Skip to main content
All CollectionsCost Centers & IntegrationsClouds
Connect to Oracle Cloud Infrastructure (OCI)
Connect to Oracle Cloud Infrastructure (OCI)
Updated this week

Oracle Cloud Infrastructure (OCI) is Oracle's cloud platform, offering a suite of services for computing, storage, networking, and databases, designed to support enterprise workloads and applications.

Integrating Finout with OCI allows you to efficiently manage your cloud resources, optimize spending, and gain valuable insights into your OCI cloud operations.

For official OCI documentation on these steps, refer to Oracle's documentation.

1. Create a New Group for Finout

Access permissions in Oracle are assigned to groups. Create a separate group for Finout to ensure access only to the necessary billing resources.

  1. Go to the OCI navigation menu → Identity & Security → Domains → <Finout domain> → Groups (in the right-hand menu).

    Note: Ensure that the <Finout domain> you define can be the default domain, or a separate one, as long as it includes both the group and the user you will create next in the following steps.

  2. Click Create group.

  3. Fill in the Group Name and add some Description.

  4. Click Create.

2. Add the Group a Policy to Access the Cost Reports

Assign a policy to the group for accessing cost reports. In OCI, group permissions are managed through policies. By assigning a policy to the Finout group, you ensure that all its members have access only to what the group policies allow.

  1. Go to the OCI navigation menu and choose Identity & Security → Policies.

  2. Click Create policy.

  3. Choose a name for the policy that clearly indicates its purpose for accessing cost reports.

  4. In the policy builder box at the bottom of the screen, activate the Show manual editor button and enter the following statements:

    Note: Save your tenancy for step 5.

    • Statement 1:
      define tenancy usage-report as ocid1.tenancy.oc1..aaaaaaaaned4fkpkisbwjlr56u7cj63lf3wffbilvqknstgtvzub7vhqkggq
      This specifies the tenancy for usage reports, which is in a bucket owned by Oracle.

    • Statement 2:
      endorse group <group name> to read objects in tenancy usage-report
       Replace <group name> with the name of the group created for Finout. If you want your own groups/users to access the cost reports as well, add another policy with the relevant <group name>.

  5. Click Create.


3.Create a User for Finout

  1. Go to the OCI navigation menu and navigate to Identity & Security → Domains → Users.

  2. Click Create User.

  3. Fill in the name and email of the Finout user.

  4. Assign the user to the new Finout group you created in section 1 by selecting the appropriate box under the Groups section.

    Note: This setup ensures that a Finout user will have access only to the specified policies, specifically the cost reports bucket. It's important to avoid selecting the administrator option and instead choose only the group dedicated to Finout for proper access control.

  5. Click Create.

  6. You can Edit the user capabilities and limit to only API keys.


4.Generate an API Key

Generate an API key to enable Finout users to access the reporting bucket via the Oracle API key. For detailed instructions, refer to the official Oracle documentation here.

To create an API Key Pair:

Create an API key pair in the OCI console to enable API signing for the Finout user.

  1. Ensure an administrator user is logged into Oracle, as only administrators can perform these steps.

  2. Navigate to Identity & SecurityDomains <Finout user domain>Users, and click the Finout user to access their profile.


  3. Navigate to the Resources section in the bottom left screen and select API keys.


  4. Make sure that the Generate API key pair is chosen.

  5. Click Download Private Key and save the key in a local directory (used in step 5).

  6. Click Add.


  7. A configuration will be displayed. Click on the copy button below the text box and paste it into a local file editor.

    Note: The Oracle documentation offers alternative methods for generating the key. Ensure that you have the complete configuration details as outlined in the following step.

5.Integrate Oracle with Finout

  1. Navigate to Settings > Cost Centers and click Add cost center.
    The Connect Accounts window appears.

  2. In OCI, click Connect Now.
    The OCI integration window appears.

  3. Add the username you created in OCI's console (Step 3).

  4. Add the private key data (created in step 4).

    Note: Ensure to copy the entire file content from the local directory (including the key header).

  5. Add your fingerprint.

  6. Add the Tenancy (created in step 2).

  7. Add a region.

  8. Click Next.
    The cost center is created.

Related Articles
Role-Based Access Control (RBAC)
Did this answer your question?