Configuring the OCI Plugin
To use the FlexDeploy OCI Plugin, follow these steps to get the information FlexDeploy requires to connect.
Create User in IAM
Create a user in IAM for FlexDeploy to connect with, and put that user in at least one IAM group with any desired permissions.See Adding Users. You can skip this if the user exists already. We will upload PEM public key to this user's settings.
Prepare and Upload PEM Key
As part of this step, we will generate PEM key and upload to IAM console.
This key pair is not the SSH key that you use to access compute instances.
Both the private key and public key must be in PEM format (not SSH-RSA format). The public key in PEM format looks something like this.
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQE... ... -----END PUBLIC KEY-----
Generate API Signing Key
You can use the following OpenSSL commands to generate the key pair in the required PEM format. If you're using Windows, you'll need to install Git Bash for Windows and run the commands with that tool.
Step 1. If you haven't already, create a .oci
directory to store the credentials:
mkdir ~/.oci
Step 2. Generate the private key with one of the following commands.
Step 2.1. (Recommended) To generate the key, encrypted with a passphrase you provide when prompted.
openssl genrsa -out ~/.oci/oci_api_key.pem -aes128 2048
Note: For Windows, you may need to insert -passout stdin
to be prompted for a passphrase. The prompt will just be the blinking cursor, with no text.
openssl genrsa -out ~/.oci/oci_api_key.pem -aes128 -passout stdin 2048
Step 2.2. To generate the key with no passphrase.
openssl genrsa -out ~/.oci/oci_api_key.pem 2048
Step 3. Ensure that only you can read the private key file: