Terraform in OCI
tags :
Terraform in OCI #
- Oracle use Terraform as their primary automation and IaC code.
- Terraform is already installed on cloudshell. Terraform associate udemy.pdf
Terraform in cloud shell #
Terraform from local Shell #
Install Terraform #
create RSA keys #
mkdir ~/.oci
openssl genrsa -out ~/.oci/oci_api_key.pem 2048 # without passphrase
openssl genrsa -out ~/.oci/oci_api_key.pem -aes128 2048 # with passphrase
chmod go-rwx ~/.oci/oci_api_key.pem # change permissions of private key to make more restrictive
# create public key from private key
openssl rsa -pubout -in ~/.oci/oci_api_key.pem -out ~/.oci/oci_api_key_public.pem
# copy public key to clipboard
cat ~/.oci/oci_api_key_public.pem | pbcopy
# generate fingerpritnt of the key
openssl rsa -pubout -outform DER -in ~/.oci/oci_api_key.pem | openssl md5 -c
Simple Terraform project to fetch information #
terraform init
terraform plan
terraform apply
Separating development and production env #
Backend #
How to store the backend in Object Storage #
Data #
Data Block ref
data "aws_ami" "example"
most_recent = true
owners = ["self"]
tags =
Name = "app-server"
Tested = "true"
A data block requests that Terraform read from a given data source ("aws_ami") and export the result under the given local name (“example”). The name is used to refer to this resource from elsewhere in the same Terraform module, but has no significance outside of the scope of a module.
Issue I faced #
Using name not starting with oci e.g., prod_xyz was resulting an error
- Finding latest version of hashicorp/prod… not found
Terraform was trying to find “prod” module
data "oci_vcn_subnet_pubic_prod_subnet" "public_subnet"
ocid = oci_core_subnet.prod_subnet_public
data "oci_vcn_subnet_private_prod_subnet" "private_subnet"
ocid = oci_core_subnet.prod_subnet_private
oci_custom_name_to_export should be followed to avoid this issue.