AWS EC2 to AWS RDS Oracle Migration POC Test 2

Brief Outline of Activity to be conducted:

1. Source Server: 10.15.3.80

2. Source DB/PDB Version: 19.14
3. Source DB/PDB: TDE is Enabled.
4. Target DB/PDB: TDE is Enabled.
5. Target Server: AWS RDS (cdipdr33.cm3tnkjv0pnv.us-east-1.rds.amazonaws.com)
6. Target DB/PDB Version: 19.15 (AWS RDS is quarter back).
7. Export the required Schemas from Source Server PDB’s. (Using EXPDP)
8. Make Sure Connectivity is there between Source Server and Target Server (Same subnet and
same VPC should be there for AWS RDS 19c DB).
9. Check the connectivity via SQL Developer/TOAD, SQLPLUS.
10. Create the Database Link (DB Link) from Source (AWS EC2) to Target (AWS RDS).
11. Transfer the expdp dump files from source to target using DBMS_FILE_TRANSFER.PUT_FILE.
12. Check the Dump Files Received.
13. Create the Tablespaces, Grants or Users on AWS RDS as required or needed.
14. Import the dump to AWS RDS PDB using impdp to connect to target PDB.
15. Post Import check the invalid objects and compile them.
16. Check for any limitations on AWS RDS.
Make Sure Connectivity is there between Source Server and Target Server (Same subnet and same
VPC should be there for AWS RDS 19c DB).

Check the connectivity via SQL Developer/TOAD, SQLPLUS

Create the Database Link (DB Link) from Source (AWS EC2) to Target (AWS RDS).

create database link to_rds_oracle_poc_test2 connect to mil_admin identified by admin1234 using

'(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=cdipdr33.cm3tnkjv0pnv.us-east-
1.rds.amazonaws.com)(PORT=1530))(CONNECT_DATA=(service_name=cdipdr33)))';

Transfer the expdp dump files from source to target using DBMS_FILE_TRANSFER.PUT_FILE.

BEGIN

DBMS_FILE_TRANSFER.PUT_FILE(source_directory_object => ' CDI_PDB', source_file_name =>

'CADMIN_expdp.dmp',destination_directory_object => ' DATA_PUMP_DIR_PDB',
destination_file_name => 'CADMIN_expdp.dmp', destination_database => '
to_rds_oracle_poc_test2');

END;

Source PDB Data Pump Directory Location:

Target Data Pump Directory Location:

To Transfer the Expdp dump file connect to Source PDB where dblink was created and then execute
the command as below.

Now Verify if the data pump file has been received on AWS RDS location using below query:

select * from dba_directories where directory_name='DATA_PUMP_DIR_PDB';

SELECT filename,type,sum(filesize)/1024/1024/1024 "IN GB",mtime FROM

TABLE(rdsadmin.rds_file_util.listdir('DATA_PUMP_DIR_PDB')) group by filename,type,filesize,mtime
order by 3 desc;
Create the Tablespaces, Grants/roles or Users on AWS RDS as required or needed.

Create Below mentioned Roles on the Target AWS RDS Oracle DB.

1. LANDING_RAVE
2. CUSTOM_RAVE
3. LANDING_VEEVA
4. PDRAPPLCTN
5. PDRUSER

Import the dump to target PDB on AWS RDS as below.

Connect to AWS_RDS PDB using impdp

Schema: CADMIN

impdp mil_admin@CDIPDR33 DUMPFILE= expdp_CDI_PDB_CADMIN_22922.dmp DIRECTORY=

DATA_PUMP_DIR_PDB logfile= impdp_CDI_PDB_CADMIN_22922_AWS_RDS.log
ENCRYPTION_PASSWORD=oracle

Error: ORA-31685: Object type SYSTEM_GRANT:"CADMIN"."CREATE EXTERNAL JOB" failed due to

insufficient privileges. Failing sql is:

GRANT CREATE EXTERNAL JOB TO "CADMIN"

Ref: https://docs.aws.amazon.com/SchemaConversionTool/latest/userguide/
CHAP_Source.Oracle.ToRDSOracle.html
Schemas:

