Oracle Cloud Infrastructure Documentation

Terraform: Create a Compartment

In this tutorial, you use Terraform to connect to your Oracle Cloud Infrastructure account and create a compartment in your tenancy.

Key tasks include how to:

  • Use Oracle Cloud Infrastructure Terraform provider resources to:
    • Declare a compartment with your specifics.
    • Create the compartment in your tenancy.
A diagram of a user connected from a local machine to an Oracle Cloud Infrastructure tenancy. The local environment is Linux and has Terraform installed. There is an arrow from Terraform in the local environment,to Terraform Registry, and to the tenancy, pointing to a compartment. These arrows suggest that the user has created a compartment in the tenancy by using Terraform and Terraform Registry.

For additional information, see:

1. Prepare

Prepare your environment for authenticating and running your Terraform scripts. Also, collect all the information you need to complete the tutorial.

Get Tenancy Information

Collect the following information from the Oracle Cloud Infrastructure Console and copy it into your notepad.

  • Tenancy OCID: <tenancy-ocid>
    • From your user avatar, go to Tenancy: <your-tenancy> and copy OCID.
Add Compartment Policy

If your username is in the Administrators group, then skip this section. Otherwise, have your administrator add the following policy to your tenancy:

allow group <the-group-your-username-belongs> to manage compartments in tenancy

With this privilege, you can create a compartment for all the resources in your tutorial.

Steps to Add the Policy
  1. In the top navigation bar, open the Profile menu.
  2. Click your username.
  3. In the left pane, click Groups.
  4. In a notepad, copy the Group Name that your username belongs.
  5. Open the navigation menu and click Identity & Security. Under Identity, click Policies.
  6. Select your compartment from the Compartment drop-down.
  7. Click Create Policy.
  8. Fill in the following information:
    • Name: manage-compartments
    • Description: Allow the group <the-group-your-username-belongs> to list, create, update, delete and recover compartments in the tenancy.
    • Compartment: <your-tenancy>(root)
  9. For Policy Builder, click Show manual editor.
  10. Paste in the following policy:
    allow group <the-group-your-username-belongs> to manage compartments in tenancy
  11. Click Create.

Reference: The compartments resource-type in Verbs + Resource-Type Combinations for IAM

2. Create Scripts

Create three scripts: one for authentication, one to create a compartment, and one to print outputs.

Add Authentication
First, set up a directory for your Terraform scripts. Then add a provider script so your Oracle Cloud Infrastructure account can authenticate the scripts running from this directory.
  1. In your $HOME directory, create a directory called tf-compartment and change to that directory. 
    mkdir tf-compartment
    cd tf-compartment
  2. Copy the provider.tf file from the Set Up OCI Terraform tutorial mentioned in the Before you Begin section, into the tf-compartment directory. 
    cp ../tf-provider/provider.tf .
    Note

    You only need the provider.tf file from the Set Up OCI Terraform tutorial.
Declare a Compartment Resource

Declare an Oracle Cloud Infrastructure compartment resource and then define the specifics for the compartment.

  1. Create a file called compartment.tf.
  2. Add the following code to compartment.tf.
    • Replace <tenancy-ocid>, with the information you gathered in section 1.
    • Replace <your-compartment-name> with a name of your choice.
    • The compartment_id is the OCID for the parent compartment. Use the root compartment as the parent.
      Note

      The tenancy OCID is the compartment OCID for the root compartment.
    
resource "oci_identity_compartment" "tf-compartment" {
    # Required
    compartment_id = "<tenancy-ocid>"
    description = "Compartment for Terraform resources."
    name = "<your-compartment-name>"
}
  3. Save the compartment.tf file.
Explanation

In Terraform, resources are objects such as virtual cloud networks or compute instances. You can create, update, and delete them with Terraform. To declare a compartment resource:

  • Go to Oracle Cloud Infrastructure Provider.
  • In the left navigation Filter, enter compartment.

    Results are returned for both Data Sources and Resources.

