{"id":883,"date":"2026-04-16T13:20:42","date_gmt":"2026-04-16T13:20:42","guid":{"rendered":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-connector-hub-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-data-management\/"},"modified":"2026-04-16T13:20:42","modified_gmt":"2026-04-16T13:20:42","slug":"oracle-cloud-connector-hub-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-data-management","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-connector-hub-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-data-management\/","title":{"rendered":"Oracle Cloud Connector Hub Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Data Management"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Category<\/h2>\n\n\n\n<p>Data Management<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. Introduction<\/h2>\n\n\n\n<p>Oracle Cloud <strong>Connector Hub<\/strong> is a managed integration service that moves data and events between Oracle Cloud Infrastructure (OCI) services and selected targets, with minimal operational overhead.<\/p>\n\n\n\n<p>In simple terms: <strong>you pick a source (where data is produced), pick a target (where you want it to go), optionally apply tasks like filtering or transformation, and Connector Hub delivers the data continuously<\/strong>.<\/p>\n\n\n\n<p>In technical terms, Connector Hub (often referenced in official OCI documentation as <strong>Service Connector Hub<\/strong>\u2014verify the latest naming in your region\u2019s OCI Console) provides <strong>service-managed connectors<\/strong> that read from supported OCI sources (for example, logs, metrics, streams\u2014verify exact supported sources) and deliver to supported OCI targets (for example, Object Storage, Streaming, Functions, Logging Analytics\u2014verify exact supported targets). The service is designed for <strong>near-real-time, operationally simple routing<\/strong> without building and operating custom ingestion pipelines.<\/p>\n\n\n\n<p><strong>What problem it solves:<\/strong> teams routinely need to export logs for retention, stream events to downstream processing, move operational telemetry into analytics tools, and connect multiple OCI services together. Building this yourself often means managing compute, scaling, retries, credentials, and failure handling. Connector Hub aims to standardize and simplify those patterns as a managed service.<\/p>\n\n\n\n<blockquote>\n<p>Naming note (important): OCI has long used the name <strong>Service Connector Hub<\/strong> in documentation and APIs, while some consoles and discussions shorten it to <strong>Connector Hub<\/strong>. This tutorial uses <strong>Connector Hub<\/strong> as the primary name to match your requested service name, and calls out \u201cService Connector Hub\u201d where it is relevant for finding official docs.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">2. What is Connector Hub?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Official purpose<\/h3>\n\n\n\n<p>Connector Hub is an OCI-managed service for <strong>routing data from OCI services to other OCI services<\/strong> (and in some cases, to external endpoints through supported patterns\u2014verify for your specific target). It is typically used to move <strong>observability and event data<\/strong> (logs, metrics, streaming messages) into <strong>storage, analytics, notifications, or processing<\/strong> services.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Core capabilities (conceptual)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Create connectors<\/strong> (often called <em>service connectors<\/em>) that connect a <strong>source<\/strong> to a <strong>target<\/strong><\/li>\n<li><strong>Optionally apply tasks<\/strong> such as filtering, transformation, or invoking processing (for example, Functions\u2014verify)<\/li>\n<li><strong>Operate continuously<\/strong> with managed scaling and retry behavior (exact semantics and SLAs: verify in official docs)<\/li>\n<li><strong>Use OCI IAM<\/strong> for access control and OCI audit\/logging for governance<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Major components<\/h3>\n\n\n\n<p>While naming can vary slightly across UI, API, and docs, the model generally includes:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Connector (Service Connector):<\/strong> The main resource you create. It defines:<\/li>\n<li>Source configuration (what to read)<\/li>\n<li>Target configuration (where to write)<\/li>\n<li>Optional tasks (how to process)<\/li>\n<li><strong>Source:<\/strong> An OCI service producing data (for example, OCI Logging)<\/li>\n<li><strong>Task(s):<\/strong> Optional processing steps (for example, filtering or invoking a function\u2014verify available task types)<\/li>\n<li><strong>Target:<\/strong> Destination service (for example, OCI Object Storage)<\/li>\n<li><strong>Policies (IAM):<\/strong> Permissions so the connector can read from the source and write to the target<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Service type<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Managed cloud service<\/strong> (PaaS-style integration \/ routing)<\/li>\n<li>You do not manage servers, agents, or scaling infrastructure<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Scope: regional, compartment, tenancy<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Connector Hub resources are typically <strong>regional<\/strong> and <strong>compartment-scoped<\/strong> in OCI (verify in your region\u2019s docs\/console).<\/li>\n<li>Policies are defined at <strong>tenancy<\/strong> level but can be scoped to compartments.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">How it fits into the Oracle Cloud ecosystem<\/h3>\n\n\n\n<p>Connector Hub often sits in the middle of:\n&#8211; <strong>Observability<\/strong> (Logging, Monitoring)\n&#8211; <strong>Data Management<\/strong> (archival to Object Storage, feeding streaming pipelines, analytics ingestion)\n&#8211; <strong>Event-driven compute<\/strong> (Functions)\n&#8211; <strong>Security operations<\/strong> (log centralization, retention, SIEM-like patterns)<\/p>\n\n\n\n<p>It acts as a \u201cmanaged glue\u201d so you can build data movement patterns without deploying custom integration runtimes.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">3. Why use Connector Hub?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Business reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Faster delivery of integrations:<\/strong> Common \u201cexport logs to storage\u201d or \u201csend stream to processing\u201d patterns can be set up in minutes.<\/li>\n<li><strong>Reduced operational burden:<\/strong> Less custom code, fewer pipelines to manage, fewer on-call issues.<\/li>\n<li><strong>Cost control (often indirect):<\/strong> You avoid running always-on compute for routing tasks; costs are concentrated in the source\/target services you already need.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Technical reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Managed routing and delivery:<\/strong> Built-in retry\/error handling (verify exact behavior).<\/li>\n<li><strong>Standardized integration approach:<\/strong> Consistent patterns across teams and environments.<\/li>\n<li><strong>IAM-based access:<\/strong> Central identity model instead of embedding long-lived credentials in scripts.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Simplified operations:<\/strong> Monitor connector status and failures from OCI tooling (verify exact metrics\/logs available).<\/li>\n<li><strong>Scales with demand:<\/strong> As source volume grows, Connector Hub is designed to scale (verify limits\/quotas).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/compliance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Centralized policy control:<\/strong> Use OCI IAM policies to control who can create connectors and where data can flow.<\/li>\n<li><strong>Auditability:<\/strong> Actions are auditable via OCI Audit (verify details).<\/li>\n<li><strong>Data residency alignment:<\/strong> Because resources are regional, you can align with residency requirements by choosing the right region (verify cross-region patterns).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Scalability\/performance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Near-real-time movement:<\/strong> Designed for continuous delivery (latency varies\u2014verify).<\/li>\n<li><strong>Backpressure\/retries:<\/strong> Managed service handles transient failures more consistently than ad hoc scripts.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should choose it<\/h3>\n\n\n\n<p>Choose Connector Hub when you need:\n&#8211; Continuous, managed routing between supported OCI services\n&#8211; Simple patterns like \u201clogs \u2192 Object Storage\u201d or \u201cstream \u2192 function\u201d\n&#8211; Minimal operational overhead, strong IAM governance, and repeatable deployments<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">When they should not choose it<\/h3>\n\n\n\n<p>Avoid or reconsider Connector Hub when:\n&#8211; You need a complex ETL\/ELT workflow with many joins and transformations (consider OCI Data Integration, Data Flow, or external tools)\n&#8211; You must deliver to an unsupported target (you may need custom compute, Kafka Connect, NiFi, etc.)\n&#8211; You require very specific delivery guarantees\/ordering semantics that Connector Hub does not provide (verify exact semantics)\n&#8211; You need cross-cloud routing with advanced protocol support (you may need a message bus, API gateway, or integration platform)<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">4. Where is Connector Hub used?