Search
Close this search box.

Credencial para o OCI (Oracle Cloud)

Resumo

Para integrar sua conta Oracle Cloud (OCI) na Plataforma Cloud8, você precisa fornecer uma credencial de acesso. Confira como gerar uma credencial OCI na Documentação oficial.

Uma vez gerada a credencial, precisamos dos seguintes parâmetros:

User: ex: ocid1.user.oc1……
– Tenancy: ex: ocid1.tenancy.oc1…..
Region: Sao Paulo, Ausburn, etc
PEM: arquivo texto com chave, começa com “—–BEGIN RSA PRIVATE KEY—–
Fingerprint: fingerprint da chave

Para o IAMhttps://console.sa-saopaulo-1.oraclecloud.com/identity/policies

define tenancy usage-report as ocid1.tenancy.oc1..aaaaaaaaned4fkpkisbwjlr56u7cj63lf3wffbilvqknstgtvzub7vhqkggq
Allow group __meugroup__ to read all-resources in tenancy
endorse group __meugroup__ to read objects in tenancy usage-report

IMPORTANTE: para processar os custos é necessário manter o código do tenancy acima pois é da própria Oracle.

Permissões específicas para automações #

Ligar / desligar / upgrade / downgrade de instâncias: #

Allow group __MEUGROUP__ to manage instance-family in tenancy where any {request.permission='INSTANCE_POWER_ACTIONS', request.permission='INSTANCE_UPDATE'}

Backup: #

Allow group __MEUGROUP__ to manage volume-family in tenancy where any {request.permission='VOLUME_BACKUP_CREATE', request.permission='VOLUME_WRITE', request.permission='VOLUME_UPDATE', request.permission='VOLUME_BACKUP_DELETE', request.permission='BOOT_VOLUME_BACKUP_CREATE', request.permission='BOOT_VOLUME_BACKUP_DELETE', request.permission='VOLUME_GROUP_BACKUP_CREATE', request.permission='VOLUME_GROUP_BACKUP_DELETE'}

MySQL – Ligar / desligar: #

Allow group __MEUGROUP__ to manage mysql-family in tenancy where any {request.permission='MYSQL_INSTANCE_USE', request.permission='MYSQL_BACKUP_CREATE', request.permission='MYSQL_BACKUP_DELETE'}

DbSystems – ligar / desligar: #

Allow group __MEUGROUP__ to manage database-family in tenancy where any {request.permission='DB_NODE_POWER_ACTIONS', request.permission='DB_BACKUP_DELETE', request.permission='DB_BACKUP_CREATE'}

Gerenciar Tags: #

Allow group __MEUGROUP__ to use tag-namespaces in tenancy

OKE Cluster – ligar / desligar NodePools: #

Allow group __MEUGROUP__ to manage instance-family in tenancy
Allow group __MEUGROUP__ to use subnets in tenancy
Allow group __MEUGROUP__ to use vnics in tenancy

NOTA: a permissao de ‘manage instance-family‘ é necessária. Para evitar misturar com instâncias que não sejam Kubernetes, recomendamos usar ‘in compartment <compartment-name>‘ no lugar do tenancy inteiro.

Acessar, Cloud, Cloud Computing, Computação em Nuvem, Credencial, Criação, Oracle
Este conteúdo te ajudou?
contato@cloud8.com.br | (11) 3280-7888
Flag-usa Facebook Twitter Linkedin

Disclaimer: AWS, images, and associated services are property of Amazon Web Services Inc. and its affiliates. Azure, images, and associated services are property of Microsoft Corporation. GCP, images, and associated services are property of Google Inc. Huawei, images, and associated services are property of Huawei Technologies Co Ltd. Oracle, images, and associated services are property of Oracle Corporation. Cloud8 USA.

Design por Manoel Netto