleClient({ libDir: '/instantclient_21_7', configDir: '/instantclient_21_7/network/admin/' });
+oracledb.initOracleClient({ libDir: '/instantclient_23_3', configDir: '/instantclient_23_3/network/admin/' });
 
 async function init() {
   try {
@@ -59,25 +60,53 @@ async function init() {
     console.log('Connection pool started succesfully.'); 
   } catch (err) {
     console.error('init() error: ' + err.message);
+    console.log('priceadmin/atp_pwd');
   }
 }
 
 app.get('/', (req, res) => {
-  getDate().then((date) => {
-     console.log(date);
-     res.send(date);
+  getSodaDoc().then((json) => {
+     console.log(json);
+     res.send(json);
   });
 });
 
-async function getDate() {
+async function getSodaDoc() {
   let connection;
   try {
     // Get a connection from the default pool
     connection = await oracledb.getConnection();
-    const sql = `SELECT SYSDATE FROM DUAL`;
-    const result = await connection.execute(sql);
-    const date = result.rows[0];
-    return date;
+    const soda = connection.getSodaDatabase();
+    var collection = await soda.createCollection("hotel_reservations"); 
+    collection = await soda.openCollection("hotel_reservations");
+    const json = {
+        "reservation_id": "2",
+        "hotel_id": "123",
+        "room_id": "315",
+        "checkin_date": "2023-06-15",
+        "checkout_date": "2023-06-17",
+        "num_adults": 1,
+        "num_children": 0,
+        "guest_name": {
+            "first_name": "Ethan",
+            "last_name": "Lee"
+        },
+        "guest_contact_info": {
+            "email": "[email protected]",
+            "phone": "123-8106",
+            "address": {
+                "city": "Madrid",
+                "country": "Spain"
+            }
+        },
+        "total_cost": 350.00,
+        "payment_status": "paid"
+    }
+    var document = await collection.insertOneAndGet(json);
+    const key = document.key;
+    document = await collection.find().key(key).getOne() ;
+    const content = await document.getContent();
+    return content;
   } catch (err) {
     console.error(err);
   } finally {

cloud-architecture/oracle-apps-hyperion-siebel-gbu/gbu/construction-engineering/README.md

@@ -6,7 +6,7 @@ These resources aim to offer guidance throughout your migration, enabling you to
 
 Explore these materials to enhance your migration strategy. We appreciate your participation and are committed to supporting your cloud migration journey.
 
-Reviewed: 20.11.2023
+Reviewed: 7.2.2024
 
 # Table of Contents
 
@@ -22,6 +22,7 @@ The reusable assets available in this repository:
 
 # Useful Links
 
+- [Primavera 24 is now available for download. Read more about the latest release in the Documentation Library](https://docs.oracle.com/en/industries/construction-engineering/index.html)
 - [Oracle Construction and Engineering Applications documentation](https://docs.oracle.com/en/industries/construction-engineering/index.html)
 - [Oracle Construction and Engineering Applications Lifetime Support Policy](https://www.oracle.com/us/assets/lifetime-support-applications-069216.pdf)
 - [Oracle Primavera P6 EPPM Deployment Categories](https://docs.oracle.com/cd/F51302_01/English/Planning/p6_eppm_performance_sizing/index.htm)

cloud-architecture/oracle-apps-hyperion-siebel-gbu/gbu/construction-engineering/primavera-solution-definition/README.md

@@ -2,7 +2,7 @@
 
 This repository contains an in-depth guide for Oracle Primavera migration projects. It offers a high-level solution definition for migrating or establishing Primavera Workloads on Oracle Cloud Infrastructure (OCI). With a comprehensive representation of the current state, prospective state, potential project scope, and anticipated timeline, this document aims to provide a precise understanding of the project's scope and intention to all participating entities.
 
-Reviewed: 20.11.2023
+Reviewed: 27.2.2024
 
 # When to use this asset?
 

cloud-architecture/oracle-apps-hyperion-siebel-gbu/gbu/construction-engineering/primavera-solution-definition/files/primavera-solution-definition.docx

@@ -24,7 +24,7 @@ Version     | Author          | Date                    | Comment
 :---        |:---             |:---                     |:---
 0.1         | Name            | June 12th, 2023     | Updates to network design
 1.0         | Name            | June 13th, 2023     | Updates to HA design
-2.2         | Name            | October 25th, 2023     | Updates to Annex
+2.4         | Name            | February 26th, 2024     | Added the network firewall in the requirment, the solution considerations and in the Annex.
 
 ## Team
 
@@ -309,6 +309,19 @@ At the time of this document creation, no Security requirements have been specif
 
 *Capture the Non-Functional Requirements for networking-related topics. You can use the networking questions in the [Annex](#networking-requirement-considerations)*
 
+*As businesses increasingly rely on Cloud Infrastructure to store, process, and transmit sensitive data, the need for comprehensive security solutions has never been more important. Potential customers evaluating network security solutions typically prioritize the following requirements: Some of the broader category considerations are below.*
+
+- *Data Protection: Safeguarding sensitive information against unauthorized access, theft, or modification is a primary concern for any organization and industry today.*
+    - *Threat Prevention: Advanced capabilities like IDPS and malware detection for blocking threats.*
+    - *Data Loss Prevention (DLP): Monitoring and controlling sensitive data transmission.*
+    - *Encryption and Decryption: Inspecting encrypted traffic without compromising privacy.*
+- *Threat Prevention: Proactively identifying and mitigating security threats is essential for maintaining the integrity of network infrastructure. *
+    - *Intrusion Detection and Prevention: Monitoring for suspicious or malicious activity.*
+    - *Application Control: Granular control over specific applications or services.*
+    - *URL Filtering: Controlling access to permitted URLs.*
+- *Security compliance: Does your organization have network security requirements based on industry or organization compliance? For example - SAMA (Saudi Arabia Monetary Authority), HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation), SWIFT, etc.*
+
+
 *Example:*
 
 At the time of this document creation, no Networking requirements have been specified.
@@ -571,8 +584,7 @@ Please see our security guidelines in the [Annex](#security-guidelines).
 
 *Reference:*
 
-*A list of possible Oracle solutions can be found in the [Annex](#networking-solutions).*
-
+*If your customers have any or one of the needs described in the guide of the [Network Requirements](#networking-requirements), then the OCI Network Firewall (OCI NFW) is the cloud native solution that provides all of it. It is based on the industry-leading Nextgen firewall solution by Palo Alto (VM-Series). Refer to the Annex for more best practices around deployment models.*
 
 ### Operations (Optional)
 
@@ -660,7 +672,7 @@ Oracle Cloud Infrastructure (OCI) is designed to protect customer workloads with
 
 Cloud computing is fundamentally different from traditionally on-premises computing. In the traditional model, organizations are typically in full control of their technology infrastructure located on-premises (e.g., physical control of the hardware, and full control over the technology stack in production). In the cloud, organizations leverage resources and practices that are under the control of the cloud service provider, while still retaining some control and responsibility over other components of their IT solution. As a result, managing security and privacy in the cloud is often a shared responsibility between the cloud customer and the cloud service provider. The distribution of responsibilities between the cloud service provider and customer also varies based on the nature of the cloud service (IaaS, PaaS, SaaS).
 
-# Additional Resources
+## Additional Resources
 - [Oracle Cloud Compliance](https://www.oracle.com/corporate/cloud-compliance/) – Oracle is committed to helping customers operate globally in a fast-changing business environment and address the challenges of an ever more complex regulatory environment. This site is a primary reference for customers on Shared Management Model with Attestations and Advisories.
 - [Oracle Security Practices](https://www.oracle.com/corporate/security-practices/) – Oracle’s security practices are multidimensional, encompassing how the company develops and manages enterprise systems, and cloud and on-premises products and services.
 - [Oracle Cloud Security Practices](https://www.oracle.com/corporate/security-practices/cloud/) documents.
@@ -709,8 +721,20 @@ The below questions help to identify networking requirements.
 
 ## Security and Access Control
 
+<!--
 - Are you familiar with the concept of Next-Generation Firewalls (NGFW) and their benefits over traditional firewalls?
 - Have you considered the importance of protecting your web applications from potential cyber threats using a Web Application Firewall (WAF)?
+-->
+
+- Some of the below questions help you to adopt the right sizing and deployment model of the network firewall.
+    - Does the customer need to protect traffic from VCN to VCN? 
+    - Does the customer need to protect traffic from subnet to subnet in the same VCN?
+    - When deploying an OCI Network Firewall in a dedicated HUB or secure VCN, do you want to protect inter-VCN traffic and/or inter-subnet traffic from within the same VCN?
+    - Does the customer need to protect incoming or egressing traffic to the internet?
+    - Does the customer need to protect internal traffic (including on-premises via IPSEC/FC)?
+    - Is the network performance critical? 
+    - Does the customer have any requirement on network isolation (i.e., internet traffic never traverses or is mixed with internal traffic)? 
+- Have you considered the importance of protecting your web applications from potential cyber threats using a Web Application Firewall (WAF)?
 
