Create Named Credentials by Using emcli

In order to create a named credential, you need to know:

  • Target name (unless you create a global credential)
  • Target type
  •  Credential type associated with the target type

Now we start to create a named credential for cluster database ( RACTEST ) user ( JAMES).

1) To get TARGET_TYPE from TARGET_NAME. Normally we know a couple of target_type from daily emcli practice.

$ emcli get_targets -targets="RACTEST:%"

Status ID Status Target Type  Target Name
1         Up     rac_database  RACTETS

2) To get the credential types (and their attributes) associated with “rac_database”.

$ emcli show_credential_type_info -target_type=rac_database
Target Type  Cred Type Name      Cred Type Column Name Key Column
rac_database DBCreds             DBPassword            No
                                 DBRole                No
                                 DBUserName            Yes
             DBHostCreds         HostPassword          No
                                 HostUserName          Yes
             DBKerberosCreds     DBKerberosPassword    No
                                 DBKerberosUserName    Yes
             DBPkiCreds          DBPkiUserWallet       Yes
                                 DBPkiUserWalletPassword No
                                 DBPkiUserWalletType   No
             HostSSHCreds        SSH_PUB_KEY           No
                                 SSH_PVT_KEY           No
                                 USERNAME              Yes

We can see target type rac_database has four credential types. we will use credential type  DBCreds in the following steps.

3) Create named credential for JAMES user of the RAC database.

$emcli create_named_credential -auth_target_type=rac_database \
 -cred_scope=Instance -target_type=rac_database \
-target_name=RACTEST -cred_type=DBCreds -cred_name=NC_RACTEST_JAMES \
-attributes="DBUserName:JAMES;DBPassword:yourpasswd" -test

Credential NC_RACTEST_JAMES created.

Here “-test” to test the credential before saving.

If you want to create a global named credential, just remove “cred_scope, target_type, target_name” parameters.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.