The PeopleSoft continuous delivery model releases new versions of software on a regular (published) cadence (you can see the published schedules on MOS).
PeopleSoft Cloud Manager 16 was released July 2023 and I've had a chance to take this new release for a test drive and just wanted to share some of the highlights.
The first obvious change and very helpful improvement is around Environment password management.
(1) Cloud Manager now uses OCI Vault for password management.
Cloud Manager itself is installed in OCI using the Oracle Cloud Marketplace image. This uses OCI Resource Manager (Terraform) to provision the required OCI resources and launch the DPK for Cloud Manager. The Resource Manager stack requires the usual PeopleSoft passwords to be supplied in order for it to build and configure the PeopleSoft Cloud Manager environment. These passwords can now be predefined in OCI in a secure Vault and all passed in by reference.
In addition, any new PeopleSoft environments built by Cloud Manager can also reference an OCI Vault for providing all necessary passwords. This done through a new feature in Cloud Manager called Password Groups. A Password Group is a user specific or global set of PeopleSoft passwords. You can create as many Password Groups as you need. So, you might have one group of passwords for HCM development environments or another set for HCM PUM Images, and so on.
This is a very nice feature! It means that all your tried and tested passwords can be predefined and managed by OCI and when you come to create a new environment all you need to supply is the name of the environment, which Template you're building (HCM, FSCM, CS etc) and which Password Group is to be used for all the passwords. This makes provisioning so much easier, more reliable and more secure. You no longer need to type any passwords in manually so no human error and in fact you don't even need to know what the passwords are as they are just bound in at provisioning time by referencing the OCI Vault.
Example Password Group in Cloud Manager |
The OCI Vault is a service which provides secret and encryption key storage and management . It means you don't need to hardcode passwords into configuration files and the Vault services can track password rotation and expiry dates. The screenshot below shows a Vault named GrahamSecrets and the Cloud Manager screenshot above shows the Password Group linking the vault named GrahamSecrets with the Password Group named MyPasswords and mapping PeopleSoft passwords to secrets in the Vault.
Vault in OCI named GrahamSecrets with PeopleSoft passwords defined |
When a new PeopleSoft Environment is created in Cloud Manager you just need to supply the Name of the environment and the Password Group to use. Simple!
Creating a New Environment specifying a Password Group |
If and when passwords need to be changed you just change them in the Vault and then use Cloud Manager to update the PeopleSoft system with the new Passwords. Open the Environment Details > Manage Passwords page (see below) and select the new or updated Password Group and hit Reset Passwords button! Could not be more simple.
More on Cloud Manager 16 coming soon....
Comments
I love this feature. It not only makes it easier and secure to manage passwords, but also completely automates the environment provisioning process.
The other related feature that came out in CM 16 is the auto-provisioning of PUM images when they are downloaded based on customer subscription. We can auto-provision because we could use the passwords from the OCI Vault and don't need the customer to enter them manually (or have system defaulted passwords)!