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Industries<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Financial services:<\/strong> audit log retention, security monitoring pipelines<\/li>\n<li><strong>Healthcare:<\/strong> compliance-driven log archival<\/li>\n<li><strong>Retail\/e-commerce:<\/strong> operational telemetry aggregation<\/li>\n<li><strong>SaaS\/technology:<\/strong> multi-environment observability export<\/li>\n<li><strong>Public sector:<\/strong> region-bound data routing and long-term retention<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Team types<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Platform engineering teams building shared infrastructure<\/li>\n<li>SRE and operations teams centralizing logs\/metrics<\/li>\n<li>Security teams exporting audit logs for retention and analysis<\/li>\n<li>Data engineering teams feeding streams into processing<\/li>\n<li>DevOps teams standardizing \u201cday-2\u201d operations patterns<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Workloads<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Centralized logging and retention<\/li>\n<li>Streaming ingestion for near-real-time processing<\/li>\n<li>Event-driven automation<\/li>\n<li>Observability data export to analytics targets<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Architectures<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Landing zone architectures with centralized logging compartments<\/li>\n<li>Multi-compartment application estates<\/li>\n<li>Event-driven microservices with streaming and functions<\/li>\n<li>\u201cData lake\u201d patterns where Object Storage is the durable sink<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Real-world deployment contexts<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Production:<\/strong> log export, audit retention, operational event processing<\/li>\n<li><strong>Dev\/test:<\/strong> validating integration flows, testing downstream processing with safe volumes<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">5. Top Use Cases and Scenarios<\/h2>\n\n\n\n<p>Below are realistic scenarios. Availability depends on supported sources\/targets\/tasks in your region\u2014<strong>verify in official docs<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1) Archive OCI Audit logs to Object Storage (compliance retention)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> You need immutable-ish retention of audit activity for months\/years.<\/li>\n<li><strong>Why Connector Hub fits:<\/strong> Managed export from log sources to durable, low-cost storage.<\/li>\n<li><strong>Example:<\/strong> Send audit logs from security compartments into a centralized Object Storage bucket with lifecycle policies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) Centralize application logs across compartments<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Logs are scattered across many app compartments and teams.<\/li>\n<li><strong>Why it fits:<\/strong> Standard connectors per compartment to a central destination.<\/li>\n<li><strong>Example:<\/strong> Each app exports its log group to a shared Object Storage bucket prefix for centralized search\/ETL.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) Stream logs into a real-time processing pipeline<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> You need near-real-time detection\/alerting beyond basic alarms.<\/li>\n<li><strong>Why it fits:<\/strong> Route Logging to Streaming (if supported) to feed a processing application.<\/li>\n<li><strong>Example:<\/strong> Logs \u2192 Streaming \u2192 consumer app \u2192 alerts and enriched events.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) Trigger serverless workflows from streaming data<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> You want to process messages without running servers.<\/li>\n<li><strong>Why it fits:<\/strong> Connector can deliver to Functions (if supported) with managed invocation patterns.<\/li>\n<li><strong>Example:<\/strong> Streaming topic \u2192 Function task \u2192 write enriched results to Object Storage.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) Export Monitoring metrics to downstream analytics<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> You need to store metrics history beyond default retention or analyze in external tools.<\/li>\n<li><strong>Why it fits:<\/strong> Metrics source \u2192 target sink for retention\/analysis (verify supported target).<\/li>\n<li><strong>Example:<\/strong> Metrics \u2192 Object Storage for batch analytics in Data Flow.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Route telemetry into Logging Analytics (operational intelligence)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> You want centralized log analytics across services.<\/li>\n<li><strong>Why it fits:<\/strong> Connector Hub can feed analytics targets (verify target support and licensing).<\/li>\n<li><strong>Example:<\/strong> Application logs \u2192 Logging Analytics for dashboards and anomaly detection.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) Near-real-time ingestion into a data lake<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> You want a durable raw zone for later ETL.<\/li>\n<li><strong>Why it fits:<\/strong> Connector Hub can continuously land data into Object Storage.<\/li>\n<li><strong>Example:<\/strong> Events\/logs \u2192 Object Storage \u201craw\/\u201d \u2192 nightly Data Flow jobs to curate Parquet.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">8) Cross-team \u201cself-service export\u201d with guardrails<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Teams need exports, but security wants governance.<\/li>\n<li><strong>Why it fits:<\/strong> IAM policies and compartment scoping provide guardrails.<\/li>\n<li><strong>Example:<\/strong> Allow teams to create connectors only within their compartments and only to approved buckets.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">9) Decouple producers from consumers<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Multiple consumers need the same data stream.<\/li>\n<li><strong>Why it fits:<\/strong> Use Streaming as a fan-out mechanism (where supported).<\/li>\n<li><strong>Example:<\/strong> Logging \u2192 Streaming; multiple consumers read and process independently.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">10) Reduce custom glue code for integrations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> Many scripts and cron jobs move data around unreliably.<\/li>\n<li><strong>Why it fits:<\/strong> Managed, consistent connectors with standardized monitoring.<\/li>\n<li><strong>Example:<\/strong> Replace ad hoc Python scripts with connectors and IAM policies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">11) Security operations: suspicious activity detection pipeline<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> You want to detect suspicious API calls or changes.<\/li>\n<li><strong>Why it fits:<\/strong> Audit logs exported to a pipeline for detection logic.<\/li>\n<li><strong>Example:<\/strong> Audit logs \u2192 Streaming \u2192 detection service \u2192 Notifications.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">12) Multi-region strategy (careful)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> You need to move data between regions for DR or global analytics.<\/li>\n<li><strong>Why it fits:<\/strong> Sometimes feasible using region endpoints\/targets (verify supported cross-region patterns and costs).<\/li>\n<li><strong>Example:<\/strong> Region A logs exported to Object Storage; replication or downstream copy handles region B availability.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">6. Core Features<\/h2>\n\n\n\n<p>Because Connector Hub evolves, always confirm your region\u2019s supported features in the official docs. The items below cover the core capabilities commonly associated with OCI Connector Hub \/ Service Connector Hub.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 1: Managed connectors (source \u2192 target)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Creates a continuously running managed route from a supported source to a supported target.<\/li>\n<li><strong>Why it matters:<\/strong> Eliminates custom agents and \u201cglue\u201d compute.<\/li>\n<li><strong>Practical benefit:<\/strong> Faster setup, fewer operational incidents, consistent deployment pattern.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Supported sources\/targets vary by region and service updates\u2014<strong>verify<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 2: Compartment-based resource organization<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Connectors are created in compartments and can be governed by compartment policies.<\/li>\n<li><strong>Why it matters:<\/strong> OCI compartments are the foundation for multi-team governance.<\/li>\n<li><strong>Practical benefit:<\/strong> You can delegate management to app teams while protecting central sinks.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Cross-compartment writes require explicit IAM policy design.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 3: IAM-controlled access to sources and targets<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Uses OCI IAM policies to authorize Connector Hub to read and write.<\/li>\n<li><strong>Why it matters:<\/strong> No hard-coded credentials in scripts; consistent least-privilege.<\/li>\n<li><strong>Practical benefit:<\/strong> Central security team can audit and control data flows.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Policy syntax must be exact; service principal naming must match OCI docs\u2014<strong>verify<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 4: Optional tasks (filtering \/ transformation \/ function invocation)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Applies optional tasks to data in-flight (capabilities vary\u2014verify).<\/li>\n<li><strong>Why it matters:<\/strong> Reduces downstream processing load and noise.<\/li>\n<li><strong>Practical benefit:<\/strong> Filter out debug logs, route only security events, or invoke serverless processing.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Not a full ETL engine; complex transforms may require downstream processing.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 5: Error handling and retries (managed)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Retries delivery on transient failures and surfaces failures via status\/metrics\/logs (verify).<\/li>\n<li><strong>Why it matters:<\/strong> Reduces manual reprocessing compared to cron scripts.<\/li>\n<li><strong>Practical benefit:<\/strong> More reliable operational pipelines.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Delivery guarantees (at-least-once vs exactly-once) and ordering should be verified.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 6: Integration with OCI Observability<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Connector health and activity can be monitored (verify specifics: metrics, logs, alarms).<\/li>\n<li><strong>Why it matters:<\/strong> Production routing needs operational visibility.