Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Obtain API credentials for an OCI account

To configure the Oracle Cloud Infrastructure (OCI) integration in Abiquo, you will need API signing key to access your OCI account via API. 

  • Abiquo supports users with restricted compartments

In Abiquo, you can use the same OCI credentials for compute and for pricing and billing.

The credentials you will need to enter are the OCI user, fingerprint, tenancy and private key.

This document describes how to obtain these credentials.

Only use ONE set of OCI keys for each enterprise in each datacenter

OCI will allow you to generate more than one set of active keys for each user. However, in the platform you can only add one set and use them in one enterprise. If you try to add another set, for example, using the API, the platform will display error message.

Abiquo provides this general guide to OCI credentials but OCI functionality may vary between accounts and change at any time. If you have any doubts, please check the OCI documentation.

Create a new user in OCI

To create a federated user or a local user to access OCI through Abiquo

  1. Log in to the OCI console and create a user following Oracle instructions for federated or local users

  2. Assign your user to a group and/or assign an access policy to your user.

    1. For a Cloud Admin, assign the user to the Administrators group

  3. Go to Infrastructure Regions and subscribe the user to any other required regions in addition to the home region.

Restrict an OCI user

One way to restrict an OCI user is to allow them to work with resources in one or more Abiquo resource groups (OCI Compartments) only.

OCI billing dashboard

To enable an OCI user use the billing dashboard, assign the OCI user a policy with access to cost and usage data.

See https://docs.oracle.com/en-us/iaas/Content/Billing/Tasks/accessingusagereports.htm#Accessing_Cost_and_Usage_Reports

This will give the OCI user access to cost and usage data for the entire OCI organization, not just the OCI compartments that they can access.

Obtain an API key

To obtain Oracle API key credentials, you will need an API signing key.

To obtain Oracle credentials, do these steps in the Oracle console. 

  1. For local users

    1. Go to the options menu in the top left of the screen → Identity & Security → Users

    2. Select the user and go to API keys 

  2. For federated users

    1. Follow the instructions in the Oracle documentation to add an API key. See https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/addingidcsusersandgroups.htm
      In the section "To add API keys, auth tokens, or other Oracle Cloud Infrastructure Credentials''

  3. Click Add API key

  4. You can let Oracle generate an API signing key or upload your own public key and fingerprint. 

  5. If you generate an API signing key, click Download Private Key

    1. The private key will save as a .pem file

    2. Change the permissions of the file so only you can access it

    3. Keep this file to enter as the secret key

  6. Select View Configuration file. From this file you will need the following.

    1. User

    2. Fingerprint

    3. Tenancy

Add credentials in Abiquo

To add the credentials in Abiquo do these steps.

  1. Create at least one OCI public cloud region that your credentials can access

  2. Edit the tenant and go to Credentials → Public

  3. Enter the credentials in the following format:

    1. Access key ID:  tenancy#user#fingerprint

    2. Secret access key: Private key in PEM format

  4. To use the same credentials for billing dashboards, mark the checkbox to Also use for pricing if required

Please note that the expected format for the tenancy and user fields is something similar to this:

  • Tenancy: ocid1.tenancy.oc1..aaaaaaaaeuu5...verylongstring1...

  • User: ocid1.user.oc1..aaaaaaaa7tnw...verylongstring2...

You will find those two long strings in the Configuration File Preview section, as detailed towards the end of the second section of the official Oracle documentation on "Configuring and Connecting to Oracle Cloud with Oracle Developer Tools for VS Code".

  • No labels