この記事は「Oracle Cloud Advent Calendar 2018」の12月10日の記事として書かれています。
コードを使用してインフラストラクチャのトポロジを定義するHashicorp社のTerraformを使ってOracle Cloud InfrastructureでInfrastructure as Code(IaC)を実現することができます。
この記事では、簡単な構成を作るまでを紹介します。
2018年09月20日よりTerraformの公式プロバイダとしてOracle Cloud Infrastructure用のHashCorp Terraform Providerが提供され、より利用しやすくなりました。
準備作業
環境を構築をする上で、使用する環境の情報および作成するインスタンスへの接続に必要な情報を準備します。
準備に必要な情報は
「Oracle Cloud その2 Advent Calendar 2018」の12月3日の記事
「Oracle Cloud Infrastructure CLIを設定してみた」と同等です。
利用するOCI環境のOCID情報をWebConsoleから取得します。
-
テナントのOCID
画面左上のMENUからAdministration - Tenancy Detailsと遷移します。
MENU - Administration - Tenancy Details
この画面でテナンシーのOCIDを取得します。(赤枠)のCopyを押すとクリップボードへコピーされます。全ての桁を表示するにはShowを押します。
-
ユーザーのOCID
画面左上のMENUからIdentity - Usersと遷移しユーザ一覧から作業するユーザを選択します。
MENU - Identity - Users
この画面でユーザのOCIDを取得します。(赤枠)のCopyを押すとクリップボードへコピーされます。全ての桁を表示するにはShowを押します。
-
コンパートメントのOCID
画面左上のMENUからIdentity - Compartmentsと遷移しコンパートメント一覧から作業するコンパートメントを選択します。この画面でコンパートメントのOCIDを取得します。(赤枠)のCopyを押すとクリップボードへコピーされます。全ての桁を表示するにはShowを押します。
MENU - Identity - Compartments -
リージョン名
画面右上に表示されるリージョン名から使用するリージョン名を確認します。
アクセスするユーザのAPIアクセスキーを生成します。
-
pem形式のキーペアを生成
- openssl などを使ってキーペアを生成します。
-
APIアクセスキーの作成
- 作成した公開鍵をOCIのコンソールへ登録します。ユーザ毎に公開鍵の登録が必要です。ユーザの画面で
Add Public Keyボタン(赤枠)を押して登録用のダイアログを表示します。
先ほど作成した公開鍵の中身をダイアログのテキストエリアへコピーします。
- 作成した公開鍵をOCIのコンソールへ登録します。ユーザ毎に公開鍵の登録が必要です。ユーザの画面で
-
APIアクセスキーのFingerprintの取得
- 登録が完了すると、登録された鍵が一覧表示され、鍵のフィンガープリントが表示されます。
- 登録が完了すると、登録された鍵が一覧表示され、鍵のフィンガープリントが表示されます。
作成するインスタンスにssh接続するようにキーペアを生成します。
- ssh接続用のキーペアの生成
- ssh 接続用に別途キーペアを生成する場合は生成しておきます。
Terraformのインストール
Terraformをダウンロードし、インストールします。
https://www.terraform.io/downloads.html にアクセスし、お使いの環境に合わせた Terraform実行ファイルをダウンロードします
Windows OSのクライアントに Terrafrom for Windows 64-bit版をインストールする例を示します。
64-bit版のTerraforをダウンロードします。
ダウンロードしたzipファイルを解凍します。
任意の場所にTerraform用のディレクトリを作成し、terraform.exe を配置します。
(例) C:\Program Files\Terraform\terraform.exe
Path環境変数に、作成したディレクトリを追加します。
Windows OSでは、コマンドプロンプトで以下コマンドを発行すると、環境変数の操作が行なえます。
setx PATH=%PATH%;<Terraformのインストールフォルダ>
を C:\Program Files\Terraform などの適切な値に変更してください
PowerShellを開いて以下のコマンドを実行し、terraform が起動できることを確認します
PS C:\> terraform
以下のような応答が返ってきていれば、インストールとパスの設定が無事に完了しています。
Usage: terraform [--version] [--help] <command> [args]
The available commands for execution are listed below.
The most common, useful commands are shown first, followed by
less common or more advanced commands. If you're just getting
started with Terraform, stick with the common commands. For the
other commands, please read the help and docs before usage.