<\/li>\n<li><strong>Practical benefit:<\/strong> Build alarms on failed deliveries or throttling.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> The specific metrics and dimensions can differ\u2014verify in metric reference.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 7: Native integration to Object Storage for durable landing<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Writes data to OCI Object Storage buckets (commonly used for archival and data lakes).<\/li>\n<li><strong>Why it matters:<\/strong> Object Storage is durable, cost-effective, and integrates with analytics.<\/li>\n<li><strong>Practical benefit:<\/strong> Long-term retention and downstream batch processing become straightforward.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Object naming\/partitioning conventions and file formats should be verified for your connector type.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Feature 8: Streaming integration (where supported)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does:<\/strong> Reads from or writes to OCI Streaming as a decoupling layer.<\/li>\n<li><strong>Why it matters:<\/strong> Supports near-real-time processing and fan-out.<\/li>\n<li><strong>Practical benefit:<\/strong> Multiple consumers can process the same data independently.<\/li>\n<li><strong>Limitations\/caveats:<\/strong> Streaming retention, partitions, throughput units, and costs must be planned.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">7. Architecture and How It Works<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">High-level architecture<\/h3>\n\n\n\n<p>Connector Hub runs as an OCI-managed service. You define a connector resource that references:\n&#8211; A <strong>source<\/strong> (e.g., Logging)\n&#8211; Optional <strong>task(s)<\/strong> (e.g., filter\/function)\n&#8211; A <strong>target<\/strong> (e.g., Object Storage)<\/p>\n\n\n\n<p>Connector Hub then continuously reads from the source and delivers to the target using OCI internal service-to-service integration controlled by IAM policies.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Data flow vs control flow<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Control plane:<\/strong> Creating\/updating connectors, IAM policies, configuration changes, and status checks.<\/li>\n<li><strong>Data plane:<\/strong> The actual movement of data from source to target.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Integrations with related services (examples)<\/h3>\n\n\n\n<p>Common integrations include (verify availability):\n&#8211; <strong>OCI Logging<\/strong> as a source for audit\/service\/custom logs\n&#8211; <strong>OCI Object Storage<\/strong> as a durable sink\n&#8211; <strong>OCI Streaming<\/strong> for event streaming pipelines\n&#8211; <strong>OCI Functions<\/strong> for serverless processing\n&#8211; <strong>OCI Monitoring<\/strong> for metrics-based pipelines (where supported)\n&#8211; <strong>OCI Notifications<\/strong> for alerting (often downstream of processing)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Dependency services<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>IAM<\/strong> for authorization<\/li>\n<li><strong>Compartments<\/strong> for resource organization<\/li>\n<li><strong>Source\/target services<\/strong> (Logging, Object Storage, etc.)<\/li>\n<li>Optionally <strong>Vault<\/strong> (if your downstream processing needs secrets), <strong>Events<\/strong>, <strong>Functions<\/strong>, <strong>Streaming<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/authentication model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Human and automation users authenticate to OCI to <strong>create\/manage connectors<\/strong>.<\/li>\n<li>The Connector Hub service itself operates with <strong>OCI service identity\/service principal<\/strong> to access sources\/targets based on <strong>policies you configure<\/strong> (exact service principal name and policy verbs: verify in official docs).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Networking model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Typically service-to-service traffic stays on OCI\u2019s backbone.<\/li>\n<li>If you integrate with external endpoints, confirm whether it requires NAT, public endpoints, private endpoints, or service gateways\u2014<strong>verify supported patterns<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Monitoring\/logging\/governance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use <strong>OCI Audit<\/strong> to track who created\/changed connectors.<\/li>\n<li>Use <strong>OCI Monitoring<\/strong> to alarm on connector failures (verify metrics).<\/li>\n<li>Apply <strong>tags<\/strong> to connectors for cost allocation and governance.<\/li>\n<li>Use <strong>separate compartments<\/strong> for:<\/li>\n<li>Source producers (application compartments)<\/li>\n<li>Central sinks (security\/log archive compartment)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Simple architecture diagram (Mermaid)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart LR\n  A[OCI Source Service\\n(e.g., Logging)] --&gt; B[Connector Hub\\n(Managed Connector)]\n  B --&gt; C[OCI Target Service\\n(e.g., Object Storage)]\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Production-style architecture diagram (Mermaid)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart TB\n  subgraph Tenancy[OCI Tenancy]\n    subgraph AppComp[App Compartments]\n      L1[OCI Logging\\nApp Logs]:::svc\n      S1[OCI Streaming\\nEvents Stream]:::svc\n    end\n\n    subgraph IntegrationComp[Integration Compartment]\n      CH[Connector Hub\\nService Connectors]:::svc\n      FN[OCI Functions\\nOptional Task]:::svc\n    end\n\n    subgraph SecurityComp[Security \/ Shared Services Compartment]\n      OS[(Object Storage\\nLog Archive Bucket)]:::svc\n      LA[Logging Analytics\\n(Optional)]:::svc\n      MON[Monitoring + Alarms]:::svc\n      AUD[Audit Logs]:::svc\n    end\n  end\n\n  L1 --&gt; CH\n  S1 --&gt; CH\n  CH --&gt; FN\n  FN --&gt; OS\n  CH --&gt; OS\n  CH --&gt; LA\n\n  MON -. monitors .-&gt; CH\n  AUD -. audits .-&gt; CH\n\n  classDef svc fill:#eef,stroke:#446,stroke-width:1px;\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">8. Prerequisites<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Tenancy\/account requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An active <strong>Oracle Cloud (OCI) tenancy<\/strong><\/li>\n<li>Access to an OCI region where Connector Hub is available (verify regional availability)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Permissions \/ IAM roles<\/h3>\n\n\n\n<p>You generally need:\n&#8211; Permission to <strong>manage connectors<\/strong> in the compartment where you create them\n&#8211; Permission for Connector Hub (service principal) to <strong>read from the source<\/strong> and <strong>write to the target<\/strong><\/p>\n\n\n\n<p>Because policy statements must be exact for OCI service principals and resource families, <strong>verify the current policy examples in official docs<\/strong> for Connector Hub \/ Service Connector Hub:\n&#8211; Official docs landing page: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/service-connector-hub\/home.htm (verify)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Billing requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Connector Hub pricing may be $0 in some models, but you still pay for:<\/li>\n<li>Object Storage capacity\/requests<\/li>\n<li>Streaming throughput\/retention<\/li>\n<li>Function invocations<\/li>\n<li>Logging Analytics ingestion (if used)<\/li>\n<li>Network egress (if data leaves region\/OCI)<\/li>\n<li>Ensure your tenancy has billing enabled if you will generate usage.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Tools needed<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI Console access (browser)<\/li>\n<li>Optional but recommended:<\/li>\n<li><strong>OCI CLI<\/strong>: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/SDKDocs\/cliinstall.htm<\/li>\n<li>A terminal environment for validation and cleanup<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Region availability<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Connector Hub is not guaranteed in every region or may have feature differences.<\/li>\n<li><strong>Verify<\/strong> in the OCI Console (region selector) and service documentation for supported regions.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas\/limits<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Connector count, throughput, and supported source\/target combinations may be governed by service limits.<\/li>\n<li>Review OCI service limits in the Console: <strong>Governance &amp; Administration \u2192 Limits, Quotas and Usage<\/strong> (names may vary).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Prerequisite services<\/h3>\n\n\n\n<p>For the hands-on lab in this tutorial, you need:\n&#8211; <strong>OCI Logging<\/strong> (Audit logs are usually available by default)\n&#8211; <strong>OCI Object Storage<\/strong> (to create a bucket)<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">9. Pricing \/ Cost<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Current pricing model (how to think about it)<\/h3>\n\n\n\n<p>Connector Hub pricing can change and may be represented differently depending on OCI updates and contracts. In many OCI setups, <strong>the Connector Hub service itself is not the main cost driver<\/strong>; instead, costs come from the <strong>source\/target services<\/strong> and data volume.<\/p>\n\n\n\n<p>To be accurate:\n&#8211; <strong>Verify Connector Hub pricing<\/strong> on the official OCI pricing pages and cost estimator.<\/p>\n\n\n\n<p>Official pricing references:\n&#8211; OCI pricing landing: https:\/\/www.oracle.com\/cloud\/pricing\/\n&#8211; OCI price list: https:\/\/www.oracle.com\/cloud\/price-list\/\n&#8211; OCI cost estimator (if available for your tenancy): https:\/\/www.oracle.com\/cloud\/costestimator.html (verify current URL)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Pricing dimensions to consider<\/h3>\n\n\n\n<p>Even if Connector Hub is priced at $0 (verify), your solution cost depends on:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\n<p><strong>Data volume<\/strong>\n   &#8211; GB\/day of logs exported\n   &#8211; Messages\/sec in Streaming<\/p>\n<\/li>\n<li>\n<p><strong>Target service costs<\/strong>\n   &#8211; <strong>Object Storage:<\/strong> capacity (GB-month), operations (PUT\/GET), lifecycle transitions\n   &#8211; <strong>Streaming:<\/strong> partitions, throughput units, retention\n   &#8211; <strong>Functions:<\/strong> invocations, duration, memory allocation\n   &#8211; <strong>Logging Analytics:<\/strong> ingestion and retention (often licensed\/paid\u2014verify)<\/p>\n<\/li>\n<li>\n<p><strong>Network and data transfer<\/strong>\n   &#8211; <strong>Intra-region<\/strong> service traffic is typically not billed as internet egress, but rules vary.\n   &#8211; <strong>Cross-region<\/strong> replication or delivery may incur data transfer charges.\n   &#8211; <strong>Outbound to internet<\/strong> endpoints (if used) can incur egress charges.<\/p>\n<\/li>\n<li>\n<p><strong>Indirect operational costs<\/strong>\n   &#8211; People-time saved vs building\/operating custom pipelines\n   &#8211; Reduced incidents compared to scripts\/agents<\/p>\n<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Free tier<\/h3>\n\n\n\n<p>OCI has a Free Tier program, but eligibility varies by account and region. Verify:\n&#8211; https:\/\/www.oracle.com\/cloud\/free\/<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Cost drivers (what will increase your bill)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>High log volume exported continuously<\/li>\n<li>Many small objects written to Object Storage (request costs)<\/li>\n<li>Large streaming throughput and high retention<\/li>\n<li>Frequent function invocations for in-flight processing<\/li>\n<li>Cross-region data movement<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Hidden or indirect costs<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Object Storage request pattern:<\/strong> If Connector Hub writes many small objects frequently, request counts can rise.<\/li>\n<li><strong>Downstream analytics ingestion:<\/strong> Logging Analytics or other analytics tools may charge per GB ingested.<\/li>\n<li><strong>Retention growth:<\/strong> Long retention without lifecycle policies causes storage growth.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">How to optimize cost<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Filter at the source\/task level (if supported) to reduce volume.<\/li>\n<li>Use Object Storage <strong>lifecycle policies<\/strong> to move older data to Archive tier (where appropriate).<\/li>\n<li>Aggregate data into fewer objects (if configurable\u2014verify).<\/li>\n<li>Avoid cross-region routing unless required.<\/li>\n<li>Use tags for cost reporting and showback.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Example low-cost starter estimate (no fabricated numbers)<\/h3>\n\n\n\n<p>A low-cost starter lab typically includes:\n&#8211; 1 connector exporting low-volume audit logs\n&#8211; 1 Object Storage bucket in Standard tier\n&#8211; Short retention \/ manual cleanup<\/p>\n\n\n\n<p>Costs depend on:\n&#8211; Object Storage GB stored and operations\n&#8211; Any additional analytics services enabled<\/p>\n\n\n\n<p>Use the <strong>OCI Cost Estimator<\/strong> with:\n&#8211; Object Storage: expected GB stored + monthly operations\n&#8211; (Optional) Streaming\/Functions if you add tasks<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Example production cost considerations<\/h3>\n\n\n\n<p>For production, cost planning should include:\n&#8211; Expected daily log volume (GB\/day) and growth rate\n&#8211; Retention policy (days\/months\/years)\n&#8211; Storage tiering strategy (Standard \u2192 Archive)\n&#8211; Throughput requirements (if using Streaming)\n&#8211; Monitoring and alerting overhead (usually minimal, but depends on metrics and alarms)\n&#8211; Cross-compartment and cross-region governance requirements<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">10. Step-by-Step Hands-On Tutorial<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Objective<\/h3>\n\n\n\n<p>Create a <strong>Connector Hub<\/strong> connector that exports <strong>OCI Audit logs<\/strong> (via OCI Logging) to an <strong>OCI Object Storage bucket<\/strong> for retention, then validate delivery and clean up.<\/p>\n\n\n\n<p>This is a common \u201cfirst production use case\u201d because audit logs are valuable and Object Storage is a low-cost durable sink.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Lab Overview<\/h3>\n\n\n\n<p>You will:\n1. Create (or choose) a compartment for the lab\n2. Create an Object Storage bucket\n3. Create a Connector Hub connector:\n   &#8211; <strong>Source:<\/strong> OCI Logging (Audit logs)\n   &#8211; <strong>Target:<\/strong> Object Storage bucket\n4. Generate a few audit events\n5. Validate objects appear in the bucket\n6. Troubleshoot if data doesn\u2019t arrive\n7. Clean up resources to stop ongoing costs<\/p>\n\n\n\n<blockquote>\n<p>Note: UI labels vary by OCI Console version. If you see <strong>Service Connector Hub<\/strong> in the console, that is the same service family as Connector Hub used in this tutorial.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Prepare a compartment and naming<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In OCI Console, open the navigation menu.<\/li>\n<li>Go to <strong>Identity &amp; Security \u2192 Compartments<\/strong>.<\/li>\n<li>Create a compartment like:\n   &#8211; Name: <code>lab-connector-hub<\/code>\n   &#8211; Description: <code>Connector Hub lab compartment<\/code><\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome:<\/strong> You have a dedicated compartment to isolate policies and resources.<\/p>\n\n\n\n<p><strong>Tip:<\/strong> If you cannot create compartments, use an existing sandbox compartment where you have permissions.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Create an Object Storage bucket (target)<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to <strong>Storage \u2192 Object Storage &amp; Archive Storage \u2192 Buckets<\/strong><\/li>\n<li>Select the compartment <code>lab-connector-hub<\/code><\/li>\n<li>Click <strong>Create Bucket<\/strong><\/li>\n<li>Use:\n   &#8211; Bucket name: <code>audit-log-archive-&lt;unique-suffix&gt;<\/code>\n   &#8211; Default storage tier: Standard (typical default)\n   &#8211; Encryption: Oracle-managed keys (default) unless you require customer-managed keys<\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome:<\/strong> Bucket is created and empty.<\/p>\n\n\n\n<p><strong>Optional CLI validation (list buckets):<\/strong><\/p>\n\n\n\n<pre><code class=\"language-bash\">oci os bucket list --compartment-id &lt;COMPARTMENT_OCID&gt;\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Ensure Audit logs are accessible in OCI Logging (source)<\/h3>\n\n\n\n<p>Audit logs are typically available by default in OCI, but access may be compartment-scoped.<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to <strong>Observability &amp; Management \u2192 Logging \u2192 Logs<\/strong><\/li>\n<li>Select your compartment (often the tenancy root or the relevant compartment)<\/li>\n<li>Look for <strong>Audit<\/strong> logs (naming and location can vary)<\/li>\n<\/ol>\n\n\n\n<p>If you can view audit events, you\u2019re ready.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> You can see Audit log entries in the Logging UI.<\/p>\n\n\n\n<p><strong>If you can\u2019t see them:<\/strong>\n&#8211; Confirm you\u2019re in the correct compartment\n&#8211; Confirm you have permission to read logs\n&#8211; Verify audit log availability and scope in your tenancy (some orgs centralize access)<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Create required IAM policies (critical)<\/h3>\n\n\n\n<p>Connector Hub needs permission to:\n&#8211; Read from the source (Logging\/Audit)\n&#8211; Write to the target (Object Storage bucket)<\/p>\n\n\n\n<p>Because OCI policy statements must be exact\u2014and service principal naming can change\u2014use the <strong>official Connector Hub policy examples<\/strong> for your tenancy:\n&#8211; https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/service-connector-hub\/Tasks\/service-connector-policies.htm (verify exact URL path)<\/p>\n\n\n\n<p>Below is a <strong>typical pattern<\/strong> you should adapt and <strong>verify<\/strong>.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">4.1 Allow admins to manage connectors in the lab compartment<\/h4>\n\n\n\n<p>Create a policy in your tenancy (or compartment) that allows your user group to manage connectors:<\/p>\n\n\n\n<p>Example (verify group name and syntax):\n&#8211; <strong>Identity &amp; Security \u2192 Policies \u2192 Create Policy<\/strong>\n&#8211; Compartment: tenancy root (common) or appropriate parent<\/p>\n\n\n\n<pre><code class=\"language-text\">Allow group &lt;YOUR_GROUP_NAME&gt; to manage serviceconnectors in compartment lab-connector-hub\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">4.2 Allow the Connector Hub service to write objects to your bucket compartment<\/h4>\n\n\n\n<p>Example (verify service name and permissions):<\/p>\n\n\n\n<pre><code class=\"language-text\">Allow service serviceconnectorhub to manage object-family in compartment lab-connector-hub\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">4.3 Allow the Connector Hub service to read logs (if required)<\/h4>\n\n\n\n<p>Depending on how Logging is scoped, you may need something like (verify):<\/p>\n\n\n\n<pre><code class=\"language-text\">Allow service serviceconnectorhub to read log-content in compartment &lt;COMPARTMENT_WITH_AUDIT_LOGS&gt;\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> Policies are created and in \u201cACTIVE\u201d state.<\/p>\n\n\n\n<p><strong>Important:<\/strong> If you get permission errors later, they almost always come from:\n&#8211; Incorrect compartment selection in the policy\n&#8211; Wrong service principal name\n&#8211; Missing permission for reading log content or writing objects<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Create a connector in Connector Hub<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to the OCI Console menu and locate <strong>Connector Hub<\/strong> or <strong>Service Connector Hub<\/strong> (exact location varies).