Skip to content

OCI Setup

Tech Notes

In order to onboard the OCI Tenant, it is required to subscribe to the US West (San Jose) Region. If this Region is not subscribed, then the onboarding of the OCI Tenant will result in an error.

Login to OCI

  1. Login to your OCI Account

Create Group

  1. Navigate to Identity & Security -> Groups
  2. Click Create Group
  3. Specify the following
    • Name: valtix-controller-group
    • Description: Valtix Controller Group
  4. Click Create

Create Policy

  1. Navigate to Identity & Security -> Policies
  2. Select the root Compartment
  3. Click Create Policy
  4. Specify the following
    • Name: valtix-controller-policy
    • Description: Valtix Controller Policy
    • Compartment: [Must be the "root" Compartment]
  5. Under Policy Builder enable Show manual editor
  6. Modify and paste the following Policy

    Allow group <group_name> to inspect instance-images in compartment <compartment_name>
    Allow group <group_name> to read app-catalog-listing in compartment <compartment_name>
    Allow group <group_name> to use volume-family in compartment <compartment_name>
    Allow group <group_name> to use virtual-network-family in compartment <compartment_name>
    Allow group <group_name> to manage volume-attachments in compartment <compartment_name>
    Allow group <group_name> to manage instances in compartment <compartment_name>
    Allow group <group_name> to {INSTANCE_IMAGE_READ} in compartment <compartment_name>
    Allow group <group_name> to manage load-balancers in compartment <compartment_name>
    Allow group <group_name> to read marketplace-listings in tenancy
    Allow group <group_name> to read marketplace-community-listings in tenancy
    Allow group <group_name> to inspect compartments in tenancy
    
    • group_name: valtix-controller-group
    • compartment_name: [Compartment where Valtix will be deployed]

    Tech Notes

    When replacing the compartment_name with the name of the compartment where the policy will apply, if the compartment is a sub-compartment, the name format is compartment:sub-compartment (e.g., Prod:App1).

  7. Click Create

Create User

  1. Navigate to Identity & Security -> Users
  2. Click Create User
  3. Specify the following
    • Name: valtix-controller-user
    • Description: Valtix Controller User
  4. Click Create

Add User to Group

  1. From the User Details view for the User, select Groups
  2. Click Add User to Group
  3. Specify the following
    • Users: valtix-controller-user
  4. Click Add

Create API Key

  1. From the User Details view for the User, select API Keys
  2. Click Add API Key
  3. Select Download Private Key and retain the Private Key for future use
  4. Select Download Public Key and retain the Public Key for future use
  5. Click Add

Configuration File Preview

  1. In the Configuration File Preview, record the following
    • user: [user=ocid1.user.oc1...]
    • tenancy: [tenancy=ocid1.tenancy.oc1...]