SDK for Python

The Oracle Cloud Infrastructure SDK for Python enables you to write code to manage Oracle Cloud Infrastructure resources.

This SDK and sample is dual-licensed under the Universal Permissive License 1.0 and the Apache License 2.0; third-party content is separately licensed as described in the code.

Download: The SDK for Python is available on GitHub or the Python Package Index (PyPi).

Documentation: Available on docs.cloud.oracle.com and readthedocs.io.

Tip

Cloud Shell: The SDK for Python is pre-configured with your credentials and ready to use immediately from within Cloud Shell. For more information on using the SDK for Python from within Cloud Shell, see SDK for Python Cloud Shell Quick Start.

Oracle Linux Cloud Developer image: The SDK for Python is pre-installed on the Oracle Linux Cloud Developer platform image. For more information, see Oracle Linux Cloud Developer.

Services Supported

  • AI Language
  • Analytics Cloud
  • Announcements
  • API Gateway
  • Application Migration
  • Application Performance Monitoring
  • Audit
  • Autoscaling (Compute)
  • Bastion
  • Big Data
  • Blockchain Platform
  • Budgets
  • Compute Instance Agent (Oracle Cloud Agent)
  • Container Engine for Kubernetes
  • Content and Experience
  • Core Services (Networking, Compute, Block Volume)
  • Cloud Guard
  • Data Catalog
  • Data Flow
  • Data Integration
  • Data Safe
  • Data Science
  • Data Transfer
  • Database
  • Database Management
  • Database Migration
  • Digital Assistant
  • DNS
  • Email Delivery
  • Events
  • File Storage
  • Functions
  • Generic Artifacts
  • GoldenGate
  • Health Checks
  • IAM
  • Integration Cloud
  • Java Management
  • Key Management (for the Vault service)
  • Limits
  • Load Balancing
  • Logging
  • Logging Analytics
  • Logging Search
  • Logging Ingestion
  • Management Agent Cloud
  • Management Dashboard
  • Marketplace
  • Monitoring
  • MySQL Database
  • Network Load Balancing
  • Networking Topology
  • NoSQL Database Cloud
  • Notifications
  • Object Storage
  • OCI Registry
  • Operations Insights
  • Operator Access Control
  • Optimizer
  • Organizations
  • OS Management
  • Quotas
  • Resource Manager
  • Roving Edge Infrastructure
  • Search
  • Secret Management (for the Vault service)
  • Service Catalog
  • Service Connector Hub
  • Streaming
  • Support Management
  • Usage
  • VMWare Solution
  • Vulnerability Scanning
  • Web Application Acceleration and Security
  • Work Requests (Compute, Database)

Installing with yum

If you're using Oracle Linux 7 or 8, you can use yum to install the OCI SDK for Python.

The following example shows how to use yum to install the OCI SDK for Python 3.6:

sudo yum install python36-oci-sdk

This example shows how to use yum to install the OCI SDK for Python 2.7:

sudo yum install python-oci-sdk

Client-Side Encryption

Client Side Encryption allows you to encrypt data on the client side before storing it locally or using it with other Oracle Cloud Infrastructure services.

To use client-side encryption, you must create a master encryption key (MEK) using the Key Management Service. This can be done using the CreateKey or ImportKey operations.

The MEK is used to generate a Data Encryption Key (DEK) to encrypt each payload. A encrypted copy of this DEK (encrypted under the MEK) and other pieces of metadata are included in the encrypted payload returned by the SDKs so that they can be used for decryption.

Examples

The following code example shows how to encrypt a string:



import oci
 
# user supplied vars
vault_id = TEST_VAULT_OCID
master_key_id = TEST_MASTER_KEY_ID
data_to_encrypt_bytes = b"This is a secret message"
 
config = oci.config.from_file()
kms_master_key = oci.encryption.KMSMasterKey(
    config=config, master_key_id=master_key_id, vault_id=vault_id
)
 
kms_master_key_provider = oci.encryption.KMSMasterKeyProvider(
    config=config,
    kms_master_keys=[kms_master_key]
)
 
crypto_result = crypto.encrypt(kms_master_key_provider, data_to_encrypt_bytes)
ciphertext = crypto_result.get_data()
print("ciphertext: {}".format(ciphertext))
 
# decrypt string example
crypto_result = crypto.decrypt(ciphertext, kms_master_key_provider)
print("unencrypted text: {}".format(crypto_result.get_data()))

The following example shows how to encrypt a file stream:

import oci
import shutil
 
# user supplied vars
vault_id = TEST_VAULT_OCID
master_key_id = TEST_MASTER_KEY_ID
file_to_encrypt = "/file/to/encrypt/message.txt"
output_encrypted_file = "/tmp/message.txt.encrypted"
output_decrypted_file = "/tmp/message.txt.decrypted"
 
# setup OCI KMS keys
config = oci.config.from_file()
kms_master_key = oci.encryption.KMSMasterKey(
    config=config, master_key_id=master_key_id, vault_id=vault_id
)
 
kms_master_key_provider = oci.encryption.KMSMasterKeyProvider(
    config=config,
    kms_master_keys=[kms_master_key]
)
 
# encrypt stream example
with open(output_encrypted_file, 'wb') as output_stream, open(file_to_encrypt, 'rb') as stream_to_encrypt:
    with crypto.create_encryption_stream(
        kms_master_key_provider,
        stream_to_encrypt
    ) as encryption_stream:
        shutil.copyfileobj(encryption_stream, output_stream)
 
# decrypt stream example
with open(output_decrypted_file, 'wb') as output_stream, open(output_encrypted_file, 'rb') as stream_to_decrypt:
    with crypto.create_decryption_stream(
        stream_to_decrypt,
        kms_master_key_provider
    ) as decryption_stream:
        shutil.copyfileobj(decryption_stream, output_stream)

Contact Us

Contributions

Got a fix for a bug or a new feature you'd like to contribute? The SDK is open source and accepting pull requests on GitHub.

Notifications

To be notified when a new version of the SDK for Python is released, subscribe to the Atom feed.

Questions or Feedback