Skip to content

fix(oci): fix identity clients #10520

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
danibarranqueroo merged 9 commits into from
Mar 31, 2026
+23 −16
Merged

fix(oci): fix identity clients #10520

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
51a18ed
fix boot volumes
Mar 30, 2026
6db4d6d
fix filestorage
Mar 30, 2026
9546e13
add changelog entry
Mar 30, 2026
b5bcfdb
add space
Mar 30, 2026
38ab2de
lint fixes
Mar 30, 2026
cc7113f
client
Mar 30, 2026
74c7e46
fix the identity service for multi region
Mar 30, 2026
242c7e8
update changelog
Mar 30, 2026
d19afcc
chore: revision
danibarranqueroo Mar 31, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions prowler/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
- Oracle Cloud patch for filestorage, blockstorage, kms, and compute services in OCI to allow for region scanning outside home [(#10455)](https://github.com/prowler-cloud/prowler/pull/10472)
- Oracle cloud provider now supports multi-region filtering [(#10435)](https://github.com/prowler-cloud/prowler/pull/10473)
- `prowler image --registry` failing with `ImageNoImagesProvidedError` due to registry arguments not being forwarded to `ImageProvider` in `init_global_provider` [(#10457)](https://github.com/prowler-cloud/prowler/issues/10457)
- Oracle Cloud multi-region support for identity client configuration in blockstorage, identity, and filestorage services [(#10519)](https://github.com/prowler-cloud/prowler/pull/10520)

---

Expand Down
3 changes: 2 additions & 1 deletion prowler/providers/oraclecloud/services/blockstorage/blockstorage_service.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,8 @@ def __list_boot_volumes__(self, regional_client):
try:
# Get availability domains for this compartment
identity_client = self._create_oci_client(
oci.identity.IdentityClient
oci.identity.IdentityClient,
config_overrides={"region": regional_client.region},
)
availability_domains = identity_client.list_availability_domains(
compartment_id=compartment.id
Expand Down
3 changes: 2 additions & 1 deletion prowler/providers/oraclecloud/services/filestorage/filestorage_service.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,8 @@ def __list_file_systems__(self, regional_client):
try:
# Get availability domains for this compartment
identity_client = self._create_oci_client(
oci.identity.IdentityClient
oci.identity.IdentityClient,
config_overrides={"region": regional_client.region},
)
availability_domains = identity_client.list_availability_domains(
compartment_id=compartment.id
Expand Down
32 changes: 18 additions & 14 deletions prowler/providers/oraclecloud/services/identity/identity_service.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ def __init__(self, provider):
self.__threading_call__(self.__list_dynamic_groups__)
self.__threading_call__(self.__list_domains__)
self.__threading_call__(self.__list_domain_password_policies__)
self.__get_password_policy__()
self.__threading_call__(self.__get_password_policy__)
self.__threading_call__(self.__search_root_compartment_resources__)
self.__threading_call__(self.__search_active_non_root_compartments__)

Expand All @@ -49,10 +49,9 @@ def __get_client__(self, region):
Returns:
Identity client instance
"""
client_region = self.regional_clients.get(region)
if client_region:
return self._create_oci_client(oci.identity.IdentityClient)
return None
return self._create_oci_client(
oci.identity.IdentityClient, config_overrides={"region": region}
)

def __list_users__(self, regional_client):
"""
Expand All @@ -66,7 +65,7 @@ def __list_users__(self, regional_client):
if regional_client.region not in self.provider.identity.region:
return

identity_client = self._create_oci_client(oci.identity.IdentityClient)
identity_client = self.__get_client__(regional_client.region)

logger.info("Identity - Listing Users...")

Expand Down Expand Up @@ -316,7 +315,7 @@ def __list_groups__(self, regional_client):
if regional_client.region not in self.provider.identity.region:
return

identity_client = self._create_oci_client(oci.identity.IdentityClient)
identity_client = self.__get_client__(regional_client.region)

logger.info("Identity - Listing Groups...")

Expand Down Expand Up @@ -359,7 +358,7 @@ def __list_policies__(self, regional_client):
if regional_client.region not in self.provider.identity.region:
return

identity_client = self._create_oci_client(oci.identity.IdentityClient)
identity_client = self.__get_client__(regional_client.region)

logger.info("Identity - Listing Policies...")

Expand Down Expand Up @@ -404,7 +403,7 @@ def __list_dynamic_groups__(self, regional_client):
if regional_client.region not in self.provider.identity.region:
return

identity_client = self._create_oci_client(oci.identity.IdentityClient)
identity_client = self.__get_client__(regional_client.region)

logger.info("Identity - Listing Dynamic Groups...")

Expand Down Expand Up @@ -452,7 +451,7 @@ def __list_domains__(self, regional_client):
if regional_client.region not in self.provider.identity.region:
return

identity_client = self._create_oci_client(oci.identity.IdentityClient)
identity_client = self.__get_client__(regional_client.region)

logger.info("Identity - Listing Identity Domains...")

Expand Down Expand Up @@ -549,10 +548,13 @@ def __list_domain_password_policies__(self, regional_client):
f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)

def __get_password_policy__(self):
def __get_password_policy__(self, regional_client):
"""Get the password policy for the tenancy."""
try:
identity_client = self._create_oci_client(oci.identity.IdentityClient)
if regional_client.region not in self.provider.identity.region:
return

identity_client = self.__get_client__(regional_client.region)

logger.info("Identity - Getting Password Policy...")

Expand Down Expand Up @@ -584,7 +586,8 @@ def __search_root_compartment_resources__(self, regional_client):

# Create search client using the helper method for proper authentication
search_client = self._create_oci_client(
oci.resource_search.ResourceSearchClient
oci.resource_search.ResourceSearchClient,
config_overrides={"region": regional_client.region},
)

# Query to search for resources in root compartment
Expand Down Expand Up @@ -631,7 +634,8 @@ def __search_active_non_root_compartments__(self, regional_client):

# Create search client using the helper method for proper authentication
search_client = self._create_oci_client(
oci.resource_search.ResourceSearchClient
oci.resource_search.ResourceSearchClient,
config_overrides={"region": regional_client.region},
)

# Query to search for active compartments in the tenancy (excluding root)
Expand Down
Loading