HeatWave Release Notes
To enable the database system to access OCI services, perform the following steps in OCI:
-
Create a new dynamic group or update a dynamic group's matching rules, and the following matching rule to include all MySQL DB Systems in the defined compartment:
ALL{resource.type = 'mysqldbsystem', resource.compartment.id = 'ocid1.compartment.oc1..AlphanumericString'} -
Add policies for the dynamic group that grant the dynamic group access to the target service's APIs:
allow dynamic-group IdentityDomainName/GroupName to use generative-ai-chat in compartment CompartmentName allow dynamic-group IdentityDomainName/GroupName to use generative-ai-text-embedding in compartment CompartmentNameReplace the following:
-
IdentityDomainName: the identity domain name.NoteIf the dynamic group belongs to the default identity domain, you can omit specifying the identity domain name.
GroupName: the dynamic group nameCompartmentID: the compartment ID of the database system
-
For more information, see Resource Principals.
In addition, for resource principal authentication, HeatWave
automatically sets the rapid_ml_genai system
variable. The default value of the variable is the compartment
ID of the database system you are using.
To use a different compartment for accessing the OCI Generative
AI service, you can set the
rapid_ml_genai_session system variable to
specify the ID of the compartment you want to use, as shown
below:
SET rapid_ml_genai_session = '{"compartment_id": "ocid1.compartment.oc1..AlphanumericString"}';
The compartment ID specified in the
rapid_ml_genai_session system variable must
match the compartment ID you used to create the dynamic group
and add the OCI Generative AI service authentication policy.