Creating Access for Temperstack in OCI
Step 1: Create Domain
Log in to OCI and open the Navigation Menu.

Go to Identity & Security → Overview → Domain.


Click on Create Domain and follow these steps:

Provide an appropriate Name and Description.
Select Domain Type as "Free".

Uncheck "Create an administrative user for this domain".
Choose Root Compartment of your tenancy as the Compartment.

Click Create Domain to finalize the creation.

Copy the domain name for later use.
Step 2: Configure Domain Settings
Open the newly created domain and go to Settings.


Under Domain Settings → User Settings, uncheck "Primary email address required".

Click Save Changes.
If your resources are distributed across multiple regions:
Ensure that Domain Replication is enabled.
Navigate to the main menu of the created domain.
Under More Actions, select Manage Regions.
Enable replication for all required regions by clicking Enable Replication.
Wait for the replication process to complete before proceeding.
Step 3: Create User and Group
Create a User
Return to the newly created Domain → Users.
Click Create User and provide:
An appropriate Last Name.
Uncheck "Use the email address as the username".
Enter an appropriate Username.
Select Root Compartment as the Compartment.
Click Create.

Create a Group
Go to Groups → Create Group.

Provide a Name and Description.
Under Users, assign the previously created User to the group.
Select Root Compartment as the Compartment.
Click Create.

Copy the group name for later use.

Step 4: Create Policy
Go to Domains → Policies → Create Policy.

Provide a Name and Description.
Toggle Show Manual Editor and paste the following policy:
Allow group '<domain_name>'/'<group_name>' to read all-resources in tenancy
Allow group '<domain_name>'/'<group_name>' to read metrics in tenancy
Allow group '<domain_name>'/'<group_name>' to manage alarms in tenancy
Allow group '<domain_name>'/'<group_name>' to manage ons-topics in tenancy
Allow group '<domain_name>'/'<group_name>' to manage ons-subscriptions in tenancy

Replace:
<domain_name> with your created domain name.
<group_name> with your created group name.
Select Root Compartment as the Compartment.
Click Create.
Step 5: Add API Key
Generate API Key
Navigate to Domains → Created Domain → Users.

Open the created user.

Go to API Keys → Add API Key.

Generate the API key pair and download the private key.

For Windows
Locate the downloaded file in Windows Explorer.
Press Alt + Enter to open Properties.
Under Attributes, check Read-only.
Click Apply → OK, then close the window.
For Linux/Mac OS
Open a terminal and navigate to the downloaded file.
Run:
chmod 400 <name_of_your_private_key_file>
Replace <name_of_your_private_key_file> with your private key filename.
Save API Credentials
Click Add to generate and save the credentials.

From the Preview Configuration File popup, copy:
User OCID
API Key Fingerprint
Tenancy OCID

Open the private key file in a text editor and copy its contents.
For Windows
Open the downloaded key file using Notepad.
For Linux/Mac OS
Open a terminal and navigate to the downloaded file.
Run:
cat <name_of_your_private_key_file>
Ensure no extra spaces, newlines, or characters are included.
Step 6: Create Compartment for TemperstackNotification
Open Navigation Menu → Identity & Security → Compartments.

Click Create Compartment.

Provide an appropriate Name and Description.
Under Parent Compartment, select Root Compartment.
Click Create Compartment.

Click on the created compartment.

Under OCID, click Copy and paste it into the Temperstack Compartment OCID field.

Last updated