Search
Close this search box.
View Categories

Credencial para o OCI (Oracle Cloud)

Resumo

Para integrar sua conta Oracle Cloud (OCI) na Plataforma Cloud8, você precisa fornecer uma credencial de acesso nas configurações de sua conta conosco. Confira como gerar uma credencial OCI na Documentação oficial.

Uma vez gerada a credencial, precisamos dos seguintes parâmetros:

  • user: ex: ocid1.user.oc1……
  • tenancy: ex: ocid1.tenancy.oc1…..
  • region: Sao Paulo, Ausburn, etc
  • PEM: arquivo texto com chave, começa com “—–BEGIN RSA PRIVATE KEY—–
  • fingerprint: fingerprint da chave

Para o IAMhttps://console.sa-saopaulo-1.oraclecloud.com/identity/policies

define tenancy usage-report as ocid1.tenancy.oc1..aaaaaaaaned4fkpkisbwjlr56u7cj63lf3wffbilvqknstgtvzub7vhqkggq
Allow group __MEUGROUP__ to read all-resources in tenancy
endorse group __MEUGROUP__ to read objects in tenancy usage-report

IMPORTANTE: para processar os custos é necessário manter o código do tenancy acima pois é da própria Oracle.

Permissões específicas para automações #

Ligar / desligar / upgrade / downgrade de instâncias: #

Allow group __MEUGROUP__ to manage instance-family in tenancy where any {request.permission='INSTANCE_POWER_ACTIONS', request.permission='INSTANCE_UPDATE'}

Backup: #

Allow group __MEUGROUP__ to manage volume-family in tenancy where any {request.permission='VOLUME_BACKUP_CREATE', request.permission='VOLUME_WRITE', request.permission='VOLUME_UPDATE', request.permission='VOLUME_BACKUP_DELETE', request.permission='BOOT_VOLUME_BACKUP_CREATE', request.permission='BOOT_VOLUME_BACKUP_DELETE', request.permission='VOLUME_GROUP_BACKUP_CREATE', request.permission='VOLUME_GROUP_BACKUP_DELETE'}

MySQL – Ligar / desligar: #

Allow group __MEUGROUP__ to manage mysql-family in tenancy where any {request.permission='MYSQL_INSTANCE_USE', request.permission='MYSQL_BACKUP_CREATE', request.permission='MYSQL_BACKUP_DELETE'}

DbSystems – ligar / desligar: #

Allow group __MEUGROUP__ to manage database-family in tenancy where any {request.permission='DB_NODE_POWER_ACTIONS', request.permission='DB_BACKUP_DELETE', request.permission='DB_BACKUP_CREATE'}

Gerenciar Tags: #

Allow group __MEUGROUP__ to use tag-namespaces in tenancy

OKE Cluster NodePools – ligar / desligar #

Allow group __MEUGROUP__ to use subnets in tenancy
Allow group __MEUGROUP__ to use vnics in tenancy
Allow group __MEUGROUP__ to manage instance-family in tenancy

NOTAS:
1) A permissao ‘manage instance-family‘ é necessária para NodePools.
2) Para evitar misturar com instâncias que não sejam Kubernetes, recomendamos usar ‘in compartment <compartment-name>‘ no lugar do tenancy inteiro.

Instance Pools – ligar / desligar / escalar (zero / +1) #

Allow group __MEUGROUP__ to use instance-pools in tenancy
Allow group __MEUGROUP__ to manage compute-management-family in tenancy

NOTA: A permissão ‘compute-management-family‘ é necessário para escalar Instance Pools.

Auto Scaling Groups Policy #

Allow group __MEUGROUP__ to use auto-scaling-configurations in tenancy
Allow group __MEUGROUP__ to manage auto-scaling-configurations in tenancy
Acessar, Cloud, Cloud Computing, Computação em Nuvem, Credencial, Criação, Oracle
Este conteúdo te ajudou?
contato@cloud8.com.br | (11) 3280-7888
Flag-usa Facebook Twitter Linkedin Youtube

Disclaimer: AWS, images, and associated services are property of Amazon Web Services Inc. and its affiliates. Azure, images, and associated services are property of Microsoft Corporation. GCP, images, and associated services are property of Google Inc. Huawei, images, and associated services are property of Huawei Technologies Co Ltd. Oracle, images, and associated services are property of Oracle Corporation. Cloud8 USA.

Manoel Netto Designer