Common commands:
apply Builds or changes infrastructure
console Interactive console for Terraform interpolations
destroy Destroy Terraform-managed infrastructure
env Workspace management
fmt Rewrites config files to canonical format
get Download and install modules for the configuration
graph Create a visual graph of Terraform resources
import Import existing infrastructure into Terraform
init Initialize a Terraform working directory
output Read an output from a state file
plan Generate and show an execution plan
providers Prints a tree of the providers used in the configuration
push Upload this Terraform module to Atlas to run
refresh Update local state file against real resources
show Inspect Terraform state or plan
taint Manually mark a resource for recreation
untaint Manually unmark a resource as tainted
validate Validates the Terraform files
version Prints the Terraform version
workspace Workspace management
All other commands:
debug Debug output management (experimental)
force-unlock Manually unlock the terraform state
state Advanced state management
Terraformの動作テスト
Terraformの動作をテストします。
新規ディレクトリを作成(例:C:\ex01)し、以下2つのファイルを作成します。
環境情報ファイル(PowerShellを使う場合 env-vars.ps1/ bash系を使う env-vars)
env-vars.ps1
### Substitute USERNAME-Lab to correct the path if not using Lab
### Substitute the OCIDs, fingerprints and keys with the correct ones for your environment
### Authentication details
$env:TF_VAR_tenancy_ocid="<Your Tenancy OCID>"
$env:TF_VAR_user_ocid="<Your User OCID>"
$env:TF_VAR_fingerprint="<Your User Fingerprint>"
$env:TF_VAR_private_key_path="<Private Key File Path>"
### Compartment
$env:TF_VAR_compartment_ocid="<Your Compartment OCID>"
### Public/private keys used on the instances
$env:TF_VAR_ssh_public_key = Get-Content <ssh public key file path> -Raw
$env:TF_VAR_ssh_private_key = Get-Content <ssh private key file path> -Raw
### Region
$env:TF_VAR_region="<Your Region>"
### Check variables are set in PowerShell wth "dir env:"
#
#
ファイル内の以下の箇所をご自身の環境に合わせて編集します。
- < Your Tenancy OCID > :Tenancy OCID
- < Your User OCID > : ユーザ OCID
- < Your User Fingerprint > : ユーザ Fingerprint
- < Private Key File Path > : Private Keyファイルパス(例:C:\key\private.pem)
- < Your Compartment OCID > : コンパートメント OCID
- < ssh public key file path > : ssh 用公開鍵ファイルパス (例:C:\key\id_rsa.pub)
- < ssh private key file path > : ssh 用秘密鍵ファイルパス (例:C:\key\id_rsa)
- < Your Region > :リージョン名 (例:us-ashburn-1)
### Authentication details
export TF_VAR_tenancy_ocid=<Your Tenancy OCID>
export TF_VAR_user_ocid=<Your User OCID>
export TF_VAR_fingerprint=<Your User Fingerprint>
export TF_VAR_private_key_path=<Private Key File Path>
### Region
export TF_VAR_region=<Your Region>
### Compartment
export TF_VAR_compartment_ocid=<Your Compartment OCID>
### Public/private keys used on the instance
export TF_VAR_ssh_public_key=$(cat <ssh public key file path>)
export TF_VAR_ssh_private_key=$(cat <ssh private key file path>)
## NOTE: These are not your api keys. More info on the right keys see
## https://docs.us-phoenix-1.oraclecloud.com/Content/Compute/Tasks/managingkeypairs.htm
サンプルTerraformファイル(tftest.tf)
tftest.tf
variable "tenancy_ocid" {}
variable "user_ocid" {}
variable "fingerprint" {}
variable "private_key_path" {}
variable "compartment_ocid" {}
variable "ssh_public_key" {}
variable "region" {}
provider "oci" {
tenancy_ocid = "${var.tenancy_ocid}"
user_ocid = "${var.user_ocid}"
fingerprint = "${var.fingerprint}"
private_key_path = "${var.private_key_path}"
region = "${var.region}"
disable_auto_retries = "true"
}
data "oci_identity_availability_domains" "ADs" {
compartment_id = "${var.tenancy_ocid}"
}
output "ADprint" {
value = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}"
}
PowerShellで環境変数を設定します。
PowerShellのスクリプトを実行するためにはGet-ExecutionPolicyコマンドレットで実行ポリシーをRestricted以外に変更します。
- PowerShellを管理者権限で実行した場合
PowerShell.
Set-ExecutionPolicy RemoteSigned
- PowerShellの起動時に起動オプションで実行ポリシーを指定する
コマンドプロンプト.
powershell -ExecutionPolicy RemoteSigned
PowerShell.
