Every Oracle Cloud Infrastructure resource has an Oracle-assigned unique ID called an Oracle Cloud Identifier (OCID). It's included as part of the resource's information in both the Console and API.
If you use the API, you'll need the OCID for your tenancyThe root compartment that contains all of your organization's compartments and other Oracle Cloud Infrastructure cloud resources.. For information about where to find it, see the next sectionWhen you create any other resource, you can find its OCID in the response. You can also retrieve a resource's OCID by using a "List" API operation on that resource type, or by viewing the resource in the Console.
The OCID uses this syntax:
ocid1.<RESOURCE TYPE>.<REALM>.[REGION][.FUTURE USE].<UNIQUE ID>
- ocid1: The literal string indicating the version of the OCID.
- resource type: The type of resource (for example,
group, and so on).
- realm: The realm the resource is in. A realm is a set of regions that share entities. The only possible value is
- region: The region the resource is in (for example,
eu-frankfurt-1). With the introduction of the Frankfurt region, the format switched from a three-character code to a longer string. This part is present in the OCID only for regional resources or those specific to a single availability domain. If the region is not applicable to the resource, this part might be blank (see the example tenancy ID below).
- future use: Reserved for future use; currently blank.
- unique ID: The unique portion of the ID. The format may vary depending on the type of resource or service.
Where to Find Your Tenancy's OCID
If you use the Oracle Cloud Infrastructure API, you'll need your tenancy's OCID in order to sign the API requests. You'll also use the tenancy ID in some of the IAM API operations.
You can find your tenancy's OCID in the Console, in the footer at the bottom of the page. The tenancy OCID looks something like this (notice the word "tenancy" in it):
Name and Description (IAM Only)
The IAM service requires you to assign a unique, unchangeable name to each of your IAM resources (users, groups, policies, and compartments). The name must be unique within the scope of the type of resource (for example, you can only have one user with the name BobSmith). Notice that this requirement is specific to IAM and not the other services.
The name you assign to a user at creation is their login for the Console.
You can use these names instead of the OCID when writing a policy (for example,
Allow group <GROUP NAME> to manage all-resources in compartment <COMPARTMENT NAME>).
In addition to the name, you must also assign a description to each of your IAM resources (although it can be an empty string). It can be a friendly description or other information that helps you easily identify the resource. The description does not have to be unique, and you can change it whenever you like. For example, you might want to use the description to store the user's email address if you're not already using the email address as the user's unique name.
For most of the Oracle Cloud Infrastructure resources you create (other than those in IAM), you can optionally assign a display name. It can be a friendly description or other information that helps you easily identify the resource. The display name does not have to be unique, and you can change it whenever you like. The Console shows the resource's display name along with its OCID.