Read part 1 from here.
What we need first is a compartment where we will create our resources. Using compartments is a way to isolate and separate access to your resources within your tenancy.
In this example we will create only one compartment where we will have all our resources. If you have larger setup with more users you might want to think separating resources based on their usage and who can manage them.
Nowadays you can also use nested compartments which is handy for managing even larger team / user base with different access levels.
One additional new feature for compartments is that you can delete them too. Earlier you could only rename them (even though the current functionality will just change status to deleted and append random string in the name..).
If you want to go further with compartment setup it’s good to go through policies and how they can control on access within compartments as in case non-administrator user will always need a policy assigned to ones group to access the compartment.
Read more on compartments from here and about policies from here.
The following files main.tf and variables.tf will already contain the lines we added in the part 1.
When creating the resource I will need only three variables:
If I create compartment on tenancy level then I will submit tenancy_ocid for the resource creation. Remember this already exists as a variable which we did setup on part 1!
In the main.tf I have defined the resource:
resource "oci_identity_compartment" "CreateCompartment" {
#Required variables
compartment_id = "${var.tenancy_ocid}"
description = "${var.compartment_description}"
name = "${var.compartment_name}"
}
Optionally you could define also tags for your resource but in these examples I have not included them.
And in the variables.tf I have set the required values:
// COMPARTMENT VARIABLES
variable "compartment_name" {
default = "MyCompartment"
} // Name for the compartment
variable "compartment_description" {
default = "This compartment holds all the DEMO resources"
} // Description for the compartment
Now I’m ready to create the compartment using files we have applied changes to.
As usual we will run the following: terraform init, terraform plan and terraform apply from the folder where the files are located.
Init will be run to initialize Terraform provider and any modules we would reference. Plan is run so you can see what the execution will do and finally apply will be run to apply the resource.
PS C:\builddemo> terraform.exe plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ oci_identity_compartment.CreateCompartment
id: <computed>
compartment_id: "ocid1.tenancy.oc1..xxxxxxxxxxxxxxxxxxxxxxa"
description: "This compartment holds all the DEMO resources"
freeform_tags.%: <computed>
inactive_state: <computed>
is_accessible: <computed>
name: "MyCompartment"
state: <computed>
time_created: <computed>
time_modified: <computed>
Plan: 1 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
PS C:\builddemo> terraform.exe apply
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ oci_identity_compartment.CreateCompartment
id: <computed>
compartment_id: "ocid1.tenancy.oc1..xxxxxxxxx...xxxxxxxxxxxxa"
description: "This compartment holds all the DEMO resources"
freeform_tags.%: <computed>
inactive_state: <computed>
is_accessible: <computed>
name: "MyCompartment"
state: <computed>
time_created: <computed>
time_modified: <computed>
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
oci_identity_compartment.CreateCompartment: Creating...
compartment_id: "" => "ocid1.tenancy.oc1..xxxxxxxxxxxxxxxxxa"
description: "" => "This compartment holds all the DEMO resources"
freeform_tags.%: "" => "<computed>"
inactive_state: "" => "<computed>"
is_accessible: "" => "<computed>"
name: "" => "MyCompartment"
state: "" => "<computed>"
time_created: "" => "<computed>"
time_modified: "" => "<computed>"
oci_identity_compartment.CreateCompartment: Creation complete after 1s (ID: ocid1.compartment.oc1..xxxxxxxxx...xxxxxxxxxxxxa)
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Now we have created the compartment where we will place all our resources and are ready to move on creating Virtual Cloud Network (VCN).
Last time I showed how to provision Autonomous Database Serverless (ADB-S) on Google Cloud. This…
I bet few years back folks didn't expect that by 2024 we would be able…
This will NOT be a technical walkthrough on Oracle Database@Azure but rather my opinions and…
Recently OCI announced small but VERY useful service, IP Address Insights. Why this matters? I've…
View Comments