-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathinstance_principals_example.rb
40 lines (34 loc) · 2.07 KB
/
instance_principals_example.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved.
# This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license.
require 'oci'
# By default this will hit the auth service in the region returned by http://169.254.169.254/opc/v1/instance/region on the instance. To customize
# which auth service endpoint gets hit (e.g. in R1), you can provide an explicit federation_endpoint when creating the object. For example:
#
# OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner.new(federation_endpoint: "my endpoint")
#
# If you need to customize the certificate bundle used for SSL verification against the federation endpoint, you can do that via:
#
# OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner.new(federation_client_cert_bundle: "/path/to/my/cert/bundle")
instance_principals_signer = OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner.new
# In the base case, configuration does not need to be provided as the region and tenancy are obtained from the InstancePrincipalsSecurityTokenSigner
identity = OCI::Identity::IdentityClient.new(config: OCI::Config.new, signer: instance_principals_signer)
puts identity.list_regions.data
# If you explicitly specify a region in configuration, or as a parameter to client construction, it will be honoured.
# In the below example, you can also change the region later by doing:
#
# identity.region = 'us-ashburn-1'
config = OCI::Config.new
config.region = 'us-ashburn-1'
identity = OCI::Identity::IdentityClient.new(config: config, signer: instance_principals_signer)
puts identity.list_regions.data
identity = OCI::Identity::IdentityClient.new(
config: OCI::Config.new,
region: 'us-ashburn-1',
signer: instance_principals_signer
)
puts identity.list_regions.data
object_storage = OCI::ObjectStorage::ObjectStorageClient.new(
config: OCI::Config.new,
signer: instance_principals_signer
)
puts object_storage.get_namespace.data