PS C:\> cd C:\ex01
PS C:\ex01> . .\env-vars.ps1
以下のコマンドでテストを実行し、Terraform が適切に動作することを確認します。
- terraform init
- 初回実行時にOCI providerがダウンロードされます。
- terraform plan
- terraform apply
- terraform destroy
実行例
PS C:\ex01> terraform init
Initializing provider plugins...
- Checking for available provider plugins on https://releases.hashicorp.com...
- Downloading plugin for provider "oci" (3.8.0)...
The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.oci: version = "~> 3.8"
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
PS C:\ex01> terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
data.oci_identity_availability_domains.ADs: Refreshing state...
------------------------------------------------------------------------
No changes. Infrastructure is up-to-date.
This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.
PS C:\ex01> terraform apply
data.oci_identity_availability_domains.ADs: Refreshing state...
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
ADprint = hMKA:US-ASHBURN-AD-1
PS C:\ex01> terraform destroy
data.oci_identity_availability_domains.ADs: Refreshing state...
Do you really want to destroy?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
Destroy complete! Resources: 0 destroyed.
PS C:\ex01>
ネットワーク(VCN)を構築する
VNC,Internet GatewayとRoute Table,Security List,Subnet の順にネットワークを構築し以下のようなVCNを作成します。
新規ディレクトリを作成(例:C:\ex02)し、上段で作成した env-vars.ps1ファイルをコピーし、さらに以下2つのファイルを配置します。
provider.tf
provider "oci" {
tenancy_ocid = "${var.tenancy_ocid}"
user_ocid = "${var.user_ocid}"
fingerprint = "${var.fingerprint}"
private_key_path = "${var.private_key_path}"
region = "${var.region}"
}
variables.tf
variable "tenancy_ocid" {}
variable "user_ocid" {}
variable "fingerprint" {}
variable "private_key_path" {}
variable "compartment_ocid" {}
variable "region" {}
variable "VPC-CIDR" {
default = "10.0.0.0/16"
}
変数「VPC-CIDR」で作成するVCNのCIDRを指定しています。
##Step1 VCNを構築する
同じディレクトリに vcn.tfファイルを作成します。
vcn.tf
data "oci_identity_availability_domains" "ADs" {
compartment_id = "${var.tenancy_ocid}"
}
resource "oci_core_virtual_network" "CompleteVCN" {
cidr_block = "${var.VPC-CIDR}"
compartment_id = "${var.compartment_ocid}"
display_name = "CompleteVCN"
}
VCNの名前「CompleteVCN」と「display_name」を指定しています。
以下のコマンドを実行しVCNを作成します。
- terraform init
- terraform plan -out plan01
- terraform apply "plan01"
実行例
PS C:\ex02> terraform init
Initializing provider plugins...
The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.oci: version = "~> 3.8"
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
PS C:\ex02> terraform plan -out plan01
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
data.oci_identity_availability_domains.ADs: Refreshing state...
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ oci_core_virtual_network.CompleteVCN
id: <computed>
cidr_block: "10.0.0.0/16"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
default_dhcp_options_id: <computed>
default_route_table_id: <computed>
default_security_list_id: <computed>
display_name: "CompleteVCN"
freeform_tags.%: <computed>
state: <computed>
time_created: <computed>
vcn_domain_name: <computed>
Plan: 1 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
This plan was saved to: plan01
To perform exactly these actions, run the following command to apply:
terraform apply "plan01"
PS C:\ex02> terraform apply "plan01"
data.oci_identity_availability_domains.ADs: Refreshing state...
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ oci_core_virtual_network.CompleteVCN
id: <computed>
cidr_block: "10.0.0.0/16"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
default_dhcp_options_id: <computed>
default_route_table_id: <computed>
default_security_list_id: <computed>
display_name: "CompleteVCN"
freeform_tags.%: <computed>
state: <computed>
time_created: <computed>
vcn_domain_name: <computed>
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
oci_core_virtual_network.CompleteVCN: Creating...
