Mastering Terraform on Oracle Cloud Infrastructure – Deep dive training
Table of Content
- Terraform setting up variables
- Creating a Compartment on OCI
- Creating an Instance with existing Network
- Creating an Instance with Network
- Create Non Federated User
- Create user, group, dynamic group, attach users to group and policies
- Create Highly Scalable Cluster on OCI
- Create Load Balancer on OCI
- Author : Madhusudhan Rao
Creating a Federated User
Terraform on OCI non-federated create user
Here we would need 2 files in a folder they are listed below
- variables.tf
- main.tf
variables.tf
You can get these variable values from our previous exercise
#************************************* # TF Requirements #************************************* variable "tenancy_ocid" { default = "ocid1.tenancy.oc1..aaaaaaaaXXXXX5vjqpsdd6ahdouq" } variable "region" { default = "us-ashburn-1" } variable "user_ocid" { default = "ocid1.user.oc1..aaaaaaaa7XXXXfcue4nbuxjsf3s4mca" } variable "private_key_path"{ default = "/Users/madhusudhanrao/tf/keys/myopensslkey.pem" } variable "fingerprint"{ default = "e6:65:1d:3f:8f:94:c9:43:05:8f:a0:6a:9c:9b:45:a1" } variable "compartment_ocid" { #Compartment-15Nov default = "ocid1.compartment.oc1..aaaaaaaXXXXexkqukwwbzx5nuauaa" } variable "ssh_public_key" { # cat id_rsa.pub default = "ssh-rsa AAAAB3NzaC1yc2EAAAAXXXXXuZw== [email protected]" } variable "ssh_private_key" { default = "/Users/madhusudhanrao/tf/keys/myopensslkey.pem" }
main.tf
Create Non Federated user by name tf-example-user
#variable "tenancy_ocid" {} #variable "user_ocid" {} #variable "fingerprint" {} #variable "private_key_path" {} #variable "compartment_ocid" {} #variable "region" { default = "us-ashburn-1" } provider "oci" { region = var.region tenancy_ocid = var.tenancy_ocid user_ocid = var.user_ocid fingerprint = var.fingerprint private_key_path = var.private_key_path } data "oci_identity_tenancy" "tenancy" { tenancy_id = var.tenancy_ocid } data "oci_identity_regions" "home-region" { filter { name = "key" values = [data.oci_identity_tenancy.tenancy.home_region_key] } } provider "oci" { alias = "home" region = data.oci_identity_regions.home-region.regions[0]["name"] tenancy_ocid = var.tenancy_ocid user_ocid = var.user_ocid fingerprint = var.fingerprint private_key_path = var.private_key_path } resource "oci_identity_user" "user1" { provider = oci.home name = "tf-example-user" description = "user created by terraform" }
terraform init
- statements ignored -
terraform plan
- statements ignored -
terraform apply
[email protected] mytf-identity % terraform apply data.oci_identity_tenancy.tenancy: Refreshing state... data.oci_identity_regions.home-region: Refreshing state... An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # oci_identity_user.user1 will be created + resource "oci_identity_user" "user1" { + capabilities = (known after apply) + compartment_id = (known after apply) + defined_tags = (known after apply) + description = "user created by terraform" + email = (known after apply) + external_identifier = (known after apply) + freeform_tags = (known after apply) + id = (known after apply) + identity_provider_id = (known after apply) + inactive_state = (known after apply) + name = "tf-example-user" + state = (known after apply) + time_created = (known after apply) } Plan: 1 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes oci_identity_user.user1: Creating... oci_identity_user.user1: Creation complete after 3s [id=ocid1.user.oc1..aaaaaaaampi6uXXXXiakggoikeggecq] Apply complete! Resources: 1 added, 0 changed, 0 destroyed. [email protected] mytf-identity %
Reality Check
login to cloud console https://console.us-ashburn-1.oraclecloud.com/ and you should be able to see new user created.
Cleanup what was created .
[email protected] mytf-vnc % terraform destroy - ignored -