<\/li>\n<li>Select compartment: <code>lab-connector-hub<\/code><\/li>\n<li>Click <strong>Create Connector<\/strong> (or <strong>Create Service Connector<\/strong>)<\/li>\n<\/ol>\n\n\n\n<p>Configure:\n&#8211; <strong>Name:<\/strong> <code>audit-to-objectstorage<\/code>\n&#8211; <strong>Source:<\/strong> Logging\n  &#8211; Choose <strong>Audit logs<\/strong> (or the relevant Audit log group\/log)\n&#8211; <strong>Target:<\/strong> Object Storage\n  &#8211; Choose the bucket: <code>audit-log-archive-&lt;unique-suffix&gt;<\/code>\n  &#8211; Choose a prefix like: <code>audit\/<\/code> (if supported)\n&#8211; <strong>Tasks:<\/strong> None (keep it simple for the first lab), or select only safe filtering if available and clearly documented.<\/p>\n\n\n\n<p>Create\/Save the connector.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> Connector is created and shows status such as <em>Active<\/em> or <em>Running<\/em> (exact wording varies).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 6: Generate audit events (so there is something to export)<\/h3>\n\n\n\n<p>Now perform a few actions that produce audit events. For example:\n&#8211; List buckets\n&#8211; Create and delete a test object\n&#8211; View compartment details<\/p>\n\n\n\n<p>A simple action:\n1. Open your bucket\n2. Upload a small text file <code>test.txt<\/code>\n3. Delete it after a minute<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> Audit log entries should be generated within OCI Audit\/Logging.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 7: Validate delivery to Object Storage<\/h3>\n\n\n\n<p>There can be a delay between audit event generation and export delivery depending on batching and service behavior.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">7.1 Check the bucket in Console<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to your bucket<\/li>\n<li>Browse objects under the prefix (e.g., <code>audit\/<\/code>)<\/li>\n<\/ol>\n\n\n\n<p>You should see one or more objects created by the connector.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> Objects appear in the bucket containing exported log data.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">7.2 Optional: Validate with OCI CLI<\/h4>\n\n\n\n<p>List objects:<\/p>\n\n\n\n<pre><code class=\"language-bash\">oci os object list \\\n  --bucket-name audit-log-archive-&lt;unique-suffix&gt; \\\n  --compartment-id &lt;COMPARTMENT_OCID&gt;\n<\/code><\/pre>\n\n\n\n<p>Download one object to inspect:<\/p>\n\n\n\n<pre><code class=\"language-bash\">oci os object get \\\n  --bucket-name audit-log-archive-&lt;unique-suffix&gt; \\\n  --name &lt;OBJECT_NAME_FROM_LIST&gt; \\\n  --file exported-audit-log.json\n<\/code><\/pre>\n\n\n\n<p>Inspect:<\/p>\n\n\n\n<pre><code class=\"language-bash\">head -n 50 exported-audit-log.json\n<\/code><\/pre>\n\n\n\n<p>What you should see:\n&#8211; JSON records or structured log entries (format depends on connector and source type\u2014verify)<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Validation<\/h3>\n\n\n\n<p>You have successfully completed the lab if:\n&#8211; The connector is in an active\/running state\n&#8211; Audit events are visible in OCI Logging\n&#8211; Objects containing exported audit logs appear in the Object Storage bucket\n&#8211; You can download and inspect exported data<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Troubleshooting<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">Issue 1: Connector stuck in \u201cFailed\u201d or not delivering<\/h4>\n\n\n\n<p><strong>Likely causes:<\/strong>\n&#8211; Missing IAM permissions for the Connector Hub service to write to Object Storage\n&#8211; Incorrect bucket\/compartment selection\n&#8211; Connector cannot read log content due to policy scope<\/p>\n\n\n\n<p><strong>Fix:<\/strong>\n&#8211; Re-check policies using official policy examples:\n  &#8211; Verify the compartment names\/OCIDs match the source\/target locations\n  &#8211; Verify service principal name is correct for your region\/tenancy (<strong>verify in docs<\/strong>)<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Issue 2: No objects show up in the bucket<\/h4>\n\n\n\n<p><strong>Likely causes:<\/strong>\n&#8211; Not enough events generated\n&#8211; Delivery delay due to batching\n&#8211; Wrong log selected as source<\/p>\n\n\n\n<p><strong>Fix:<\/strong>\n&#8211; Generate more audit events\n&#8211; Wait 10\u201320 minutes (timing varies\u2014verify)\n&#8211; Confirm the connector source points to the correct audit log group\/log<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Issue 3: Permission errors when creating the connector<\/h4>\n\n\n\n<p><strong>Likely causes:<\/strong>\n&#8211; Your user\/group lacks permission to manage connectors\n&#8211; You are in the wrong compartment<\/p>\n\n\n\n<p><strong>Fix:<\/strong>\n&#8211; Add\/adjust policy:\n  <code>text\n  Allow group &lt;YOUR_GROUP_NAME&gt; to manage serviceconnectors in compartment lab-connector-hub<\/code>\n&#8211; Verify group membership and policy attachment location<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Issue 4: Exported data format isn\u2019t what you expected<\/h4>\n\n\n\n<p><strong>Explanation:<\/strong>\n&#8211; Export format can vary by source type and connector implementation.\n&#8211; Some connectors write batches rather than per-event objects.<\/p>\n\n\n\n<p><strong>Fix:<\/strong>\n&#8211; Confirm export format in official docs for your source\/target combination.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Cleanup<\/h3>\n\n\n\n<p>To stop ongoing storage growth and keep your tenancy tidy:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\n<p><strong>Delete the connector<\/strong>\n   &#8211; Go to Connector Hub \/ Service Connector Hub\n   &#8211; Select <code>audit-to-objectstorage<\/code>\n   &#8211; Delete<\/p>\n<\/li>\n<li>\n<p><strong>Delete exported objects in the bucket<\/strong>\n   &#8211; Bucket \u2192 Objects \u2192 Delete objects (or delete bucket if empty)<\/p>\n<\/li>\n<li>\n<p><strong>Delete the bucket<\/strong>\n   &#8211; Object Storage \u2192 Buckets \u2192 Delete bucket\n   &#8211; If bucket is not empty, remove all objects first<\/p>\n<\/li>\n<li>\n<p><strong>Remove IAM policies<\/strong> you created for the lab if they are no longer needed<\/p>\n<\/li>\n<li>\n<p><strong>Delete the compartment<\/strong> <code>lab-connector-hub<\/code> (only if you created it solely for this lab and it\u2019s empty)<\/p>\n<\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome:<\/strong> No connector remains running, and no bucket remains accumulating data.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">11. Best Practices<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Architecture best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Use compartments to separate producers and sinks:<\/strong> Keep central log archive buckets in a security\/shared compartment.<\/li>\n<li><strong>Standardize naming:<\/strong> Include environment, source, and target in connector names:<\/li>\n<li><code>prod-audit-to-archive-bucket<\/code><\/li>\n<li><strong>Design for downstream processing:<\/strong> Use clear Object Storage prefixes (e.g., <code>audit\/yyyy\/mm\/dd\/<\/code> if supported\u2014verify) to simplify analytics.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">IAM\/security best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Least privilege:<\/strong> Grant Connector Hub only the minimum required:<\/li>\n<li>Read from specific log groups\/logs<\/li>\n<li>Write to a specific bucket\/prefix (if prefix scoping is supported\u2014verify)<\/li>\n<li><strong>Separate duties:<\/strong> Admins manage policies; app teams manage connectors within allowed boundaries.<\/li>\n<li><strong>Avoid wildcard policies<\/strong> at tenancy root unless required.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Cost best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Filter aggressively<\/strong> if supported (drop noisy debug logs).<\/li>\n<li><strong>Lifecycle policies<\/strong> in Object Storage:<\/li>\n<li>Standard \u2192 Archive after N days<\/li>\n<li>Delete after compliance retention is met (if allowed)<\/li>\n<li><strong>Control object sprawl:<\/strong> If configuration allows batching, prefer fewer larger objects over many tiny ones (verify for your connector type).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Performance best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Know throughput limits:<\/strong> Check Connector Hub limits and Streaming\/Object Storage limits.<\/li>\n<li><strong>Avoid chatty downstream tasks:<\/strong> If using Functions, ensure it can handle burst traffic and has idempotent processing.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Reliability best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Assume at-least-once delivery<\/strong> unless docs explicitly guarantee exactly-once (verify).<\/li>\n<li><strong>Make downstream processing idempotent:<\/strong> Deduplicate by event ID\/time where possible.<\/li>\n<li><strong>Alarm on failures:<\/strong> Create Monitoring alarms on connector errors (verify metric names).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operations best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Tag everything:<\/strong> cost-center, environment, application, owner.<\/li>\n<li><strong>Document each connector:<\/strong> source, target, purpose, data classification.<\/li>\n<li><strong>Runbook for failures:<\/strong> include policy checks, target service health, and backlog handling.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Governance\/tagging\/naming best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Naming pattern example:<\/li>\n<li>Connector: <code>env-source-to-target-purpose<\/code><\/li>\n<li>Bucket: <code>env-log-archive-app<\/code><\/li>\n<li>Tag keys:<\/li>\n<li><code>Environment=prod|dev<\/code><\/li>\n<li><code>DataClass=public|internal|confidential<\/code><\/li>\n<li><code>Owner=team-name<\/code><\/li>\n<li><code>CostCenter=...<\/code><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">12. Security Considerations<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Identity and access model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>User identities (human\/automation) create and manage connectors via IAM.<\/li>\n<li>Connector Hub service identity accesses sources\/targets according to policies.<\/li>\n<li>Use <strong>groups<\/strong> and <strong>dynamic groups<\/strong> where appropriate (dynamic groups typically for compute identities; Connector Hub is a service principal\u2014verify exact model).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Encryption<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>In transit:<\/strong> OCI service-to-service traffic is typically encrypted (verify specifics).