cidr_block: "" => "10.0.0.0/16"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
default_dhcp_options_id: "" => "<computed>"
default_route_table_id: "" => "<computed>"
default_security_list_id: "" => "<computed>"
display_name: "" => "CompleteVCN"
freeform_tags.%: "" => "<computed>"
state: "" => "<computed>"
time_created: "" => "<computed>"
vcn_domain_name: "" => "<computed>"
oci_core_virtual_network.CompleteVCN: Creation complete after 1s (ID: ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Web Console で作成された VCNを確認します。
##Step2 Internet GatewayとRoute Tableを構築する
同じディレクトリに route.tfファイルを作成します。
route.tf
resource "oci_core_internet_gateway" "CompleteIG" {
compartment_id = "${var.compartment_ocid}"
display_name = "CompleteIG"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
}
resource "oci_core_route_table" "RouteForComplete" {
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
display_name = "RouteTableForComplete"
route_rules {
destination = "0.0.0.0/0"
network_entity_id = "${oci_core_internet_gateway.CompleteIG.id}"
}
}
Internet Gatewayの名前「CompleteIG」と「display_name」を指定しています。
Route Tableの名前「RouteForComplete」と「display_name」を指定しています。
Route Ruleに 宛先「0.0.0.0/0」をInternet Gateway 「CompleteIG」を指定しています。
以下のコマンド実行しInternet GatewayとRoute Tableを作成します。
- terraform init
- terraform plan -out plan02
- terraform apply "plan02"
実行例
PS C:\ex02> terraform init
Initializing provider plugins...
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
PS C:\ex02> terraform plan -out plan02
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
oci_core_virtual_network.CompleteVCN: Refreshing state... (ID: ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
data.oci_identity_availability_domains.ADs: Refreshing state...
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ oci_core_internet_gateway.CompleteIG
id: <computed>
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "CompleteIG"
enabled: "true"
freeform_tags.%: <computed>
state: <computed>
time_created: <computed>
time_modified: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ oci_core_route_table.RouteForComplete
id: <computed>
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "RouteTableForComplete"
freeform_tags.%: <computed>
route_rules.#: "1"
route_rules.~2445335067.cidr_block: <computed>
route_rules.~2445335067.destination: "0.0.0.0/0"
route_rules.~2445335067.destination_type: <computed>
route_rules.~2445335067.network_entity_id: "${oci_core_internet_gateway.CompleteIG.id}"
state: <computed>
time_created: <computed>
time_modified: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
Plan: 2 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
This plan was saved to: plan02
To perform exactly these actions, run the following command to apply:
terraform apply "plan02"
PS C:\ex02> terraform apply "plan02"
oci_core_internet_gateway.CompleteIG: Creating...
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "CompleteIG"
enabled: "" => "true"
freeform_tags.%: "" => "<computed>"
state: "" => "<computed>"
time_created: "" => "<computed>"
time_modified: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
oci_core_internet_gateway.CompleteIG: Creation complete after 3s (ID: ocid1.internetgateway.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_route_table.RouteForComplete: Creating...
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "RouteTableForComplete"
freeform_tags.%: "" => "<computed>"
route_rules.#: "" => "1"
route_rules.745720482.cidr_block: "" => "<computed>"
route_rules.745720482.destination: "" => "0.0.0.0/0"
route_rules.745720482.destination_type: "" => "<computed>"
route_rules.745720482.network_entity_id: "" => "ocid1.internetgateway.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
time_created: "" => "<computed>"
time_modified: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
oci_core_route_table.RouteForComplete: Creation complete after 0s (ID: ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
Web Console で作成された Internet Gateway と Route Tableを確認します。
##Step3 Security Listを構築する
同じディレクトリに securitylist.tfファイルを作成します。
securitylist.tf
resource "oci_core_security_list" "WebSubnet" {
compartment_id = "${var.compartment_ocid}"
display_name = "Public"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
egress_security_rules = [{
destination = "0.0.0.0/0"
protocol = "6"
}]
ingress_security_rules = [{
tcp_options {
"max" = 80
"min" = 80
}
protocol = "6"
source = "0.0.0.0/0"
},
{
protocol = "6"
source = "${var.VPC-CIDR}"
},
]
}
resource "oci_core_security_list" "PrivateSubnet" {
compartment_id = "${var.compartment_ocid}"
display_name = "Private"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
egress_security_rules = [{
protocol = "6"
destination = "${var.VPC-CIDR}"
}]
ingress_security_rules = [{
protocol = "6"
source = "${var.VPC-CIDR}"
}]
}
resource "oci_core_security_list" "BastionSubnet" {
compartment_id = "${var.compartment_ocid}"
display_name = "Bastion"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
egress_security_rules = [{
protocol = "6"
destination = "0.0.0.0/0"
}]
ingress_security_rules = [{
tcp_options {
"max" = 22
"min" = 22
}
protocol = "6"
source = "0.0.0.0/0"
},
{
protocol = "6"
source = "${var.VPC-CIDR}"
},
]
}
Seculity Listの名前「WebSubnet」を指定しています。
- VCN内からすべて許可
- 0.0.0.0/0 から http を許可
Seculity Listの名前「PrivateSubnet」を指定しています。
- VCN内からすべて許可
Seculity Listの名前「BastionSubnet」を指定しています。
- VCN内からすべて許可
- 0.0.0.0/0 から ssh を許可
以下のコマンドを実行しSecurity Listを作成します。
- terraform init
- terraform plan -out plan03
- terraform apply "plan03"
実行例
PS C:\ex02> terraform init
Initializing provider plugins...
