Introduction
Infrastructure management in cloud environments has evolved significantly with the adoption of automation and DevOps practices. Manual provisioning is error-prone and difficult to scale.
In Oracle Cloud Infrastructure, Infrastructure as Code (IaC) is implemented using OCI Resource Manager, a managed Terraform-based service that enables automated, consistent, and repeatable deployments.
This article provides a deep dive into OCI Resource Manager, including architecture, execution flow, state management, drift detection, hands-on examples, and real-world DevOps practices.
What is Infrastructure as Code (IaC)
Infrastructure as Code (IaC) is the practice of defining and managing infrastructure using code.
Benefits
- Automation
- Consistency
- Version control
- Faster deployments
What is OCI Resource Manager
OCI Resource Manager is a managed service that uses Terraform to provision and manage cloud resources.
Key Features
- Managed Terraform execution
- No need for local setup
- Secure state management
- Easy rollback and updates
Architecture Overview
Developer
│
▼
Terraform Code (HCL)
│
▼
OCI Resource Manager
│
▼
OCI APIs
│
▼
Cloud Resources (VCN, Compute, Storage)
How Resource Manager Executes Terraform
Execution Flow
User submits job
│
▼
Configuration validated
│
▼
Terraform plan generated
│
▼
Terraform apply executed
│
▼
State file updated
Explanation
OCI Resource Manager internally performs Terraform operations such as plan and apply. It manages execution lifecycle and state securely without requiring local tools.
Key Components
Stack
A stack is a collection of Terraform configurations.
Job
Jobs execute operations such as:
- Plan
- Apply
- Destroy
State
Tracks current infrastructure and dependencies.
Hands-on Example
Step 1: Terraform Configuration
resource "oci_core_vcn" "my_vcn" {
cidr_block = "10.0.0.0/16"
display_name = "my-vcn"
}
Step 2: Create Stack
Go to Resource Manager
- Upload configuration
- Create stack
Step 3: Run Apply Job
- Click Apply
- OCI provisions resources
CLI Commands
- oci resource-manager stack list
- oci resource-manager job list
- oci resource-manager job get --job-id
Authentication and IAM Integration
OCI Resource Manager integrates with IAM for secure access.
Authentication is handled using IAM policies and instance principals.
ex : Allow group DevOps to manage all-resources in compartment Dev
Terraform State Management
Terraform state is automatically managed by OCI Resource Manager.
State includes:
- Resource mappings
- Infrastructure state
- Dependency tracking
Why important:
Ensures Terraform knows existing resources and prevents duplication.
Drift Detection
Drift occurs when infrastructure is modified outside Terraform.
Ex : Manual change → Drift detected → Terraform shows mismatch
Resource Manager detects drift by comparing:
- Current infrastructure
- Stored state
Plan vs Apply
Plan → Shows changes
Apply → Executes changes
Example :
- Plan: Create VCN
- Apply: Resource created
Best Practices
- Use version control (Git)
- Separate dev and prod environments
- Use variables instead of hardcoding
- Always review Terraform plan
- Store sensitive data securely
Conclusion
OCI Resource Manager simplifies infrastructure provisioning by enabling Infrastructure as Code using Terraform. It ensures consistency, scalability, and automation in cloud deployments.
Understanding execution flow, state management, and drift detection is essential for building reliable and production-ready cloud environments.
Top comments (0)