Once the OCI CLI has been installed, there are two primary methods for configuring it for authentication.
- Keypair-based Authentication
- Recommended approach for automation scenarios such as in a CI/CD pipeline.
- Token-based Authentication
- Recommended approach for local-development.
Run the commands below to setup your CLI for Token-based authentication. If you encounter any issues, please refer to the above linked documentation for further details.
Note: gworacle is our tenant name in Oracle Cloud.
After running the oci session authenticate command, you'll be prompted for the name of the profile you would like to create, enter the same name as specified in the default profile config below oci_auth.
export OCI_CLI_AUTH=security_token
mkdir -p $$HOME/.oci
cat << EOF > $$HOME/.oci/oci_cli_rc
[OCI_CLI_SETTINGS]
default_profile=oci_auth
EOF
oci session authenticateAfter authenticating your session, you'll get the output below:
# Try out your newly created session credentials with the following example command:
oci iam region list --config-file $$HOME\.oci\config --profile oci_auth --auth security_tokenHowever, you should able to run just oci iam region list without the --profile and --auth parameters since they were configured prior in the step above.
Once logged in, set your Kubernetes context by running the following command:
oci ce cluster create-kubeconfig --cluster-id ${oke_cluster_ocid} --region ${oracle_region} --token-version 2.0.0This will merge your OKE settings into your kubernetes configuration file (typically stored in the ~/.kube/config file).