The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.oci: version = "~> 3.8"
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
PS C:\ex02> terraform plan -out plan03
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
oci_core_virtual_network.CompleteVCN: Refreshing state... (ID: ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
data.oci_identity_availability_domains.ADs: Refreshing state...
oci_core_internet_gateway.CompleteIG: Refreshing state... (ID: ocid1.internetgateway.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_route_table.RouteForComplete: Refreshing state... (ID: ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ oci_core_security_list.BastionSubnet
id: <computed>
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "Bastion"
egress_security_rules.#: "1"
egress_security_rules.1420396200.destination: "0.0.0.0/0"
egress_security_rules.1420396200.destination_type: <computed>
egress_security_rules.1420396200.icmp_options.#: "0"
egress_security_rules.1420396200.protocol: "6"
egress_security_rules.1420396200.stateless: <computed>
egress_security_rules.1420396200.tcp_options.#: "0"
egress_security_rules.1420396200.udp_options.#: "0"
freeform_tags.%: <computed>
ingress_security_rules.#: "2"
ingress_security_rules.3057867092.icmp_options.#: "0"
ingress_security_rules.3057867092.protocol: "6"
ingress_security_rules.3057867092.source: "10.0.0.0/16"
ingress_security_rules.3057867092.source_type: <computed>
ingress_security_rules.3057867092.stateless: "false"
ingress_security_rules.3057867092.tcp_options.#: "0"
ingress_security_rules.3057867092.udp_options.#: "0"
ingress_security_rules.47193274.icmp_options.#: "0"
ingress_security_rules.47193274.protocol: "6"
ingress_security_rules.47193274.source: "0.0.0.0/0"
ingress_security_rules.47193274.source_type: <computed>
ingress_security_rules.47193274.stateless: "false"
ingress_security_rules.47193274.tcp_options.#: "1"
ingress_security_rules.47193274.tcp_options.0.max: "22"
ingress_security_rules.47193274.tcp_options.0.min: "22"
ingress_security_rules.47193274.tcp_options.0.source_port_range.#: "0"
ingress_security_rules.47193274.udp_options.#: "0"
state: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ oci_core_security_list.PrivateSubnet
id: <computed>
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "Private"
egress_security_rules.#: "1"
egress_security_rules.3950006738.destination: "10.0.0.0/16"
egress_security_rules.3950006738.destination_type: <computed>
egress_security_rules.3950006738.icmp_options.#: "0"
egress_security_rules.3950006738.protocol: "6"
egress_security_rules.3950006738.stateless: <computed>
egress_security_rules.3950006738.tcp_options.#: "0"
egress_security_rules.3950006738.udp_options.#: "0"
freeform_tags.%: <computed>
ingress_security_rules.#: "1"
ingress_security_rules.3057867092.icmp_options.#: "0"
ingress_security_rules.3057867092.protocol: "6"
ingress_security_rules.3057867092.source: "10.0.0.0/16"
ingress_security_rules.3057867092.source_type: <computed>
ingress_security_rules.3057867092.stateless: "false"
ingress_security_rules.3057867092.tcp_options.#: "0"
ingress_security_rules.3057867092.udp_options.#: "0"
state: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ oci_core_security_list.WebSubnet
id: <computed>
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "Public"
egress_security_rules.#: "1"
egress_security_rules.1420396200.destination: "0.0.0.0/0"
egress_security_rules.1420396200.destination_type: <computed>
egress_security_rules.1420396200.icmp_options.#: "0"
egress_security_rules.1420396200.protocol: "6"
egress_security_rules.1420396200.stateless: <computed>
egress_security_rules.1420396200.tcp_options.#: "0"
egress_security_rules.1420396200.udp_options.#: "0"
freeform_tags.%: <computed>
ingress_security_rules.#: "2"
ingress_security_rules.3057867092.icmp_options.#: "0"
ingress_security_rules.3057867092.protocol: "6"
ingress_security_rules.3057867092.source: "10.0.0.0/16"
ingress_security_rules.3057867092.source_type: <computed>
ingress_security_rules.3057867092.stateless: "false"
ingress_security_rules.3057867092.tcp_options.#: "0"
ingress_security_rules.3057867092.udp_options.#: "0"
ingress_security_rules.3861548008.icmp_options.#: "0"
ingress_security_rules.3861548008.protocol: "6"
ingress_security_rules.3861548008.source: "0.0.0.0/0"
ingress_security_rules.3861548008.source_type: <computed>
ingress_security_rules.3861548008.stateless: "false"
ingress_security_rules.3861548008.tcp_options.#: "1"
ingress_security_rules.3861548008.tcp_options.0.max: "80"
ingress_security_rules.3861548008.tcp_options.0.min: "80"
ingress_security_rules.3861548008.tcp_options.0.source_port_range.#: "0"
ingress_security_rules.3861548008.udp_options.#: "0"
state: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
Plan: 3 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
This plan was saved to: plan03
To perform exactly these actions, run the following command to apply:
terraform apply "plan03"
PS C:\ex01> terraform apply "plan03"
oci_core_security_list.PrivateSubnet: Creating...
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "Private"
egress_security_rules.#: "" => "1"
egress_security_rules.3950006738.destination: "" => "10.0.0.0/16"
egress_security_rules.3950006738.destination_type: "" => "<computed>"
egress_security_rules.3950006738.icmp_options.#: "" => "0"
egress_security_rules.3950006738.protocol: "" => "6"
egress_security_rules.3950006738.stateless: "" => "<computed>"
egress_security_rules.3950006738.tcp_options.#: "" => "0"
egress_security_rules.3950006738.udp_options.#: "" => "0"
freeform_tags.%: "" => "<computed>"
ingress_security_rules.#: "" => "1"
ingress_security_rules.3057867092.icmp_options.#: "" => "0"
ingress_security_rules.3057867092.protocol: "" => "6"
ingress_security_rules.3057867092.source: "" => "10.0.0.0/16"
ingress_security_rules.3057867092.source_type: "" => "<computed>"
ingress_security_rules.3057867092.stateless: "" => "false"
ingress_security_rules.3057867092.tcp_options.#: "" => "0"
ingress_security_rules.3057867092.udp_options.#: "" => "0"
state: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
oci_core_security_list.BastionSubnet: Creating...
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "Bastion"
egress_security_rules.#: "" => "1"
egress_security_rules.1420396200.destination: "" => "0.0.0.0/0"
egress_security_rules.1420396200.destination_type: "" => "<computed>"
egress_security_rules.1420396200.icmp_options.#: "" => "0"
egress_security_rules.1420396200.protocol: "" => "6"
egress_security_rules.1420396200.stateless: "" => "<computed>"
egress_security_rules.1420396200.tcp_options.#: "" => "0"
egress_security_rules.1420396200.udp_options.#: "" => "0"
freeform_tags.%: "" => "<computed>"
ingress_security_rules.#: "" => "2"
ingress_security_rules.3057867092.icmp_options.#: "" => "0"
ingress_security_rules.3057867092.protocol: "" => "6"
ingress_security_rules.3057867092.source: "" => "10.0.0.0/16"
ingress_security_rules.3057867092.source_type: "" => "<computed>"
ingress_security_rules.3057867092.stateless: "" => "false"
ingress_security_rules.3057867092.tcp_options.#: "" => "0"
ingress_security_rules.3057867092.udp_options.#: "" => "0"
ingress_security_rules.47193274.icmp_options.#: "" => "0"
ingress_security_rules.47193274.protocol: "" => "6"
ingress_security_rules.47193274.source: "" => "0.0.0.0/0"
ingress_security_rules.47193274.source_type: "" => "<computed>"
ingress_security_rules.47193274.stateless: "" => "false"
ingress_security_rules.47193274.tcp_options.#: "" => "1"
ingress_security_rules.47193274.tcp_options.0.max: "" => "22"
ingress_security_rules.47193274.tcp_options.0.min: "" => "22"
ingress_security_rules.47193274.tcp_options.0.source_port_range.#: "" => "0"
ingress_security_rules.47193274.udp_options.#: "" => "0"
state: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
oci_core_security_list.WebSubnet: Creating...
