How to use the OCI Terraform Provider without an OCI config file path
The Problem
Recall that traditionally, we declare in Terraform to use the OCI provider using this code:
terraform {
required_providers {
oci = {
source = "oracle/oci"
}
}
}
provider "oci" {
config_file_profile = "DEFAULT"
}
This requires you to already have an OCI config file set up in ~/.oci/config with a path that leads to the private key, as talked more in Setting up the OCI Configuration File using API Keys.
This leads to issues when using CI/CD or other automation tools which don't make it easy to add or modify internal files.
The Solution
Instead, we can hardcode the full config file details and the full API key within the provider block as follows:
terraform {
required_providers {
oci = {
source = "oracle/oci"
}
}
}
provider "oci" {
region = "us-ashburn-1"
tenancy_ocid = "ocid1.tenancy.oc1..aaaaaaaavjzemxptyyi8w49b4itxn2asgvhuamsptyyi8w49b4itxn2asgvhuams"
user_ocid = "ocid1.user.oc1..aaaaaaaavjzemxgpcvptyyi8w49b4itxn2aszyy7m4gtv76ruzu36rk2p2o6j"
private_key = base64decode(var.ssh_private_key_in_base64)
fingerprint = "00:34:63:27:c8:33:46:51:92:a0:23:6e:fb:9b:4a:48"
}
As an added option, you may also replace private_key with private_key_path with the full path of the private key as its value.
See full configuration options in the reference below.
References
Safe harbor statement
The information provided on this channel/article/story is solely intended for informational purposes and cannot be used as a part of any contractual agreement. The content does not guarantee the delivery of any material, code, or functionality, and should not be the sole basis for making purchasing decisions. The postings on this site are my own and do not necessarily reflect the views or work of Oracle or Mythics, LLC.
This work is licensed under a Creative Commons Attribution 4.0 International License.
Top comments (0)