Terraform
Define input variables
You now have enough Terraform knowledge to create useful configurations, but the examples so far have used hard-coded values. Terraform configurations can include variables to make your configuration more dynamic and flexible.
Prerequisites
This tutorial assumes that you are continuing from the previous tutorial, which we highly recommend. If not, we've summarized the prerequisites here for your convenience. To follow this tutorial you will need:
OCI Tenancy. Note your region, you will use it throughout the tutorial.
The Terraform CLI installed.
The OCI CLI installed. Configure the CLI with a token by following the session authentication flow.
$ oci session authenticateCreate a directory named
learn-terraform-ociand paste the following configuration into a file namedmain.tf.terraform { required_providers { oci = { source = "oracle/oci" } } } provider "oci" { region = "us-sanjose-1" auth = "SecurityToken" config_file_profile = "learn-terraform" } resource "oci_core_vcn" "internal" { dns_label = "internal" cidr_block = "172.16.0.0/20" compartment_id = "<your_compartment_OCID_here>" display_name = "My internal VCN" } resource "oci_core_subnet" "dev" { vcn_id = oci_core_vcn.internal.id cidr_block = "172.16.0.0/24" compartment_id = "<your_compartment_OCID_here>" display_name = "Dev subnet" prohibit_public_ip_on_vnic = true dns_label = "dev" }Customize the
regionand both instances ofcompartment_idto match the ones listed on your OCI tenancy page in the webInitialize the configuration.
$ terraform init
Once you have successfully initialized the configuration, you can continue with the rest of this tutorial.
Declare variables
The configuration includes a number of hard-coded values. Terraform variables allow you to write configuration that is flexible and easier to re-use.
Declare variable to define your compartment ID and region so that you don't have to repeat these values in the configuration.
Create a new file called variables.tf containing the following configuration blocks.
variable "compartment_id" {
description = "OCID from your tenancy page"
type = string
}
variable "region" {
description = "region where you have OCI tenancy"
type = string
default = "us-sanjose-1"
}
Tip
Terraform loads all files in the current directory ending in .tf.
Notice that you defined a default for region, since you may want to suggest a region to other users of this configuration, especially if they collaborate with you on this infrastructure. You did not set a default for compartment ID.
Define the variables
Create a file called terraform.tfvars containing the following contents. This file will define values for the variables you just declared.
compartment_id = "<your_compartment_OCID_here>"
region = "us-sanjose-1"
Customize your file with your own OCID and region, which you can copy from one of the places they are listed in main.tf. Then save the file. Although you have defined a default for the region variable, setting the variable in a .tfvars file, or with another method, will override the default.
As a best practice, Terraform configuration directories usually contain a version control configuration file that excludes files with .tfvars extensions from version control. Do not include sensitive values in Terraform configuration files that you could accidentally commit to version control.
Reference the variables
Open main.tf, and update the configuration to use the new variables.
terraform {
required_providers {
oci = {
source = "oracle/oci"
}
}
}
provider "oci" {
- region = "us-sanjose-1"
+ region = var.region
auth = "SecurityToken"
config_file_profile = "learn-terraform"
}
resource "oci_core_vcn" "internal" {
dns_label = "internal"
cidr_block = "172.16.0.0/20"
- compartment_id = "ocid1.tenancy.oc1...."
+ compartment_id = var.compartment_id
display_name = "My internal VCN"
}
resource "oci_core_subnet" "dev" {
vcn_id = oci_core_vcn.internal.id
cidr_block = "172.16.0.0/24"
- compartment_id = "ocid1.tenancy.oc1...."
+ compartment_id = var.compartment_id
display_name = "Dev subnet"
prohibit_public_ip_on_vnic = true
dns_label = "dev"
}
Apply the configuration
Apply the configuration. Respond to the confirmation prompt with a yes.
$ terraform apply
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# oci_core_subnet.dev will be created
+ resource "oci_core_subnet" "dev" {
+ availability_domain = (known after apply)
+ cidr_block = "172.16.0.0/24"
+ compartment_id = "ocid1.tenancy.oc1...."
+ defined_tags = (known after apply)
+ dhcp_options_id = (known after apply)
+ display_name = "Dev subnet"
+ dns_label = "dev"
+ freeform_tags = (known after apply)
+ id = (known after apply)
+ ipv6cidr_block = (known after apply)
+ ipv6cidr_blocks = (known after apply)
+ ipv6virtual_router_ip = (known after apply)
+ prohibit_internet_ingress = (known after apply)
+ prohibit_public_ip_on_vnic = true
+ route_table_id = (known after apply)
+ security_list_ids = (known after apply)
+ state = (known after apply)
+ subnet_domain_name = (known after apply)
+ time_created = (known after apply)
+ vcn_id = (known after apply)
+ virtual_router_ip = (known after apply)
+ virtual_router_mac = (known after apply)
}
# oci_core_vcn.internal will be created
+ resource "oci_core_vcn" "internal" {
+ byoipv6cidr_blocks = (known after apply)
+ cidr_block = "172.16.0.0/20"
+ cidr_blocks = (known after apply)
+ compartment_id = "ocid1.tenancy.oc1...."
+ default_dhcp_options_id = (known after apply)
+ default_route_table_id = (known after apply)
+ default_security_list_id = (known after apply)
+ defined_tags = (known after apply)
+ display_name = "My internal VCN"
+ dns_label = "internal"
+ freeform_tags = (known after apply)
+ id = (known after apply)
+ ipv6cidr_blocks = (known after apply)
+ ipv6private_cidr_blocks = (known after apply)
+ is_ipv6enabled = (known after apply)
+ is_oracle_gua_allocation_enabled = (known after apply)
+ state = (known after apply)
+ time_created = (known after apply)
+ vcn_domain_name = (known after apply)
}
Plan: 2 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value:
Respond to the confirmation prompt with yes.
Enter a value: yes
oci_core_vcn.internal: Creating...
oci_core_vcn.internal: Creation complete after 1s [id=ocid1.vcn.oc1.us-sanjose-1.amaaaaaapqqlmeyagheb4xftk3iqcjph3qhjaqoannwsbxq7bvcvyum53yba]
oci_core_subnet.dev: Creating...
oci_core_subnet.dev: Creation complete after 7s [id=ocid1.subnet.oc1.us-sanjose-1.aaaaaaaaciqn5icxe2x3jbe6hzbjrle7ghbspn5s4d3ybpxr2ofuzudr4vya]
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
Next Steps
You defined some of the values in your configuration as variables, which made your configuration more flexible and less repetitive. To deploy the same infrastructure in a different compartment or region, the only configuration changes you would need to make are in terraform.tfvars.
To learn more about Terraform variables, and other methods for defining them, refer to the variables documentation. Continue learning about the Terraform basics on OCI in the next tutorial.