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "Public"
egress_security_rules.#: "" => "1"
egress_security_rules.1420396200.destination: "" => "0.0.0.0/0"
egress_security_rules.1420396200.destination_type: "" => "<computed>"
egress_security_rules.1420396200.icmp_options.#: "" => "0"
egress_security_rules.1420396200.protocol: "" => "6"
egress_security_rules.1420396200.stateless: "" => "<computed>"
egress_security_rules.1420396200.tcp_options.#: "" => "0"
egress_security_rules.1420396200.udp_options.#: "" => "0"
freeform_tags.%: "" => "<computed>"
ingress_security_rules.#: "" => "2"
ingress_security_rules.3057867092.icmp_options.#: "" => "0"
ingress_security_rules.3057867092.protocol: "" => "6"
ingress_security_rules.3057867092.source: "" => "10.0.0.0/16"
ingress_security_rules.3057867092.source_type: "" => "<computed>"
ingress_security_rules.3057867092.stateless: "" => "false"
ingress_security_rules.3057867092.tcp_options.#: "" => "0"
ingress_security_rules.3057867092.udp_options.#: "" => "0"
ingress_security_rules.3861548008.icmp_options.#: "" => "0"
ingress_security_rules.3861548008.protocol: "" => "6"
ingress_security_rules.3861548008.source: "" => "0.0.0.0/0"
ingress_security_rules.3861548008.source_type: "" => "<computed>"
ingress_security_rules.3861548008.stateless: "" => "false"
ingress_security_rules.3861548008.tcp_options.#: "" => "1"
ingress_security_rules.3861548008.tcp_options.0.max: "" => "80"
ingress_security_rules.3861548008.tcp_options.0.min: "" => "80"
ingress_security_rules.3861548008.tcp_options.0.source_port_range.#: "" => "0"
ingress_security_rules.3861548008.udp_options.#: "" => "0"
state: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
oci_core_security_list.PrivateSubnet: Creation complete after 2s (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_security_list.WebSubnet: Creation complete after 1s (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_security_list.BastionSubnet: Creation complete after 3s (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
Apply complete! Resources: 3 added, 0 changed, 0 destroyed.
Web Console で作成された Seculity Listを確認します。
##Step4 Subnetを構築する
同じディレクトリに subnet.tfファイルを作成します。
subnet.tf
resource "oci_core_subnet" "WebSubnetAD1" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}"
cidr_block = "10.0.1.0/24"
display_name = "WebSubnetAD1"
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
route_table_id = "${oci_core_route_table.RouteForComplete.id}"
security_list_ids = ["${oci_core_security_list.WebSubnet.id}"]
dhcp_options_id = "${oci_core_virtual_network.CompleteVCN.default_dhcp_options_id}"
}
resource "oci_core_subnet" "WebSubnetAD2" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}"
cidr_block = "10.0.2.0/24"
display_name = "WebSubnetAD2"
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
route_table_id = "${oci_core_route_table.RouteForComplete.id}"
security_list_ids = ["${oci_core_security_list.WebSubnet.id}"]
dhcp_options_id = "${oci_core_virtual_network.CompleteVCN.default_dhcp_options_id}"
}
resource "oci_core_subnet" "WebSubnetAD3" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2],"name")}"
cidr_block = "10.0.3.0/24"
display_name = "WebSubnetAD3"
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
route_table_id = "${oci_core_route_table.RouteForComplete.id}"
security_list_ids = ["${oci_core_security_list.WebSubnet.id}"]
dhcp_options_id = "${oci_core_virtual_network.CompleteVCN.default_dhcp_options_id}"
}
resource "oci_core_subnet" "PrivateSubnetAD1" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}"
cidr_block = "10.0.4.0/24"
display_name = "PrivateSubnetAD1"
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
route_table_id = "${oci_core_route_table.RouteForComplete.id}"
security_list_ids = ["${oci_core_security_list.PrivateSubnet.id}"]
dhcp_options_id = "${oci_core_virtual_network.CompleteVCN.default_dhcp_options_id}"
prohibit_public_ip_on_vnic = "true"
}
resource "oci_core_subnet" "PrivateSubnetAD2" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}"
cidr_block = "10.0.5.0/24"
display_name = "PrivateSubnetAD2"
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
route_table_id = "${oci_core_route_table.RouteForComplete.id}"
security_list_ids = ["${oci_core_security_list.PrivateSubnet.id}"]
dhcp_options_id = "${oci_core_virtual_network.CompleteVCN.default_dhcp_options_id}"
prohibit_public_ip_on_vnic = "true"
}
resource "oci_core_subnet" "PrivateSubnetAD3" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2],"name")}"
cidr_block = "10.0.6.0/24"
display_name = "PrivateSubnetAD3"
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
route_table_id = "${oci_core_route_table.RouteForComplete.id}"
security_list_ids = ["${oci_core_security_list.PrivateSubnet.id}"]
dhcp_options_id = "${oci_core_virtual_network.CompleteVCN.default_dhcp_options_id}"
prohibit_public_ip_on_vnic = "true"
}
resource "oci_core_subnet" "BastionSubnetAD1" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[0],"name")}"
cidr_block = "10.0.7.0/24"
display_name = "BastionSubnetAD1"