  • Under Identity, go to Resources and click oci_identity_compartment.
  • Find the Resource Type from the title of the page:
    • Type: oci_identity_compartment
  • In the Argument Reference section, find all arguments (inputs) labeled as (Required):
    • compartment_id
    • description
    • name
  • Construct a resource block:
    • Declare a resource block with the keyword: resource
    • Add a label for resource type: "oci_identity_compartment"
    • Add a label for a local name of your choice:
      • The label can contain letters, digits, underscores (_), and hyphens (-). The first character must not be a digit.
      • Example: "tf-compartment"
    • Inside the code block, provide a value for the required arguments. They don't have a default value.
    • For optional arguments, provide values for the ones you want to override. Otherwise, their default values are used.
Add Outputs

Add output blocks to your code to get information about your compartment after Terraform creates the compartment.

  1. In the tf-compartment directory, create a file called outputs.tf.
    Note

    Ensure that outputs.tf, provider.tf, and compartment.tf are in the same directory.
  2. Add the following code to outputs.tf. 
    # Outputs for compartment

output "compartment-name" {
  value = oci_identity_compartment.tf-compartment.name
}

output "compartment-OCID" {
  value = oci_identity_compartment.tf-compartment.id
}
  3. Save the outputs.tf file.
Explanation
  • On the Resource: oci_identity_compartment page, go to Attributes Reference.
    Note

    Attributes are the outputs that you can return for the oci_identity_compartment resource.
  • Decide which attributes to output.
  • Construct a resource output block:
    • Declare an output block with the keyword: output
    • Add a label to be printed with the output results:
      • The label can contain letters, digits, underscores (_), and hyphens (-). The first character must not be a digit.
      • Example: "compartment-name"
    • Inside the code block, enter a value for the resource output with the expression:
      • value = <type>.<local-name-for-resource>.<attribute>
      • Example: value = oci_identity_compartment.tf-compartment.id
    • Create an output block for each output.

3. Create a Compartment

Run your Terraform scripts. After, your account authenticates the scripts, Terraform creates a compartment in your tenancy.

Initialize
  1. Initialize a working directory in the tf-compartment directory. 
    terraform init
  2. Confirm that Terraform has been successfully initialized!.

    Example output:

    Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/oci...
- Installing hashicorp/oci vx.x.x...
- Installed hashicorp/oci vx.x.x (signed by HashiCorp)

Terraform has been successfully initialized!
Plan
  1. Create an execution plan to check whether the changes shown in the execution plan match your expectations, without changing the real resources. 
    terraform plan
  2. Confirm that you have Plan: 1 to add, 0 to change, 0 to destroy.

    Example output:

    Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with
the following symbols:
  + create

Terraform will perform the following actions:

  # oci_identity_compartment.tf-compartment will be created
  + resource "oci_identity_compartment" "tf-compartment" {
      + compartment_id = "ocid1.tenancy.xxx"
      + defined_tags   = (known after apply)
      + description    = "Compartment for Terraform resources."
      + freeform_tags  = (known after apply)
      + id             = (known after apply)
      + inactive_state = (known after apply)
      + is_accessible  = (known after apply)
      + name           = "<your-compartment-name>"
      + state          = (known after apply)
      + time_created   = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + compartment-OCID = (known after apply)
  + compartment-name = "<your-compartment-name>"
Apply
  1. Create your compartment with Terraform: 
    terraform apply

    When prompted for confirmation, enter yes, for your resource to be created.

  2. (Optional) Watch the creation from the Console:
    • Open the navigation menu and click Identity & Security. Under Identity, click Compartments.
    • Refresh the page, until you see the compartment name.
    • Click the compartment name to see its details such as its OCID.
  3. In the output terminal, review your defined outputs.

    Example output:

    oci_identity_compartment.tf-compartment: Creating...
oci_identity_compartment.tf-compartment: Creation complete after 9s [id=xxx]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Outputs:

compartment-OCID = ocid1.compartment.xxx
compartment-name = <your-compartment-name>

Congratulations! You have successfully logged in and created a compartment in your tenancy, using the Oracle Cloud Infrastructure Terraform provider.

References: