I two tenancies in Oracle Cloud Infrastructure where Tenancy1 is login tenancy containing IAM configurations and Tenancy2 is my target tenancy. I configured cross tenancy auth (Endorse and Admit IAM policies) where I login to the login tenancy (Tenancy1) and use the override_tenancy url param to access the console of target tenancy (Tenancy2). I have achieved this cross tenancy for console but can we perform cross tenancy access via OCI CLI or Python SDK? I am planning to have a dynamic group of functions in my login tenancy which can access the resources in target tenancies.
Cross Tenancy access via CLI and SDK in Oracle Cloud
596 views Asked by Somesh Garje At
1
There are 1 answers
Related Questions in ORACLE-CLOUD-INFRASTRUCTURE
- Terraform OCI error when creating Network Load Balancer
- BIP Report Layout - Chart Values rounding up and showing as K (thousands)
- Unable to configure backend for Oracle cloud in terraform version 1.6.4 getting error authorisation header malformed
- OCI login FAILS using API with admin user
- I need help to generate Oracle Cloud (OCI) Vulnerability Scanning Reports (VSS) for Host and Container. (Shell/Python)
- REST API concat in OIC giving extra character
- In Oracle Cloud Infrastructure, how to upload a csv file generated in a notebook directly into a bucket?
- What is the maximum length that an Oracle Cloud ID (OCID) can have?
- How may I perform OCIPing (or equivalent) from a .Net application?
- Unable to connect to Opensearch cluster via python client
- Issues with creating secrets using Oracle Cloud CLI
- I'm trying to enable Firebase OAuth to Oracle Cloud Instance
- Oracle-Cloud Typescript SDK Object Storage File Upload content type
- pods connectivity chatbotexternal and mongodb
- Integration Oracle Cloud Kafka + Elastic-agent doesn't work
Related Questions in IDENTITY-MANAGEMENT
- OpenAM Community Edition with Vue SPA / CORS Settings
- Is it possible to integrate Looker Studio with websites without keeping it public, to preserve data?
- Finding the most secure way to change IAM user passwords with AWSPowerShell
- GCP IAM Policy revoked all access
- Login/initiate session in WSO2 Identity Server 5.11.0 without using UI
- Configuring Terraform provider AWS
- Discrepancy in the AWS IAM Identity Center's permission sets
- SailPoint Policy - Using a script to check user's department
- AWS - Policy creation failure on CDK Deployment through Identity Center Profile
- Azure ADB2C callback url is giving bad request of redirect from OpenID connect
- AWS OIDC policy for multiple repositories?
- Snowflake: AWS IAM Role for notification integration
- How to assume a cross account role in AWS lambda using javascript sdk v2?
- Keycloak identity brokering setup with mutual auth x509 certificate
- Can able to configure the flow in keycloak
Related Questions in ORACLE-CLOUD-FUNCTIONS
- Oracle Cloud : Issue to deploy python function using Cloud Shell
- How to automatically shut down ARM server on Oracle Cloud's free tier when reaching 10TB limit?
- Oracle Cloud Performance (HCM) )module, it does have the standard process for Ratings against Goals.Can we capture Promotion recommendations too?
- How do I set custom boot_volume_size_in_gbs value in my Python Script while using the Oracle Cloud Core Services API
- Cross Tenancy access via CLI and SDK in Oracle Cloud
- Appending tags in OCI using SDK
- TypeError: Descriptor for property round is non-configurable and non-writable - smart contracts
- Oracle cloud api health check
- Any method for collect instance state changes in OCI with GO SDK
- Oracle cloud API Gateway authentication function in Java
- functions and events in OCI
- How to implement retry strategy in Oracle Cloud Infrastructure (OCI) using CLI tool?
- How to generate JWT Token and use into Oracle SCM Cloud
- Dissable autocommit in sql developer web. Autonomous Database - Oracle cloud
- how to load csv data from object store(which can be accessed only using url) into kafka topic and also is there any time interval to load each row?
Related Questions in ORACLE-CLOUD-SHELL
- Oracle Cloud : Issue to deploy python function using Cloud Shell
- Error while using constant value in the copy_data
- How to programmatically delete objects stored in Oracle Object Storage?
- Cross Tenancy access via CLI and SDK in Oracle Cloud
- Oracle cloud api health check
- Getting connection time out while doing ssh on linux server from oracle cloud shell . It shows FIPS mode initialized and then it gets timed out again
- Getting the error in terraform code while trying to connect to linux server in OCI cloud shell . ------Failed to read ssh private key: no key found
- Data Pump export using cloud shell
- Can not deploy Go in Oracle Cloud Function using Cloud Shell
- What is the Oracle Cloud shell password for default user
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Well, seems this is pretty straight forward. Any client (
oci.core.VirtualNetworkClientfor example in Python) should be created using the config (API Signing Key of the user in login tenancy) or signer. Use the client object methods to access the resources in target tenancy just by it's OCID. The option for override_tenancy doesn't exist for CLI or SDK and not required as well. If you have the right Endorse and Admit policies in place you should get the expected response.Example: