Prepare to Provision the Infrastructure Resources

Install Terraform and generate the keys required to provision resources in Oracle Cloud.

Before You Begin

Before you begin creating resources in Oracle Cloud Infrastructure, ensure that you have the following:

• Credentials for an Oracle Cloud tenancy.

• A compartment, with permission to create and manage resources in it.

• A computer that has the following software and access to the internet:

  • A utility to generate API signing keys.

    Most UNIX-like systems have openssl. On Windows, you can use Git Bash.

  • A utility to generate SSH key pairs.

    Most UNIX-like systems have ssh-keygen. On Windows, you can use PuTTY.

  • A web browser.

• Basic knowledge of Terraform.

  At a minimum, read the introduction at https://www.terraform.io/intro/.

Install Terraform

On UNIX-like or Linux systems, including Oracle Linux, you can install Terraform by downloading and extracting the Terraform package for your operating system.

1. Go to https://www.terraform.io/downloads.html.
2. Download the appropriate package depending on your operating system.
3. Extract the package to the path /usr/local/bin/.
   You can extract Terraform to any other directory on your local host. Ensure that the directory is included in the PATH variable.
   Terraform is installed and ready to use.
4. Verify the installation.

   terraform -v

   The Terraform version is displayed, as shown in this example:

   Terraform v0.12.18

Generate an API Signing Key

To enable Terraform to authenticate with Oracle Cloud Infrastructure, you must provide an RSA key in the privacy-enhanced mail (PEM) format. This key is not the same as the SSH key that you use to access your instances. Use OpenSSL to generate the API signing key.

1. In a UNIX shell, create a hidden subdirectory in your home directory to store the PEM key.

   mkdir ~/.oci

2. Generate a private key (size: 2048 bits or higher).

   openssl genrsa -out ~/.oci/oci_api_key.pem 2048

3. Change the permissions on the private key file, to ensure that only you can read the key.

   chmod go-rwx ~/.oci/oci_api_key.pem

4. Generate the public key for the private key.

   openssl rsa -pubout -in ~/.oci/oci_api_key.pem -out ~/.oci/oci_api_key_public.pem

Upload the API Signing Key

After you generate an API signing key, upload the public key for the appropriate user in Oracle Cloud Infrastructure.

1. Sign in to the Oracle Cloud Infrastructure web console.
2. From the services menu, select Identity, and then select Users.
3. On the Users page, click the user that you plan to specify in the Terraform configuration.
4. On the user details page, click Add Public Key.
5. Copy the public key value from the ~/.oci/oci_api_key_public.pem file, and paste it in the PUBLIC KEY field.
6. Click Add.
   The key is uploaded, and its fingerprint is displayed.
7. Copy the fingerprint. You need it later.