The metadata for an instance includes information such as the instance's OCID , display name, hostname, region, availability domain , fault domain , compartment , shape , image , creation date, state, tags, and any custom metadata that you provide, such as an SSH public key. The instance metadata also includes the region identifier for an instance, such as us-phoenix-1, in the canonicalRegionName field.
You can find some of this information in the Console on the Instance Details page, or you can get all of it by logging in to the instance and using the metadata service. The service runs on every instance and is an HTTP endpoint listening on 169.254.169.254.
Required IAM Policy
No IAM policy is required if you're logged in to the instance and using cURL to get the metadata.
For administrators: Users can also get instance metadata through the Compute API (for example, with GetInstance). The policy in Let users launch Compute instances covers that ability. If the specified group doesn't need to launch instances or attach volumes, you could simplify that policy to include only manage instance-family, and remove the statements involving volume-family and virtual-network-family.
<key-name> is ssh_authorized_keys, user_data, or any custom key name that you provided when you launched the instance. (For information about using the Core Services API to provide user_data to cloud-init, see LaunchInstanceDetails.)
Information about the virtual network interface cards (VNICs) that are attached to the instance:
Here's an example response that shows of all of the information for an instance: