This blog post aims to kick-start your journey with basic OCI commands used within the OCI Cloud Shell, putting a wealth of information at your fingertips. Delving deeper into some of the essential commands used in the following posts Discover OCI Native Credential with ease using Cloud Shell and OCI Script to Jumpstart Credential Creation. I plan to update this page periodically with additional content.

Log into your Tenancy, then open the Cloud Shell.

click Cloud Shell

My Realm

echo “${OCI_DEFAULT_REALM}”

My Tenancy

echo “${OCI_TENANCY}”
echo “$(oci iam tenancy get –tenancy-id $OCI_TENANCY| jq -r ‘.data.”name”‘)”

My Region

If your Current Region and Home Region are different it might make sense for you to use your Home Region instead. Unless of course you have a reason to user a different Region.

echo “${OCI_REGION}”
echo “Home Region = $(oci iam region-subscription list –tenancy-id “${OCI_TENANCY}” | \
jq -r ‘.data[] | select(.”is-home-region”==true)’ | jq -r ‘.”region-name”‘)”

My User Information

The if-then-else handles SAML 2.0 Identity Providers

if [[ “${OCI_CS_USER_OCID}” == *’saml2’*’@’* ]]; then
echo “$(oci iam user list –all | jq -r ‘.data[] | select(.name == “‘”$(oci iam identity-provider list \
–compartment-id “${OCI_TENANCY}” –protocol SAML2 | jq -r ‘.data[] | select(.”id”==”‘”${OCI_CS_USER_OCID%%/*}”‘”) | .name’ | \
tr ‘[:upper:]’ ‘[:lower:]’)”‘/'”${OCI_CS_USER_OCID##*/}”‘”) | .id’)”
echo “$(oci iam identity-provider list –compartment-id “${OCI_TENANCY}” –protocol SAML2 | \
jq -r ‘.data[] | select(.”id”==”‘”${OCI_CS_USER_OCID%%/*}”‘”) | .name’)””/””${OCI_CS_USER_OCID##*/}”
else
echo “${OCI_CS_USER_OCID}”
echo “$(oci iam user get –user-id “${OCI_CS_USER_OCID}”|jq -r ‘.data.name’)”
fi

Setup Fingerprint and Cryptographic Keys, then Upload to your Profile

Using the Tenancy OCID and User OCID (above) you should be able to successfully setup your OCI Fingerprint and Keys. This will help you setup your OCI Native Credential.

oci setup config
# After running setup you can now upload your Public Key File to your OCI Profile
oci iam user api-key upload –user-id [copied_user_ocid] –key-file “${HOME}”/.oci/oci_api_key_public.pem

Accessible Compartments

oci iam compartment list –all –access-level ACCESSIBLE | jq -r ‘.data[] | “\(.id), \(.name)”‘

Accessible Object Store Buckets within a particular Compartment

For this to work you must copy an Compartment OCID from the list of Compartments (above)

oci os bucket list –compartment-id [copied_compartment_ocid] | jq -r ‘.data[] | .name’

Accessible Autonomous Databases within a particular Compartment

For this to work you must copy an OCID from the list of Compartments (above)

oci db autonomous-database list –compartment-id [copied_compartment_ocid] –all | \
jq -r ‘.data[] | “\(.id), \(.”display-name”)”‘

Generate a Wallet File in Cloud Shell for a chosen Autonomous Database

For this to work you must copy an OCID and Name from the list of Autonomous Databases (above)

oci db autonomous-database generate-wallet –autonomous-database-id [copied_adb_ocid] \
–password [enter_a_password] –file [copied_adb_name]_wallet.zip

Connect to your Autonomous Database

Extract your wallet file, which contains essential credentials and connection details for secure database access, to your home directory in your cloud environment. Next, edit the sqlnet.ora file and update the path, pointing to the directory where you extracted your wallet. Now set the TNS_ADMIN environment variable in your shell to point to the directory containing your sqlnet.ora file. This setup allows sql to locate the necessary network configuration files. Finally, connect, ensuring your actual database credentials and the alias specified in your tnsnames.ora match up. This process will establish a secure connection to your Oracle Autonomous Database using SQLcl, which is already available in your Cloud Shell. 

unzip [copied_adb_name]_wallet.zip
vi “{$HOME}”/[copied_adb_name]_wallet/sqlnet.ora
export TNS_ADMIN=”{$HOME}”/[copied_adb_name]_wallet
sql admin@[copied_adb_name]_low