Creating an Oracle Credential in Flexera One
Generating Credentials in Oracle Cloud Infrastructure Console
Before you can add an Oracle credential in Flexera One, you must generate an API key and configuration details in the Oracle Cloud Infrastructure (OCI) Console.
To generate credentials:
| 1. | Sign in to the Oracle Cloud Infrastructure Console. |
| 2. | In the left pane, click Identity & Security > Identity > Overview. On the Overview page, in the lower-right corner, in the Quick Links section, click Users. |
| 3. | Do one of the following: |
| • | Create a new user with the permissions required to access the cost reports. |
| • | Click an existing user to use for the credential. |
| 4. | On the user details page, in the lower-left corner, click API keys, and then click Add API key. |
| 5. | Select Generate API key pair, and then click Download private key. You must download and save the private key file locally. |
Note:The downloaded private key is in Privacy-Enhanced Mail (PEM) format, but the Policy Engine only supports RSA format.
| 6. | In the Add API key dialog box, click Add to finalize creation of the key in OCI, and then copy and save the values from Configuration file preview. This configuration contains user, tenancy, and fingerprint values you will need when you add the Oracle credential in Flexera One using the Credentials API. |
Converting Private Key to RSA Format
You must convert the downloaded private key from PEM format to RSA format and replace all the line breaks with the \n escape character to send it in the API request.
Use the openssl and sed tools from a Linux or other Unix-like command line. Run the following command, replacing privatekey.pem with the filename of the private key you downloaded previously.
Linux / Unix command line:
openssl rsa -in privatekey.pem | sed -z 's/\n/\\n/g;s/,$/\n/' | sed 's/-----BEGIN PRIVATE KEY-----/-----BEGIN RSA PRIVATE KEY-----/g' | sed 's/-----END PRIVATE KEY-----/-----END RSA PRIVATE KEY-----/g'
Note:If you are using macOS, install the Homebrew tool and then run the following command to install gnu-sed:
brew install gnu-sed
After gnu-sed is installed, run the following command to get the RSA-formatted key:
openssl rsa -in privatekey.pem | gsed -z 's/\n/\\n/g;s/,$/\n/'
Adding Oracle Credential to Flexera One
You must add the Oracle credential using the Credentials API.
The body of the request should look like the following example:
| • | {id} in the API request path should be the ID you want the credential to have in the Policy Engine. |
| • | name and description should be the name and description you want to use for the credential in Flexera One. |
| • | tags should be set to the following values: |
| • | key = provider |
| • | value = oracle |
| • | privateKey.data should contain the converted private key created in Converting Private Key to RSA Format. Make sure the key begins with "-----BEGIN RSA PRIVATE KEY-----" and that all line breaks have been replaced with \n. |
| • | fingerprint.data should be the fingerprint value from Configuration file preview you saved earlier. |
| • | tenancyOcid.data should be the tenancy value from Configuration file preview you saved earlier. |
| • | userOcid.data should be the user value from Configuration file preview you saved earlier. |
"name": "AWS US East 1 - Dev",
"description": "The AWS US East 1 developer credentials.",
"tags": [
{
"key": "provider",
"value": "oracle"
}
],
"privateKey": {
"data": "-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: AES-128-CBC,00112233445566778899AABBCCDDEEFF\nAb12Cd/Ef+Gh\n0123456789==\n-----END RSA PRIVATE KEY-----",
"type": "plain"
},
"fingerprint": {
"data": "00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff",
"type": "plain"
},
"tenancyOcid": {
"data": "ocid1.tenancy.oc1..tttttttttttt9999999999999999mmmmmmmmmmmmmmmm4444444444444444",
"type": "plain"
},
"userOcid": {
"data": "ocid1.user.oc1..uuuuuuuuuuuuuuuuu7777777777777wwwwwwwwwwwww33333333333333333",
"type": "plain"
}
}