Oracle Cloud Infrastructure (OCI) Available in Juju Edge


Oracle Cloud Infrastructure

Support for Oracle’s OCI offering is ready for general availability.

Note that this is different to the Oracle cloud in Juju, which targets what Oracle now calls “OCI Classic”. We may change the names in future, but for now this new cloud provider is called “oci”.

To access this feature, you will need to install edge Juju like this:

sudo snap install juju --edge

To get started, you will need an OCI account, and you will need to generate a key-pair and upload your public key. For information on how to do this, see:

You will also need to ensure you have set up a tenancy and compartment as appropriate for the needs of your OCI account. See:

With this done, you are ready to add a new Juju cloud and credentials.


Save the following file as oci-cloud.yaml, replacing the region as appropriate for your account.

    type: oci
    auth-types: [httpsig]
      us-phoenix-1: {}

Then run:

juju add-cloud oci-test oci-cloud.yaml


Save the following file as oci-cred.yaml, replacing the variables as appropriate for your account.

    default-region: $REGION_FROM_YOUR_CLOUD_ABOVE
      auth-type: httpsig
      key: |
      pass-phrase: $PASSWORD_FOR_YOUR_KEY

Then run:

 juju add-credential oci-test -f oci-cred.yaml


Bootstrapping requires that you supply an OCID for the compartment where you want your deployment to reside. So the bootstrap syntax is:

 juju bootstrap --config compartment-id=$OCID_FOR_YOUR_COMPARTMENT oci-test

The Juju Show #40 - OpenStack Rocky

The final patches for implementing storage have landed.

Full functionality for the new cloud is available in the Juju edge snap.


I tested this again and it failed. There seems to be something wrong with the private SSL key. The top of the key file has:

Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,35AE3C29B4C1A53A9A02E168C3CBE14B


A test performed a few months back succeeded but the key used did not have those two top lines.

This is the error I get from bootstrap:

ERROR Service error:NotAuthenticated. The required information to complete authentication was not provided or was incorrect.. http status code: 401

I would also like to know if interactive mode to add-credential is supposed to accept a file path to the private key. It doesn’t appear to.


OCI requires that the key is provided in the PEM format. They provide a detailed guide on how to generate the key pair in their documentation:


Thanks for replying Tim. I forgot to update this thread to say that I got it to work. I had to clear out my credentials.yaml file.