DBA Hub

📋Steps in this guide1/6

Terraform : Oracle Cloud Infrastructure (OCI) Provider

This article describes how to configure an Oracle Cloud Infrastructure (OCI) provider for Terraform.

oracle miscconfigurationintermediate
by OracleDba
15 views
1

Add Public Key to Oracle Cloud Account

Generate a key pair as described here . You will need to upload the public key to your Oracle Cloud account to allow Terraform to authenticate to your Oracle Cloud account. - Log in to your Oracle Cloud account. - From the Hamburger menu at the top-left of the screen, select the "Identity & Security > Domains" option. - Click on the domain of interest, then click on the "Users" link. - Click on the user of interest. This is the user that will run the Terraform commands. - Click on the "API Keys" link in the "Resources" menu on the left-bottom of the screen. - Click the "Add API key" button. - Select the "Paste a public key" option. - Paste in your public key. - Click the "Add" button. - Make a note of the Fingerprint associated with the API Key. It will be used later.
2

Gather Information From the Oracle Cloud Account

The provider needs several bits of information from the Oracle Cloud account. tenancy_ocid: - Top-Left Hamburger > Governance & Administration > Tenancy Details - Click the "Copy" link next to "OCID". user_ocid: - From the Hamburger menu at the top-left of the screen, select the "Identity & Security > Domains" option. - Click on the domain of interest, then click on the "Users" link. - Click on the user of interest. - Click the "Copy" link next to "OCID". private_key_path : The path we used to create the keys. fingerprint: - From the Hamburger menu at the top-left of the screen, select the "Identity & Security > Domains" option. - Click on the domain of interest, then click on the "Users" link. - Click on the user of interest. - Click on the "API Keys" link on the "Resources" menu on the left-bottom of the screen. - Copy the fingerprint of the API Key you want to use. region: - Top-Left Hamburger > Governance & Administration > Region Management - Copy the "Region Identifier" for the region of interest. root_compartment_id: - Top-Left Hamburger > Identity & Security > Compartments - Click on the root compartment. - Click the "Copy" link next to "OCID".
3

Create Working Directory

Create a new working directory and switch to that directory.

Code/Command (click line numbers to comment):

1
2
mkdir \git\oraclebase\terraform\oci\oci_provider
cd \git\oraclebase\terraform\oci\oci_provider
4

oci_provider.tf

Every time Terraform interacts with Oracle Cloud it will need a provider. Create a file called "oci_provider.tf" with the following contents. The file begins with variable definitions. We could set default values for these variables, or use literal values directly in the provider definition, but we don't want sensitive information checked into version control, so it makes sense to separate out variable values from the script. The resources section defines the provider using the input variables. The variables and resources sections can be split into separate files if you find that organisation easier. It may help for more complex definitions. You'll notice the variable isn't used in the script. We could just remove it altogether, but it is used by many of the OCI resources, so we've included it in our provider variable file below. If we don't include it here we will get a warning.

Code/Command (click line numbers to comment):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# Variables.
variable "tenancy_ocid"         { type = string }
variable "user_ocid"            { type = string }
variable "private_key_path"     { type = string }
variable "fingerprint"          { type = string }
variable "region"               { type = string }
variable "root_compartment_id"  { type = string }


# Resources
provider "oci" {
  tenancy_ocid     = var.tenancy_ocid
  user_ocid        = var.user_ocid
  private_key_path = var.private_key_path
  fingerprint      = var.fingerprint
  region           = var.region
}
5

oci_provider_variables.auto.tfvars

There are a number of ways to supply values for input variables ( see here ). In this example we'll use a ".auto.tfvars" file. We won't check this script into version control as it contains sensitive information. Create a file called "oci_provider_variables.auto.tfvars" with the following contents. Adjust the values to match the information you gathered from the Oracle Cloud account.

Code/Command (click line numbers to comment):

1
2
3
4
5
6
tenancy_ocid        = "ocid1.tenancy.oc1..aaaaaaaa..."
user_ocid           = "ocid1.user.oc1..aaaaaaaa..."
private_key_path    = "/Users/my_user/.oci/my-oci-key.pem"
fingerprint         = "a5:68:0f:46:6d:06:43:5a:38:98:74:09:??:??:??:??"
region              = "uk-london-1"
root_compartment_id = "ocid1.tenancy.oc1..aaaaaaaa..."
6

Test the OCI Provider

Initialize the working directory using the command. Use the command to test the execution plan. Since there are no changes to apply, there's no point running the command, but we'll do it anyway. For more information see: - Oracle Cloud Infrastructure Provider - Terraform : All Articles Hope this helps. Regards Tim...

Code/Command (click line numbers to comment):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
terraform init
Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/oci...
- Installing hashicorp/oci v4.13.0...
- Installed hashicorp/oci v4.13.0 (signed by HashiCorp)

Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

terraform plan
No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

terraform apply
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

Comments (0)

Please to add comments

No comments yet. Be the first to comment!