SMARTTRIAL_ODR_CONTROL

SMARTTRIAL_ODR_LANDING

SMARTTRIAL_ODR_LANDING_BKP

SMARTTRIAL_ODR_LANDING_ARCH

SMARTTRIAL_ODR_CUSTOM

SMARTTRIAL_ODR_CUSTOM_BKP

SMARTTRIAL_ODR_CUSTOM_ARCH

impdp mil_admin@CDIPDR33 DUMPFILE= expdp_CDI_PDB_CADMIN_22922.dmp DIRECTORY=

DATA_PUMP_DIR_PDB logfile= impdp_CDI_PDB_CADMIN_22922_AWS_RDS.log
ENCRYPTION_PASSWORD=oracle

Following privileges are failing.

Schemas:

ADMIN_USER

impdp mil_admin@CDIPDR33 DUMPFILE=expdp_CDI_PDB_ADMIN_USER_22922.dmp

DIRECTORY=DATA_PUMP_DIR_PDB logfile=impdp_CDIPDR33_ADMIN_USER_22922_AWS_RDS.log
ENCRYPTION_PASSWORD=oracle

No Issues observed for this schema import.

Schemas: PDR Schemas

Create synonyms 1st

Create the PDR schema’s 1st and then execute the grants on the schema’s.

Create ACL’s using below DDL and then re-create them:

*****************************************************************************

SET SERVEROUTPUT ON FORMAT WRAPPED LINESIZE 300

DECLARE

l_last_acl dba_network_acls.acl%TYPE := '~';

l_last_principal dba_network_acl_privileges.principal%TYPE := '~';

l_last_privilege dba_network_acl_privileges.privilege%TYPE := '~';

l_last_host dba_network_acls.host%TYPE := '~';

FUNCTION get_timestamp (p_timestamp IN TIMESTAMP WITH TIME ZONE)

RETURN VARCHAR2

AS

l_return VARCHAR2(32767);

BEGIN

IF p_timestamp IS NULL THEN

RETURN 'NULL';

END IF;

RETURN 'TO_TIMESTAMP_TZ(''' || TO_CHAR(p_timestamp, 'DD-MON-YYYY HH24:MI:SS.FF

TZH:TZM') || ''',''DD-MON-YYYY HH24:MI:SS.FF TZH:TZM'')';

END;

BEGIN

FOR i IN (SELECT a.acl,

 a.host,

a.lower_port,

a.upper_port,

b.principal,

b.privilege,

b.is_grant,

b.start_date,

b.end_date

FROM dba_network_acls a

JOIN dba_network_acl_privileges b ON a.acl = b.acl

ORDER BY a.acl, a.host, a.lower_port, a.upper_port)

LOOP

IF l_last_acl <> i.acl THEN

-- First time we've seen this ACL, so create a new one.

l_last_host := '~';

DBMS_OUTPUT.put_line('-- -------------------------------------------------');

DBMS_OUTPUT.put_line('-- ' || i.acl);

DBMS_OUTPUT.put_line('-- -------------------------------------------------');

DBMS_OUTPUT.put_line('BEGIN');

DBMS_OUTPUT.put_line(' DBMS_NETWORK_ACL_ADMIN.drop_acl (');

DBMS_OUTPUT.put_line(' acl => ''' || i.acl || ''');');

DBMS_OUTPUT.put_line(' COMMIT;');

DBMS_OUTPUT.put_line('END;');

DBMS_OUTPUT.put_line('/');

DBMS_OUTPUT.put_line(' ');

DBMS_OUTPUT.put_line('BEGIN');

DBMS_OUTPUT.put_line(' DBMS_NETWORK_ACL_ADMIN.create_acl (');

DBMS_OUTPUT.put_line(' acl => ''' || i.acl || ''',');

DBMS_OUTPUT.put_line(' description => ''' || i.acl || ''',');

DBMS_OUTPUT.put_line(' principal => ''' || i.principal || ''',');

 DBMS_OUTPUT.put_line(' is_grant => ' || i.is_grant || ',');

DBMS_OUTPUT.put_line(' privilege => ''' || i.privilege || ''',');