<\/li>\n<li><strong>At rest:<\/strong> Object Storage encrypts by default; choose:<\/li>\n<li>Oracle-managed keys (default)<\/li>\n<li>Customer-managed keys in OCI Vault (if required)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network exposure<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Connector Hub is a managed service; you typically do not place it in a VCN.<\/li>\n<li>If your targets involve public endpoints or cross-region, review:<\/li>\n<li>Data egress<\/li>\n<li>Public exposure<\/li>\n<li>Allowed endpoints (verify supported configurations)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secrets handling<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Prefer IAM-based access and resource principals\/service principals.<\/li>\n<li>If using Functions as a task and it needs secrets (API keys, DB passwords):<\/li>\n<li>Store secrets in <strong>OCI Vault<\/strong><\/li>\n<li>Grant the function least-privilege access to secrets<\/li>\n<li>Avoid embedding secrets in code or environment variables unless properly managed<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Audit\/logging<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use OCI Audit to track:<\/li>\n<li>Connector creation\/update\/deletion<\/li>\n<li>Policy changes<\/li>\n<li>Export audit logs to Object Storage (as shown) for retention.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compliance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Data classification:<\/strong> Logs can contain sensitive data (user IDs, IPs, request payload fragments).<\/li>\n<li><strong>Residency:<\/strong> Choose region appropriately; document cross-region flows.<\/li>\n<li><strong>Retention:<\/strong> Define retention and deletion schedules aligned with regulatory requirements.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Common security mistakes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Overly broad policies like:<\/li>\n<li>\u201cmanage all-resources in tenancy\u201d<\/li>\n<li>Writing sensitive logs to buckets without restricted access<\/li>\n<li>No lifecycle policy leading to uncontrolled retention<\/li>\n<li>No monitoring\/alerting for connector failure (silent data loss risk)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secure deployment recommendations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use a dedicated \u201clog archive\u201d compartment with tight access.<\/li>\n<li>Restrict bucket access to a limited group; deny public access.<\/li>\n<li>Enable object versioning or retention features if needed (Object Storage features\u2014verify suitability).<\/li>\n<li>Build alarms and periodic validation checks (e.g., confirm objects arrive daily).<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">13. Limitations and Gotchas<\/h2>\n\n\n\n<p>Because limits and supported integrations can change, confirm all items in official docs for your region.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Known limitations (common patterns)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Supported sources\/targets are limited:<\/strong> You can only connect what OCI supports in Connector Hub.<\/li>\n<li><strong>Not a full ETL tool:<\/strong> Tasks are not equivalent to a data integration platform.<\/li>\n<li><strong>Delivery semantics:<\/strong> Often at-least-once; ordering not guaranteed (verify).<\/li>\n<li><strong>Batching behavior:<\/strong> Exports may arrive in batches, not per event.<\/li>\n<li><strong>Latency variability:<\/strong> Export can lag due to batching, throttling, or downstream limits.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Maximum connectors per compartment\/region (verify service limits).<\/li>\n<li>Throughput limits depending on source\/target type.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Regional constraints<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Some targets (like analytics integrations) may not be available in all regions.<\/li>\n<li>Cross-region flows can be complex and costly.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Pricing surprises<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Object Storage request charges if many small objects are written.<\/li>\n<li>Streaming throughput and retention charges.<\/li>\n<li>Analytics ingestion charges.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compatibility issues<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Downstream systems may require specific formats\/partitioning.<\/li>\n<li>If you plan to consume exported objects with Spark\/Data Flow, verify format is friendly for your tooling.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational gotchas<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>IAM policy mistakes are the #1 root cause of failed connectors.<\/li>\n<li>Moving connectors between compartments is not always supported; you may need to recreate them (verify).<\/li>\n<li>If you delete a bucket target, connectors will fail until reconfigured.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Migration challenges<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>If you previously used scripts\/agents, migrating requires:<\/li>\n<li>Mapping source\/target permissions to IAM policies<\/li>\n<li>Updating operational monitoring<\/li>\n<li>Validating format and retention policies<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Vendor-specific nuances<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI\u2019s compartment and IAM model is powerful but strict\u2014plan policy design early.<\/li>\n<li>Some connector capabilities may be tied to licensing of target services (e.g., Logging Analytics).<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">14. Comparison with Alternatives<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Nearest services in Oracle Cloud (OCI)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>OCI Data Integration:<\/strong> Better for ETL\/ELT, complex pipelines, scheduling, data quality (not just routing).<\/li>\n<li><strong>OCI GoldenGate:<\/strong> Best for database replication and CDC (change data capture).<\/li>\n<li><strong>OCI Streaming:<\/strong> Core event streaming; Connector Hub often complements it.<\/li>\n<li><strong>OCI Functions + Events:<\/strong> For event-driven automation; may require more custom wiring than Connector Hub.<\/li>\n<li><strong>OCI Logging sinks\/exports (if available):<\/strong> Depending on OCI Logging features, some exports might be handled directly (verify).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Nearest services in other clouds<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>AWS:<\/strong> EventBridge Pipes, Kinesis Data Firehose, CloudWatch Logs subscriptions\/exports<\/li>\n<li><strong>Azure:<\/strong> Event Grid, Azure Monitor diagnostic settings, Event Hubs capture<\/li>\n<li><strong>Google Cloud:<\/strong> Logging sinks, Pub\/Sub, Eventarc, Dataflow templates<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Open-source \/ self-managed alternatives<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Kafka Connect<\/strong> (with S3 sink, etc.)<\/li>\n<li><strong>Fluent Bit \/ Fluentd<\/strong><\/li>\n<li><strong>Logstash<\/strong><\/li>\n<li><strong>Apache NiFi<\/strong><\/li>\n<li><strong>Airbyte<\/strong> (more ELT-focused)<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Comparison table<\/h4>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Option<\/th>\n<th>Best For<\/th>\n<th>Strengths<\/th>\n<th>Weaknesses<\/th>\n<th>When to Choose<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>Oracle Cloud Connector Hub<\/strong><\/td>\n<td>Managed routing between supported OCI services<\/td>\n<td>Low ops, IAM-governed, fast setup<\/td>\n<td>Limited sources\/targets; not full ETL<\/td>\n<td>You need simple, continuous OCI-to-OCI routing<\/td>\n<\/tr>\n<tr>\n<td>OCI Data Integration<\/td>\n<td>ETL\/ELT pipelines<\/td>\n<td>Rich transforms, schedules, data workflows<\/td>\n<td>More setup; not \u201cjust routing\u201d<\/td>\n<td>You need complex transformation and orchestration<\/td>\n<\/tr>\n<tr>\n<td>OCI GoldenGate<\/td>\n<td>Database replication\/CDC<\/td>\n<td>Strong for DB change capture<\/td>\n<td>Specialized; can be costly\/complex<\/td>\n<td>You need near-real-time DB replication\/CDC<\/td>\n<\/tr>\n<tr>\n<td>OCI Streaming (direct producers\/consumers)<\/td>\n<td>Event streaming backbone<\/td>\n<td>Decoupling, fan-out, scalable<\/td>\n<td>You manage producers\/consumers logic<\/td>\n<td>You need custom event processing and multiple consumers<\/td>\n<\/tr>\n<tr>\n<td>OCI Functions + Events<\/td>\n<td>Serverless automation<\/td>\n<td>Flexible custom logic<\/td>\n<td>You build and operate more glue<\/td>\n<td>You need custom workflows triggered by events<\/td>\n<\/tr>\n<tr>\n<td>Kafka Connect (self-managed)<\/td>\n<td>Broad integration ecosystem<\/td>\n<td>Many connectors, flexible<\/td>\n<td>You manage infra, scaling, patching<\/td>\n<td>You need unsupported endpoints or advanced connector ecosystem<\/td>\n<\/tr>\n<tr>\n<td>Fluent Bit\/Fluentd\/Logstash<\/td>\n<td>Log shipping and transformation<\/td>\n<td>Powerful parsing\/routing<\/td>\n<td>Agents\/infra to manage<\/td>\n<td>You need deep log parsing or non-OCI sources\/targets<\/td>\n<\/tr>\n<tr>\n<td>AWS Firehose \/ Azure Monitor \/ GCP Logging sinks<\/td>\n<td>Cloud-native routing in other clouds<\/td>\n<td>Tight integration in their ecosystems<\/td>\n<td>Not OCI-native<\/td>\n<td>You\u2019re in those clouds primarily<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">15. Real-World Example<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Enterprise example: Regulated audit retention and security analytics<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> A financial organization must retain OCI audit logs for 1\u20137 years (policy-dependent) and make them accessible for security investigations.