Creating Access for Temperstack in OCI

Step 1: Create Domain

1. Log in to OCI and open the Navigation Menu.

1. Go to Identity & Security → Overview → Domain.

1. Click on Create Domain and follow these steps:

• Provide an appropriate Name and Description.

• Select Domain Type as "Free".

• Uncheck "Create an administrative user for this domain".

• Choose Root Compartment of your tenancy as the Compartment.

• Click Create Domain to finalize the creation.

1. Copy the domain name for later use.

Step 2: Configure Domain Settings

1. Open the newly created domain and go to Settings.

1. Under Domain Settings → User Settings, uncheck "Primary email address required".

1. Click Save Changes.

2. If your resources are distributed across multiple regions:

   • Ensure that Domain Replication is enabled.

   

   • Navigate to the main menu of the created domain.

   

   • Under More Actions, select Manage Regions.

   

   • Enable replication for all required regions by clicking Enable Replication.

   

   • Wait for the replication process to complete before proceeding.

Step 3: Create User and Group

Create a User

1. Return to the newly created Domain → Users.

2. Click Create User and provide:

   

   • An appropriate Last Name.

   • Uncheck "Use the email address as the username".

   • Enter an appropriate Username.

   • Select Root Compartment as the Compartment.

   • Click Create.

Create a Group

1. Go to Groups → Create Group.

1. Provide a Name and Description.

2. Under Users, assign the previously created User to the group.

3. Select Root Compartment as the Compartment.

4. Click Create.

1. Copy the group name for later use.

Step 4: Create Policy

1. Go to Domains → Policies → Create Policy.

1. Provide a Name and Description.

Toggle Show Manual Editor and paste the following policy:

Allow group '<domain_name>'/'<group_name>' to read all-resources in tenancy
Allow group '<domain_name>'/'<group_name>' to read metrics in tenancy
Allow group '<domain_name>'/'<group_name>' to manage alarms in tenancy
Allow group '<domain_name>'/'<group_name>' to manage ons-topics in tenancy
Allow group '<domain_name>'/'<group_name>' to manage ons-subscriptions in tenancy

1. Replace:

   • <domain_name> with your created domain name.

   • <group_name> with your created group name.

2. Select Root Compartment as the Compartment.

Click Create.

Step 5: Add API Key

Generate API Key

1. Navigate to Domains → Created Domain → Users.

1. Open the created user.

1. Go to API Keys → Add API Key.

1. Generate the API key pair and download the private key.

For Windows

1. Locate the downloaded file in Windows Explorer.

2. Press Alt + Enter to open Properties.

3. Under Attributes, check Read-only.

4. Click Apply → OK, then close the window.

For Linux/Mac OS

1. Open a terminal and navigate to the downloaded file.

Run:

chmod 400 <name_of_your_private_key_file>

1. Replace <name_of_your_private_key_file> with your private key filename.

Save API Credentials

1. Click Add to generate and save the credentials.

1. From the Preview Configuration File popup, copy:

• User OCID

• API Key Fingerprint

• Tenancy OCID

1. Open the private key file in a text editor and copy its contents.

For Windows

• Open the downloaded key file using Notepad.

For Linux/Mac OS

• Open a terminal and navigate to the downloaded file.

Run:

cat <name_of_your_private_key_file>

Step 6: Create Compartment for TemperstackNotification

1. Open Navigation Menu → Identity & Security → Compartments.

1. Click Create Compartment.

1. Provide an appropriate Name and Description.

2. Under Parent Compartment, select Root Compartment.

3. Click Create Compartment.

1. Click on the created compartment.

Under OCID, click Copy and paste it into the Temperstack Compartment OCID field.