 ## Monitoring and Troubleshooting
 

cloud-architecture/oracle-apps-hyperion-siebel-gbu/gbu/construction-engineering/primavera-solution-definition/files/primavera-solution-definition.md

@@ -2,7 +2,7 @@
 
 This repository contains an in-depth guide for Oracle Flexcube migration projects. It offers a high-level solution definition for migrating or establishing Flexcube Workloads on Oracle Cloud Infrastructure (OCI). With a comprehensive representation of the current state, prospective state, potential project scope, and anticipated timeline, this document aims to provide a precise understanding of the project's scope and intention to all participating entities.
 
-Reviewed: 20.11.2023
+Reviewed: 27.2.2024
 
 # When to use this asset?
 

cloud-architecture/oracle-apps-hyperion-siebel-gbu/gbu/financial-services/flexcube-solution-definition/README.md

@@ -18,7 +18,8 @@ Version     | Author          | Date                    | Comment
 :---        |:---             |:---                     |:---
 0.1         | Name            | June 12th, 2023     | Updates to network design
 1.0         | Name            | June 13th, 2023     | Updates to HA design
-2.2         | Name            | October 25th, 2023     | Updates to Annex
+2.4         | Name            | February 26th, 2024     | Added the network firewall in the requirement, the solution considerations and in the Annex.
+
 
 ## Team
 
@@ -355,10 +356,22 @@ At the time of this document creation, no Security requirements have been specif
 
 *Capture the Non-Functional Requirements for networking-related topics. You can use the networking questions in the [Annex](#networking-requirement-considerations)*
 
+*As businesses increasingly rely on Cloud Infrastructure to store, process, and transmit sensitive data, the need for comprehensive security solutions has never been more important. Potential customers evaluating network security solutions typically prioritize the following requirements: Some of the broader category considerations are below.*
+
+- *Data Protection: Safeguarding sensitive information against unauthorized access, theft, or modification is a primary concern for any organization and industry today.*
+    - *Threat Prevention: Advanced capabilities like IDPS and malware detection for blocking threats.*
+    - *Data Loss Prevention (DLP): Monitoring and controlling sensitive data transmission.*
+    - *Encryption and Decryption: Inspecting encrypted traffic without compromising privacy.*
+- *Threat Prevention: Proactively identifying and mitigating security threats is essential for maintaining the integrity of network infrastructure. *
+    - *Intrusion Detection and Prevention: Monitoring for suspicious or malicious activity.*
+    - *Application Control: Granular control over specific applications or services.*
+    - *URL Filtering: Controlling access to permitted URLs.*
+- *Security compliance: Does your organization have network security requirements based on industry or organization compliance? For example - SAMA (Saudi Arabia Monetary Authority), HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation), SWIFT, etc.*
+
+
 *Example:*
 
 At the time of this document creation, no Networking requirements have been specified.
-
 ### Integration and Interfaces (Optional)
 
 *Guide:*
@@ -615,7 +628,7 @@ Please see our security guidelines in the [Annex](#security-guidelines).
 
 *Reference:*
 
-*A list of possible Oracle solutions can be found in the [Annex](#networking-solutions).*
+*If your customers have any or one of the needs described in the guide of the [Network Requirements](#networking-requirements), then the OCI Network Firewall (OCI NFW) is the cloud native solution that provides all of it. It is based on the industry-leading Nextgen firewall solution by Palo Alto (VM-Series). Refer to the Annex for more best practices around deployment models.*
 
 
 ### Operations (Optional)
@@ -741,7 +754,7 @@ Oracle Cloud Infrastructure (OCI) is designed to protect customer workloads with
 
 Cloud computing is fundamentally different from traditionally on-premises computing. In the traditional model, organizations are typically in full control of their technology infrastructure located on-premises (e.g., physical control of the hardware, and full control over the technology stack in production). In the cloud, organizations leverage resources and practices that are under the control of the cloud service provider, while still retaining some control and responsibility over other components of their IT solution. As a result, managing security and privacy in the cloud is often a shared responsibility between the cloud customer and the cloud service provider. The distribution of responsibilities between the cloud service provider and customer also varies based on the nature of the cloud service (IaaS, PaaS, SaaS).
 
-# Additional Resources
+## Additional Resources
 - [Oracle Cloud Compliance](https://www.oracle.com/corporate/cloud-compliance/) – Oracle is committed to helping customers operate globally in a fast-changing business environment and address the challenges of an ever more complex regulatory environment. This site is a primary reference for customers on Shared Management Model with Attestations and Advisories.
 - [Oracle Security Practices](https://www.oracle.com/corporate/security-practices/) – Oracle’s security practices are multidimensional, encompassing how the company develops and manages enterprise systems, and cloud and on-premises products and services.
 - [Oracle Cloud Security Practices](https://www.oracle.com/corporate/security-practices/cloud/) documents.
@@ -790,8 +803,21 @@ The below questions help to identify networking requirements.
 
 ## Security and Access Control
 
+<!--
 - Are you familiar with the concept of Next-Generation Firewalls (NGFW) and their benefits over traditional firewalls?
 - Have you considered the importance of protecting your web applications from potential cyber threats using a Web Application Firewall (WAF)?
+-->
+
+- Some of the below questions help you to adopt the right sizing and deployment model of the network firewall.
+    - Does the customer need to protect traffic from VCN to VCN? 
+    - Does the customer need to protect traffic from subnet to subnet in the same VCN?
+    - When deploying an OCI Network Firewall in a dedicated HUB or secure VCN, do you want to protect inter-VCN traffic and/or inter-subnet traffic from within the same VCN?
+    - Does the customer need to protect incoming or egressing traffic to the internet?
+    - Does the customer need to protect internal traffic (including on-premises via IPSEC/FC)?
+    - Is the network performance critical? 
+    - Does the customer have any requirement on network isolation (i.e., internet traffic never traverses or is mixed with internal traffic)? 
+- Have you considered the importance of protecting your web applications from potential cyber threats using a Web Application Firewall (WAF)?
+
 
 ## Monitoring and Troubleshooting
 

cloud-architecture/oracle-apps-hyperion-siebel-gbu/gbu/financial-services/flexcube-solution-definition/files/flexcube-solution-definition.docx

@@ -6,7 +6,7 @@ These resources aim to offer guidance throughout your migration, enabling you to
 
 Explore these materials to enhance your migration strategy. We appreciate your participation and are committed to supporting your cloud migration journey.
 
-Reviewed: 4.12.2023
+Reviewed: 7.2.2024
 
 # Table of Contents
 
@@ -22,8 +22,8 @@ Reviewed: 4.12.2023
 
 # Useful Links
 
+- [EPM System Release 11.2.16 announcement](https://blogs.oracle.com/proactivesupportepm/post/enterprise-performance-management-epm-11216-is-available)
 - [Essbase 21.5 New Features and Enhancements YouTube Playlist](https://www.youtube.com/playlist?list=PLdtXkK5KBY57davwRTIGtDn05A9N4ybrI) 
-- [EPM System Release 11.2.15 announcement](https://blogs.oracle.com/proactivesupportepm/post/enterprise-performance-management-epm-11215-is-available)
 - [EPM Architecture Center](https://docs.oracle.com/en/solutions/deploy-hyperion-oci/index.html)
     - Reference architecture for EPM on OCI, including high availability (HA) and disaster recovery (DR) solutions.
 - [Hyperion on OCI: A validated solution guide](https://www.oracle.com/a/ocom/docs/cloud/hyperion-epm-on-oci-validated-solution-guide.pdf)

cloud-architecture/oracle-apps-hyperion-siebel-gbu/gbu/financial-services/flexcube-solution-definition/files/flexcube-solution-definition.md

@@ -2,7 +2,7 @@
 
 This document serves as a standard questionnaire designed to gather crucial information necessary for the execution of  Essbase application migration projects. It captures specific data that aids in estimating the effort required for a successful migration.
 
-Reviewed: 4.12.2023
+Reviewed: 7.2.2024
 
 ## When to use this asset?
 

cloud-architecture/oracle-apps-hyperion-siebel-gbu/hyperion-essbase/README.md

@@ -10,7 +10,7 @@ This document serves as an integral asset for individuals and organizations seek
 
 Use this document as a starting point for the solution definition of your Essbase implementation project. This asset includes example architecture diagrams for DrawIO in the file essbase-architecture-diagrams-example.drawio.
 
-Reviewed: 4.12.2023
+Reviewed: 27.2.2024
 
 ## Conclusion
 The Essbase Workload Solution Definition is expected to serve as a definitive guide to the project. All participants are encouraged to provide feedback, raise queries, and make contributions to enhance the overall project's success.