OCI Terraform Resource Discovery
Oracle cloud provider for Terraform (TF) offers a very nice feature. The feature is named Resource Discovery and basically it helps you to get TF script out of your existing Oracle Cloud Infrastructure(OCI).
Imagine you joined a project where multiple people did their testing on OCI and as a result the tenancy contains multiple compartments with several infrastructures. If the infrastructures were not properly documented (which is very common case) or not built in accordance to IaC then rewriting existing environment to IaC will require a lot of effort. There is also another case. If you need to completely delete the compartment with all of its objects this feature comes very handy.
Terraform Resource Discovery is supported since oracle terraform provider version 3.50. And it is basically function of the provider and not Terraform itself.
So what you have to do to utilize this feature?
- Download the oci terraform provider from https://releases.hashicorp.com/terraform-provider-oci/ or use terraform init command which automatically download the latest version (if not specified).
- Setup parameters for connection to OCI tenancy. You can use environment variables or create a OCI config file. In Terraform documentation you’ll find the setup with environment variables hence I’ll show you how to do it using config file. What you have to do is to create .oci folder within your “HOME” directory and and setup “config” file. More info here: https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
3. Then put there also your private key which you use for authentication to OCI. More info here: https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm
4. Create “test” directory and place there terraform-provider-oci
5. And now simply run the export command (for running the command I used standard cmd for better readability).
terraform-provider-oci_v3.81.0_x4.exe -command=export -compartment_id=ocid1.compartment.oc1..<unique_ID> -output_path=<path_where_to_export>
6. If all is good you’ll find nice report (well dark green on black background isn’t really well readable) at the end of the process which gives you an overview of how many objects of certain type have been found. In my case I have only network, one object storage and one ADB in the compartment.
7. If you have a look into your “test” directory you’ll find there list of exported TF files describing your selected compartment.
8. To start to modify the infrastructure it’s good to have also a state file. To generate Terraform state file simply add switch generate_state to export command. It will take a while to complete. At the end you’ll get terraform.tfstate file.
terraform-provider-oci_v3.81.0_x4.exe -command=export -compartment_id=ocid1.compartment.oc1..<unique_ID> -output_path=<path_where_to_export> -generate_state
9. Now let’s try to get rid of this testing compartment. Be aware that oci provider 3.81 uses terraform 0.12.4 for generating the TF files. Hence for working with TF files you have to have the same or upper version of the terraform. Due to the size of output the picture below contains several parts of the output concatenated into one image.
Limitations:
I’m not covering basics of setup OCI and Terraform working environment as those are very well described on owners pages.
As of now oci terraform provider does not include full list of available services in OCI but it covers majority of them. The full list currently supported services by the oci provider can be obtained by issuing command below
terraform-provider-oci_v3.81.0_x4.exe -command=list_export_resourcesMultilevel compartments are not supported yet. But you can work with individual compartments at any level of the tree.
Full documentation is accessible on terraform page https://www.terraform.io/docs/providers/oci/guides/resource_discovery.html