<\/li>\n<li><strong>Proposed architecture:<\/strong><\/li>\n<li>Source: OCI Audit logs (via OCI Logging)<\/li>\n<li>Connector Hub: audit export connectors per region\/compartment<\/li>\n<li>Target: Central Object Storage bucket in a security compartment<\/li>\n<li>Lifecycle: Standard for 30\u201390 days \u2192 Archive for long-term retention<\/li>\n<li>Optional: Periodic Data Flow job to build searchable indexes or curated datasets<\/li>\n<li><strong>Why Connector Hub was chosen:<\/strong><\/li>\n<li>Managed export reduces custom pipeline risk<\/li>\n<li>Strong IAM governance and compartment boundaries<\/li>\n<li>Operational simplicity and standardization across regions<\/li>\n<li><strong>Expected outcomes:<\/strong><\/li>\n<li>Consistent retention and evidence chain<\/li>\n<li>Faster investigations with centralized access<\/li>\n<li>Lower ops overhead compared to agent-based log shippers<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Startup\/small-team example: Centralized operational logs for a SaaS<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem:<\/strong> A small SaaS team runs workloads in multiple compartments (dev\/stage\/prod) and needs centralized log retention for debugging and customer support.<\/li>\n<li><strong>Proposed architecture:<\/strong><\/li>\n<li>Source: Application\/service logs in OCI Logging<\/li>\n<li>Connector Hub: one connector per environment<\/li>\n<li>Target: Object Storage buckets with prefixes per app\/environment<\/li>\n<li>Optional: Stream high-severity events into a notifications pipeline (verify supported target)<\/li>\n<li><strong>Why Connector Hub was chosen:<\/strong><\/li>\n<li>Quick to deploy; no infra to run<\/li>\n<li>IAM policies allow safe self-service<\/li>\n<li>Easy to expand to more apps later<\/li>\n<li><strong>Expected outcomes:<\/strong><\/li>\n<li>Improved debugging with centralized archives<\/li>\n<li>Predictable storage-based retention costs<\/li>\n<li>Minimal maintenance work<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">16. FAQ<\/h2>\n\n\n\n<p>1) <strong>Is \u201cConnector Hub\u201d the same as \u201cService Connector Hub\u201d in OCI?<\/strong><br\/>\nIn many OCI contexts, yes. OCI documentation commonly uses <strong>Service Connector Hub<\/strong> while some interfaces shorten it to <strong>Connector Hub<\/strong>. Verify the naming in your OCI Console and docs for your region.<\/p>\n\n\n\n<p>2) <strong>Is Connector Hub part of Oracle Cloud Data Management?<\/strong><br\/>\nIt is frequently used for <strong>data movement and operational data routing<\/strong>, which strongly supports Data Management patterns (archival, ingestion, pipelines). OCI\u2019s product-category placement may differ in the console\u2014verify.<\/p>\n\n\n\n<p>3) <strong>What are typical sources for Connector Hub?<\/strong><br\/>\nCommon sources include OCI services that produce telemetry such as <strong>Logging<\/strong> and <strong>Streaming<\/strong> (and sometimes <strong>Monitoring metrics<\/strong>)\u2014verify the up-to-date supported list.<\/p>\n\n\n\n<p>4) <strong>What are typical targets?<\/strong><br\/>\nCommon targets include <strong>Object Storage<\/strong>, <strong>Streaming<\/strong>, <strong>Functions<\/strong>, and analytics targets like <strong>Logging Analytics<\/strong>\u2014verify availability and licensing.<\/p>\n\n\n\n<p>5) <strong>Does Connector Hub guarantee exactly-once delivery?<\/strong><br\/>\nDo not assume exactly-once. Many managed routing systems provide at-least-once delivery with possible duplicates. Verify delivery semantics in official docs for your connector type.<\/p>\n\n\n\n<p>6) <strong>Can I filter data before it reaches the target?<\/strong><br\/>\nOften yes, through tasks or filtering options (capability varies). Verify supported task types and filter expressions.<\/p>\n\n\n\n<p>7) <strong>Can I transform data formats in Connector Hub?<\/strong><br\/>\nSome task capabilities may exist, but Connector Hub is not a full ETL service. For complex transformation, use Data Integration, Data Flow, or downstream processing.<\/p>\n\n\n\n<p>8) <strong>How do I secure exported logs in Object Storage?<\/strong><br\/>\nUse IAM policies to restrict bucket access, enable encryption (default), and consider customer-managed keys via OCI Vault if required.<\/p>\n\n\n\n<p>9) <strong>How do I know if a connector is failing?<\/strong><br\/>\nUse connector status in the console and set up Monitoring alarms based on connector metrics (verify metric names and dimensions).<\/p>\n\n\n\n<p>10) <strong>What\u2019s the most common reason a connector doesn\u2019t work?<\/strong><br\/>\nIAM policy misconfiguration: missing permissions to read from the source or write to the target.<\/p>\n\n\n\n<p>11) <strong>Can I export logs cross-compartment?<\/strong><br\/>\nYes, but you must design IAM policies carefully for cross-compartment access.<\/p>\n\n\n\n<p>12) <strong>Can I export data cross-region?<\/strong><br\/>\nSometimes, but it depends on supported targets and design. Cross-region data movement can increase cost and complexity\u2014verify supported patterns.<\/p>\n\n\n\n<p>13) <strong>Do I need a VCN or subnets for Connector Hub?<\/strong><br\/>\nTypically no\u2014Connector Hub is service-managed. Networking requirements depend on your targets (especially if external endpoints are involved\u2014verify).<\/p>\n\n\n\n<p>14) <strong>How do I keep Object Storage costs under control?<\/strong><br\/>\nUse lifecycle policies, reduce volume with filtering, and avoid excessive small object creation if possible.<\/p>\n\n\n\n<p>15) <strong>Can I manage connectors with Terraform?<\/strong><br\/>\nOCI supports many services via Terraform provider. Verify whether Connector Hub resources are supported by the current OCI Terraform provider and which fields are available:\n&#8211; OCI Terraform provider docs: https:\/\/registry.terraform.io\/providers\/oracle\/oci\/latest\/docs (verify specific resource name)<\/p>\n\n\n\n<p>16) <strong>Can I automate connector creation with OCI CLI or API?<\/strong><br\/>\nYes, if the service exposes CLI\/API operations (often under \u201cserviceconnector\u201d). Verify CLI commands and API endpoints in official SDK\/CLI docs.<\/p>\n\n\n\n<p>17) <strong>How should I handle duplicates downstream?<\/strong><br\/>\nDesign downstream processing to be idempotent\u2014deduplicate by event ID, timestamp + hash, or object name\/versioning strategies.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">17. Top Online Resources to Learn Connector Hub<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Resource Type<\/th>\n<th>Name<\/th>\n<th>Why It Is Useful<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Official documentation<\/td>\n<td>OCI Service Connector Hub docs: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/service-connector-hub\/home.htm<\/td>\n<td>Primary source for features, setup, policies, and limits<\/td>\n<\/tr>\n<tr>\n<td>Official IAM\/policies guidance<\/td>\n<td>OCI policies overview: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Identity\/Concepts\/policies.htm<\/td>\n<td>Essential for least-privilege and troubleshooting permissions<\/td>\n<\/tr>\n<tr>\n<td>Official pricing<\/td>\n<td>OCI pricing: https:\/\/www.oracle.com\/cloud\/pricing\/<\/td>\n<td>Understand service and dependent service pricing<\/td>\n<\/tr>\n<tr>\n<td>Official price list<\/td>\n<td>OCI price list: https:\/\/www.oracle.com\/cloud\/price-list\/<\/td>\n<td>SKU-level pricing reference (region\/contract can vary)<\/td>\n<\/tr>\n<tr>\n<td>Cost estimator<\/td>\n<td>OCI cost estimator: https:\/\/www.oracle.com\/cloud\/costestimator.html (verify)<\/td>\n<td>Build scenario estimates without guessing<\/td>\n<\/tr>\n<tr>\n<td>Architecture center<\/td>\n<td>OCI Architecture Center: https:\/\/docs.oracle.com\/solutions\/<\/td>\n<td>Reference architectures for logging, analytics, data lakes<\/td>\n<\/tr>\n<tr>\n<td>Logging docs<\/td>\n<td>OCI Logging docs: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Logging\/home.htm<\/td>\n<td>Understand log sources, log groups, and audit\/service logs<\/td>\n<\/tr>\n<tr>\n<td>Object Storage docs<\/td>\n<td>OCI Object Storage docs: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Object\/home.htm<\/td>\n<td>Buckets, lifecycle policies, encryption, access control<\/td>\n<\/tr>\n<tr>\n<td>OCI CLI install<\/td>\n<td>OCI CLI installation: https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/SDKDocs\/cliinstall.htm<\/td>\n<td>Automate validation and cleanup<\/td>\n<\/tr>\n<tr>\n<td>Terraform provider<\/td>\n<td>OCI Terraform provider: https:\/\/registry.terraform.io\/providers\/oracle\/oci\/latest\/docs<\/td>\n<td>Infrastructure-as-code patterns (verify Connector Hub resource support)<\/td>\n<\/tr>\n<tr>\n<td>Official videos<\/td>\n<td>Oracle Cloud YouTube: https:\/\/www.youtube.com\/@OracleCloudInfrastructure<\/td>\n<td>Product walkthroughs and best practices (search \u201cService Connector Hub\u201d)<\/td>\n<\/tr>\n<tr>\n<td>API reference (if applicable)<\/td>\n<td>OCI API docs: https:\/\/docs.oracle.com\/en-us\/iaas\/api\/<\/td>\n<td>Confirm REST operations for connector resources (search for service connector)<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">18. Training and Certification Providers<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\n<p><strong>DevOpsSchool.com<\/strong><br\/>\n   &#8211; <strong>Suitable audience:<\/strong> DevOps engineers, SREs, platform teams, cloud beginners<br\/>\n   &#8211; <strong>Likely learning focus:<\/strong> OCI fundamentals, DevOps practices, cloud operations, automation basics (verify current catalog)<br\/>\n   &#8211; <strong>Mode:<\/strong> Check website<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.devopsschool.com\/<\/p>\n<\/li>\n<li>\n<p><strong>ScmGalaxy.com<\/strong><br\/>\n   &#8211; <strong>Suitable audience:<\/strong> DevOps learners, engineers focused on tooling and process<br\/>\n   &#8211; <strong>Likely learning focus:<\/strong> SCM, CI\/CD, DevOps practices, introductory cloud content (verify current catalog)<br\/>\n   &#8211; <strong>Mode:<\/strong> Check website<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.scmgalaxy.com\/<\/p>\n<\/li>\n<li>\n<p><strong>CLoudOpsNow.in<\/strong><br\/>\n   &#8211; <strong>Suitable audience:<\/strong> Cloud operations teams, system administrators moving to cloud<br\/>\n   &#8211; <strong>Likely learning focus:<\/strong> Cloud operations, monitoring, incident response, operational readiness (verify current catalog)<br\/>\n   &#8211; <strong>Mode:<\/strong> Check website<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.cloudopsnow.in\/<\/p>\n<\/li>\n<li>\n<p><strong>SreSchool.com<\/strong><br\/>\n   &#8211; <strong>Suitable audience:<\/strong> SREs, production engineers, reliability-focused teams<br\/>\n   &#8211; <strong>Likely learning focus:<\/strong> SRE principles, observability, reliability patterns (verify current catalog)<br\/>\n   &#8211; <strong>Mode:<\/strong> Check website<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.sreschool.com\/<\/p>\n<\/li>\n<li>\n<p><strong>AiOpsSchool.com<\/strong><br\/>\n   &#8211; <strong>Suitable audience:<\/strong> Ops and platform teams exploring AIOps<br\/>\n   &#8211; <strong>Likely learning focus:<\/strong> AIOps concepts, monitoring\/telemetry analytics, automation (verify current catalog)<br\/>\n   &#8211; <strong>Mode:<\/strong> Check website<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.aiopsschool.com\/<\/p>\n<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">19. Top Trainers<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\n<p><strong>RajeshKumar.xyz<\/strong><br\/>\n   &#8211; <strong>Likely specialization:<\/strong> DevOps\/cloud training and guidance (verify offerings)<br\/>\n   &#8211; <strong>Suitable audience:<\/strong> Beginners to intermediate engineers<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.rajeshkumar.xyz\/<\/p>\n<\/li>\n<li>\n<p><strong>devopstrainer.in<\/strong><br\/>\n   &#8211; <strong>Likely specialization:<\/strong> DevOps tooling, CI\/CD, cloud basics (verify offerings)<br\/>\n   &#8211; <strong>Suitable audience:<\/strong> DevOps engineers and students<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.devopstrainer.in\/<\/p>\n<\/li>\n<li>\n<p><strong>devopsfreelancer.com<\/strong><br\/>\n   &#8211; <strong>Likely specialization:<\/strong> Freelance DevOps consulting\/training resources (verify offerings)<br\/>\n   &#8211; <strong>Suitable audience:<\/strong> Teams needing practical help and coaching<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.devopsfreelancer.com\/<\/p>\n<\/li>\n<li>\n<p><strong>devopssupport.in<\/strong><br\/>\n   &#8211; <strong>Likely specialization:<\/strong> DevOps support and operational troubleshooting (verify offerings)<br\/>\n   &#8211; <strong>Suitable audience:<\/strong> Ops teams and engineers needing hands-on support<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.devopssupport.in\/<\/p>\n<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">20. Top Consulting Companies<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\n<p><strong>cotocus.com<\/strong><br\/>\n   &#8211; <strong>Likely service area:<\/strong> Cloud\/DevOps consulting (verify service lines)<br\/>\n   &#8211; <strong>Where they may help:<\/strong> Architecture reviews, implementation support, operational readiness<br\/>\n   &#8211; <strong>Consulting use case examples:<\/strong> Designing centralized log archival, setting up IAM guardrails, cost optimization reviews<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/cotocus.com\/<\/p>\n<\/li>\n<li>\n<p><strong>DevOpsSchool.com<\/strong><br\/>\n   &#8211; <strong>Likely service area:<\/strong> DevOps and cloud consulting\/training services (verify current offerings)<br\/>\n   &#8211; <strong>Where they may help:<\/strong> Implementation workshops, CI\/CD, infrastructure automation, SRE practices<br\/>\n   &#8211; <strong>Consulting use case examples:<\/strong> Terraform-based OCI onboarding, governance setup, observability pipelines with Connector Hub patterns<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.devopsschool.com\/<\/p>\n<\/li>\n<li>\n<p><strong>DEVOPSCONSULTING.IN<\/strong><br\/>\n   &#8211; <strong>Likely service area:<\/strong> DevOps consulting (verify service lines)<br\/>\n   &#8211; <strong>Where they may help:<\/strong> Deployment automation, cloud operations, reliability improvements<br\/>\n   &#8211; <strong>Consulting use case examples:<\/strong> Building operational telemetry pipelines, alerting strategy, incident response readiness<br\/>\n   &#8211; <strong>Website:<\/strong> https:\/\/www.devopsconsulting.in\/<\/p>\n<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">21. Career and Learning Roadmap<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn before Connector Hub<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI fundamentals:<\/li>\n<li>Compartments, VCN basics (even if not required here), regions\/availability domains<\/li>\n<li>IAM fundamentals:<\/li>\n<li>Users, groups, policies, dynamic groups (conceptually)<\/li>\n<li>Core data\/observability services:<\/li>\n<li>OCI Logging (log groups, audit logs)<\/li>\n<li>OCI Object Storage (buckets, access control, lifecycle)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn after Connector Hub<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Streaming-based architectures:<\/li>\n<li>OCI Streaming partitions\/retention\/consumers<\/li>\n<li>Serverless patterns:<\/li>\n<li>OCI Functions, event-driven design, idempotency<\/li>\n<li>Analytics pipelines:<\/li>\n<li>OCI Data Flow (Spark), Data Integration, Lakehouse patterns on Object Storage<\/li>\n<li>Governance:<\/li>\n<li>Tagging strategy, quotas, landing zone design<\/li>\n<li>IaC and automation:<\/li>\n<li>Terraform for OCI, CI\/CD pipelines for infrastructure<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Job roles that use it<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cloud Engineer (OCI)<\/li>\n<li>Platform Engineer<\/li>\n<li>DevOps Engineer<\/li>\n<li>Site Reliability Engineer (SRE)<\/li>\n<li>Security Engineer (log retention and audit pipelines)<\/li>\n<li>Data Engineer (ingestion into lakes\/streams)<\/li>\n<li>Cloud Solutions Architect<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Certification path (if available)<\/h3>\n\n\n\n<p>OCI certification offerings change frequently. A practical path is:\n&#8211; OCI Foundations (entry)\n&#8211; OCI Architect (associate\/professional depending on your track)\n&#8211; Observability\/Security specialty learning (if offered)<\/p>\n\n\n\n<p>Verify current certification tracks:\n&#8211; https:\/\/education.oracle.com\/oracle-cloud-infrastructure-certification (verify current URL)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Project ideas for practice<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Export audit logs to Object Storage with lifecycle policies.<\/li>\n<li>Build a \u201clog lake\u201d layout in Object Storage with prefixes by compartment\/app.<\/li>\n<li>Add a function task (if supported) that redacts sensitive fields before storage.<\/li>\n<li>Route Streaming messages to Object Storage for replayable ingestion.<\/li>\n<li>Build alarms for connector failure metrics and write a runbook.<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">22. Glossary<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>OCI (Oracle Cloud Infrastructure):<\/strong> Oracle Cloud\u2019s IaaS\/PaaS platform.<\/li>\n<li><strong>Connector Hub (Service Connector Hub):<\/strong> Managed service for routing data between OCI services.<\/li>\n<li><strong>Connector \/ Service Connector:<\/strong> The configured routing resource (source \u2192 tasks \u2192 target).<\/li>\n<li><strong>Source:<\/strong> The service producing data (e.g., Logging).<\/li>\n<li><strong>Target:<\/strong> The destination service (e.g., Object Storage).<\/li>\n<li><strong>Task:<\/strong> Optional processing step inside the connector (filtering, function invocation\u2014verify).<\/li>\n<li><strong>Compartment:<\/strong> OCI\u2019s logical container for resources and access control.<\/li>\n<li><strong>IAM Policy:<\/strong> Text rules that grant permissions to users\/groups\/services in OCI.<\/li>\n<li><strong>Service principal (service identity):<\/strong> OCI identity used by a managed service to access other services per policy.<\/li>\n<li><strong>Audit logs:<\/strong> Records of API calls and actions in OCI for governance and security.<\/li>\n<li><strong>Object Storage bucket:<\/strong> Container for objects\/files in OCI Object Storage.<\/li>\n<li><strong>Lifecycle policy:<\/strong> Rules to transition or delete objects over time to control cost and retention.<\/li>\n<li><strong>At-least-once delivery:<\/strong> A message can be delivered more than once; consumers must handle duplicates.<\/li>\n<li><strong>Idempotent processing:<\/strong> Processing that can safely run multiple times without changing the result incorrectly.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">23. Summary<\/h2>\n\n\n\n<p>Connector Hub in <strong>Oracle Cloud (OCI)<\/strong> is a managed way to route operational and event data\u2014often logs, metrics, or stream messages\u2014between supported OCI services. It matters because it replaces fragile scripts and always-on glue infrastructure with <strong>policy-governed, repeatable connectors<\/strong> that fit cleanly into OCI\u2019s compartments and IAM model.<\/p>\n\n\n\n<p>From a <strong>Data Management<\/strong> perspective, Connector Hub is especially useful for <strong>landing telemetry into durable storage<\/strong>, feeding streaming pipelines, and standardizing ingestion patterns across teams. Cost is typically driven less by the connector itself and more by <strong>Object Storage, Streaming, Functions, analytics ingestion, and data transfer<\/strong>\u2014so lifecycle policies and volume reduction are key. Security hinges on <strong>correct IAM policies<\/strong>, least privilege, and careful handling of sensitive log data.<\/p>\n\n\n\n<p>Use Connector Hub when you need straightforward, continuous routing with minimal ops. If you need complex transformations or advanced integration to unsupported endpoints, use dedicated data integration tools or self-managed connectors.<\/p>\n\n\n\n<p><strong>Next step:<\/strong> implement the lab pattern (Audit logs \u2192 Object Storage), then expand to production readiness by adding lifecycle policies, alarms on connector failures, and infrastructure-as-code once you confirm Connector Hub resource support in your OCI Terraform provider.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Data Management<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[68,62],"tags":[],"class_list":["post-883","post","type-post","status-publish","format-standard","hentry","category-data-management","category-oracle-cloud"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/883","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/comments?post=883"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/883\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/media?parent=883"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/categories?post=883"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/tags?post=883"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}