Difficulty: beginner
Estimated Time: 25 minutes

Infrastructure as code is a term used to describe the automation of infrastructure resource management in a similar way as is done with CI/CD deployment pipelines for application components. By describing infrastructure resources in scripts - human readable and machine interpretable - the actual creation and modification of software defined infrastructure resources (such as the resources on Oracle Cloud Infrastructure) can be handled by automated facilities.

Terraform is a tool that allows you to programmatically manage, version, and persist your IT infrastructure as "infrastructure as code." Terraform uses declarative syntax to describe your infrastructure and then persist it in configuration files that can be shared, reviewed, edited, versioned, preserved, and reused.

The Oracle Cloud Infrastructure Terraform provider is a component that connects Terraform to the service infrastructure that you wish to manage. Using this provider, you can define the desired OCI resources in Terraform configuration files and have those resources created and managed by Terraform in an automated fashion.

The OCI Resource Manager service takes the Terraform support to the next level: it allows you to upload an archive with Terraform configuration files as a stack. You can then use this stack to create all OCI resources in a specific context - a specific compartment for example - in a job. When you define the job to plan, apply or destroy the resources defined in the stack, you can specify the stack variables that should be applied for this specific job.

In this scenario, you will make your first steps with OCI Provider for Terraform as tool for automating OCI Resource management. You will see how Terraform configuration files are used to describe the desired state of OCI resources and how Terraform through the OCI Provider knows how to turn that desired state into the real state. The provider will work through the OCI REST APIs to inspect the current state of resources, create new resources, update existing resources and even delete resources.


OCI Documentation on Terraform Provider

OCI Documentation on Resource Manager


This completes your introduction to OCI Provider for Terraform. You have seen how very structured, readable files are used to describe OCI resources. The definitions make use of variables that can be read from environment variables, command line parameters and default values. Terraform can easily inspect existing resources in the OCI tenancy and make properties of these resources available to use in the definition of the managed OCI resources.

You may want to take a look at the OCI Resource Manager: Resource Manager is an Oracle Cloud Infrastructure service that allows you to automate the process of provisioning your Oracle Cloud Infrastructure resources. Using Terraform, Resource Manager helps you install, configure, and manage resources through the "infrastructure-as-code" model. You can create a stack from one or more configuration files. Subsequently, a stack can be materialized by running a Apply Job for the stack. Jobs can also be plan stack and destroy stack.


OCI Docs on Resource Manager

Infrastructure as Code with OCI Terraform Provider, Resource Manager & Stacks

Step 1 of 7

Step 1 - Introduction Terraform

Some of the steps in this scenario require the use of the OCI Command Line Interface.

Execute the following command to install the OCI CLI:

curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh > install-oci-cli.sh
chmod +777 install-oci-cli.sh
sudo ./install-oci-cli.sh --accept-all-defaults

# add this line to ~/.profile - to make oci a recognized shell command
echo 'oci() { /root/bin/oci "[email protected]"; }' >> ~/.profile
# reload ~/.profile
. /root/.profile

You need to provide details on the OCI tenancy you will work in and the OCI user you will work as. Please open the IDE tab and edit these two files:

  • ~/.oci/config
  • ~/.oci/oci_api_key.pem

Paste the contents that you prepared in the OCI Tenancy preparation scenario.

Finalizing the Environment

Set the environment variable LAB_ID to 1 - unless you are in a workshop with multiple participants and each uses their own number.

export LAB_ID=1

Try out the following command to get a list of all namespaces you currently have access to - based on the OCI Configuration defined above.

oci os ns get

If you get a proper response, the OCI is configured correctly and you can proceed. If you run into an error, ask for help from your instructor.

Environment Preparation

export REGION=$(oci iam region-subscription list | jq -r '.data[0]."region-name"')
export REGION_KEY=$(oci iam region-subscription list | jq -r '.data[0]."region-key"')
export USER_OCID=$(oci iam user list --all | jq -r  '.data |sort_by(."time-created")| .[0]."id"')
export TENANCY_OCID=$(oci iam user list --all | jq -r  '.data[0]."compartment-id"') 
cs=$(oci iam compartment list)
export compartmentId=$(echo $cs | jq -r --arg display_name "lab-compartment" '.data | map(select(."name" == $display_name)) | .[0] | .id')

# get namespace
nss=$(oci os ns get)
export ns=$(echo $nss | jq -r '.data')