-- 1. S3バケット作成
aws s3 mb s3://bucket123
aws s3 ls
-- 2. IAMポリシー作成
vim policy01.json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "s3integration",
"Action": [
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::bucket123",
"arn:aws:s3:::bucket123/*"
]
}
]
}
aws iam create-policy \
--policy-name policy01 \
--policy-document file://policy01.json
{
"Version": "2012-10-17",
"Statement":
[{
"Effect": "Allow",
"Principal": {"Service": "rds.amazonaws.com"},
"Action": "sts:AssumeRole"
}]
}
aws iam create-role \
--role-name role01 \
--assume-role-policy-document file://role01.json
-- 4. ポリシーをロールにアタッチ
aws iam attach-role-policy \
--policy-arn arn:aws:iam::999999999999:policy/policy01 \
--role-name role01
-- 5. RDSインスタンス作成
aws rds describe-db-engine-versions \
--engine oracle-se2 \
| jq -c '.DBEngineVersions | [ .Engine, .EngineVersion ]'
aws rds create-option-group \
--option-group-name og01 \
--engine-name oracle-se2 \
--major-engine-version 19 \
--option-group-description "og01"
aws rds add-option-to-option-group \
--option-group-name og01 \
--options OptionName=S3_INTEGRATION,OptionVersion=1.0
aws rds create-db-instance \
--db-instance-identifier oracle01 \
--allocated-storage 20 \
--db-instance-class db.t3.small \
--engine oracle-se2 \
--master-username oracle \
--master-user-password 'password' \
--no-multi-az \
--engine-version 19.0.0.0.ru-2021-04.rur-2021-04.r1 \
--storage-type gp2 \
--no-publicly-accessible \
--no-enable-performance-insights \
--no-auto-minor-version-upgrade \
--license-model license-included \
--option-group-name og01
aws rds add-role-to-db-instance \
--db-instance-identifier oracle01 \
--feature-name S3_INTEGRATION \
--role-arn arn:aws:iam::999999999999:role/role01
-- 6. 動作確認
exec rdsadmin.rdsadmin_util.create_directory(p_directory_name => 'ORA_DIR');
select * from dba_directories;
export PATH=$PATH:/usr/lib/oracle/19.12/client64/bin
expdp oracle/'password'@oracle01.xxxxxxxxxxxx.ap-northeast-1.rds.amazonaws.com:1521/ORCL directory=ORA_DIR dumpfile=test.dmp logfile=test.log schemas=test reuse_dumpfiles=yes
SELECT rdsadmin.rdsadmin_s3_tasks.upload_to_s3(
p_bucket_name => 'bucket123',
p_directory_name => 'ORA_DIR')
AS TASK_ID FROM DUAL;
aws s3 ls s3://bucket123
SELECT * FROM TABLE(rdsadmin.rds_file_util.listdir('ORA_DIR')) ORDER BY MTIME;
EXEC UTL_FILE.FREMOVE('ORA_DIR','test.dmp');
EXEC UTL_FILE.FREMOVE('ORA_DIR','test.log');
SELECT rdsadmin.rdsadmin_s3_tasks.download_from_s3(
p_bucket_name => 'bucket123',
p_directory_name => 'ORA_DIR')
AS TASK_ID FROM DUAL;
impdp oracle/'password'@oracle01.xxxxxxxxxxxx.ap-northeast-1.rds.amazonaws.com:1521/ORCL directory=ORA_DIR dumpfile=test.dmp logfile=test.log schemas=test table_exists_action=replace
-- 7. クリーンアップ
-- RDSインスタンス削除
aws rds delete-db-instance \
--db-instance-identifier oracle01 \
--skip-final-snapshot
-- ロールの一覧
aws iam list-roles | grep role01
-- ロールの削除
aws iam detach-role-policy \
--role-name role01 \
--policy-arn arn:aws:iam::999999999999:policy/policy01
aws iam delete-role --role-name role01
-- ポリシーの一覧
aws iam list-policies | grep policy01
-- ポリシーの削除
aws iam delete-policy \
--policy-arn arn:aws:iam::999999999999:policy/policy01
-- バケット削除
aws s3 rb s3://bucket123 --force
-- オプショングループ一覧
aws rds describe-option-groups
aws rds describe-option-groups | jq -r '.OptionGroupsList.OptionGroupName'
-- オプショングループ削除
aws rds delete-option-group --option-group-name og01