DBMS_OUTPUT.put_line(' start_date => ' || get_timestamp(i.start_date) || ',');

DBMS_OUTPUT.put_line(' end_date => ' || get_timestamp(i.end_date) || ');');

DBMS_OUTPUT.put_line(' COMMIT;');

DBMS_OUTPUT.put_line('END;');

DBMS_OUTPUT.put_line('/');

DBMS_OUTPUT.put_line(' ');

l_last_acl := i.acl;

l_last_principal := i.principal;

l_last_privilege := i.privilege;

END IF;

IF l_last_principal <> i.principal

OR (l_last_principal = i.principal AND l_last_privilege <> i.privilege) THEN

-- Add another principal to an existing ACL.

DBMS_OUTPUT.put_line('BEGIN');

DBMS_OUTPUT.put_line(' DBMS_NETWORK_ACL_ADMIN.add_privilege (');

DBMS_OUTPUT.put_line(' acl => ''' || i.acl || ''',');

DBMS_OUTPUT.put_line(' principal => ''' || i.principal || ''',');

DBMS_OUTPUT.put_line(' is_grant => ' || i.is_grant || ',');

DBMS_OUTPUT.put_line(' privilege => ''' || i.privilege || ''',');

DBMS_OUTPUT.put_line(' start_date => ' || get_timestamp(i.start_date) || ',');

DBMS_OUTPUT.put_line(' end_date => ' || get_timestamp(i.end_date) || ');');

DBMS_OUTPUT.put_line(' COMMIT;');

DBMS_OUTPUT.put_line('END;');

DBMS_OUTPUT.put_line('/');

DBMS_OUTPUT.put_line(' ');

l_last_principal := i.principal;

l_last_privilege := i.privilege;

END IF;
 IF l_last_host <> i.host||':'||i.lower_port||':'||i.upper_port THEN

DBMS_OUTPUT.put_line('BEGIN');

DBMS_OUTPUT.put_line(' DBMS_NETWORK_ACL_ADMIN.assign_acl (');

DBMS_OUTPUT.put_line(' acl => ''' || i.acl || ''',');

DBMS_OUTPUT.put_line(' host => ''' || i.host || ''',');

DBMS_OUTPUT.put_line(' lower_port => ' || NVL(TO_CHAR(i.lower_port),'NULL') || ',');

DBMS_OUTPUT.put_line(' upper_port => ' || NVL(TO_CHAR(i.upper_port),'NULL') || ');');

DBMS_OUTPUT.put_line(' COMMIT;');

DBMS_OUTPUT.put_line('END;');

DBMS_OUTPUT.put_line('/');

DBMS_OUTPUT.put_line(' ');

l_last_host := i.host||':'||i.lower_port||':'||i.upper_port;

END IF;

END LOOP;

END;

******************************************************************************

Execute the below script on Target database to create the ACL’s.

-- -------------------------------------------------

-- /sys/acls/smtp_mail_new.xml

-- -------------------------------------------------

BEGIN

DBMS_NETWORK_ACL_ADMIN.drop_acl (

acl => '/sys/acls/smtp_mail_new.xml');

COMMIT;

END;

BEGIN

DBMS_NETWORK_ACL_ADMIN.create_acl (

acl => '/sys/acls/smtp_mail_new.xml',

 description => '/sys/acls/smtp_mail_new.xml',

principal => 'PDR_CONTROL',

is_grant => true,

privilege => 'resolve',

start_date => NULL,

end_date => NULL);

COMMIT;

END;

BEGIN

DBMS_NETWORK_ACL_ADMIN.assign_acl (

acl => '/sys/acls/smtp_mail_new.xml',

host => 'email-smtp.us-east-1.amazonaws.com',

lower_port => NULL,

upper_port => NULL);

COMMIT;

END;

BEGIN

DBMS_NETWORK_ACL_ADMIN.add_privilege (

acl => '/sys/acls/smtp_mail_new.xml',

principal => 'PDR_CONTROL',

is_grant => true,

privilege => 'connect',

start_date => NULL,

end_date => NULL);

COMMIT;

END;

/
Check the ACL Status using below query.