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
route_table_id = "${oci_core_route_table.RouteForComplete.id}"
security_list_ids = ["${oci_core_security_list.BastionSubnet.id}"]
dhcp_options_id = "${oci_core_virtual_network.CompleteVCN.default_dhcp_options_id}"
}
resource "oci_core_subnet" "BastionSubnetAD2" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[1],"name")}"
cidr_block = "10.0.8.0/24"
display_name = "BastionSubnetAD2"
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
route_table_id = "${oci_core_route_table.RouteForComplete.id}"
security_list_ids = ["${oci_core_security_list.BastionSubnet.id}"]
dhcp_options_id = "${oci_core_virtual_network.CompleteVCN.default_dhcp_options_id}"
}
resource "oci_core_subnet" "BastionSubnetAD3" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[2],"name")}"
cidr_block = "10.0.9.0/24"
display_name = "BastionSubnetAD3"
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.CompleteVCN.id}"
route_table_id = "${oci_core_route_table.RouteForComplete.id}"
security_list_ids = ["${oci_core_security_list.BastionSubnet.id}"]
dhcp_options_id = "${oci_core_virtual_network.CompleteVCN.default_dhcp_options_id}"
}
Subnetの名前と「CIDR_BLOCK」「display_name」を指定しています。
以下のコマンドを実行しSubnetを作成します。
- terraform init
- terraform plan -out plan04
- terraform apply "plan04"
実行例
PS C:\ex02> terraform init
Initializing provider plugins...
The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.oci: version = "~> 3.8"
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
PS C:\ex01> terraform plan -out plan04
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
oci_core_virtual_network.CompleteVCN: Refreshing state... (ID: ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
data.oci_identity_availability_domains.ADs: Refreshing state...
oci_core_security_list.PrivateSubnet: Refreshing state... (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_security_list.BastionSubnet: Refreshing state... (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_internet_gateway.CompleteIG: Refreshing state... (ID: ocid1.internetgateway.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_security_list.WebSubnet: Refreshing state... (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_route_table.RouteForComplete: Refreshing state... (ID: ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ oci_core_subnet.BastionSubnetAD1
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-1"
cidr_block: "10.0.7.0/24"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "BastionSubnetAD1"
freeform_tags.%: <computed>
prohibit_public_ip_on_vnic: <computed>
route_table_id: "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "1"
security_list_ids.3550324086: "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: <computed>
subnet_domain_name: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: <computed>
virtual_router_mac: <computed>
+ oci_core_subnet.BastionSubnetAD2
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-2"
cidr_block: "10.0.8.0/24"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "BastionSubnetAD2"
freeform_tags.%: <computed>
prohibit_public_ip_on_vnic: <computed>
route_table_id: "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "1"
security_list_ids.3550324086: "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: <computed>
subnet_domain_name: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: <computed>
virtual_router_mac: <computed>
+ oci_core_subnet.BastionSubnetAD3
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-3"
cidr_block: "10.0.9.0/24"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "BastionSubnetAD3"
freeform_tags.%: <computed>
prohibit_public_ip_on_vnic: <computed>
route_table_id: "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "1"
security_list_ids.3550324086: "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: <computed>
subnet_domain_name: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: <computed>
virtual_router_mac: <computed>
+ oci_core_subnet.PrivateSubnetAD1
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-1"
cidr_block: "10.0.4.0/24"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "PrivateSubnetAD1"
freeform_tags.%: <computed>
prohibit_public_ip_on_vnic: "true"
route_table_id: "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "1"
security_list_ids.617853071: "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: <computed>
subnet_domain_name: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: <computed>
virtual_router_mac: <computed>
+ oci_core_subnet.PrivateSubnetAD2
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-2"
cidr_block: "10.0.5.0/24"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "PrivateSubnetAD2"
freeform_tags.%: <computed>
prohibit_public_ip_on_vnic: "true"
route_table_id: "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "1"
security_list_ids.617853071: "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: <computed>
subnet_domain_name: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: <computed>
virtual_router_mac: <computed>
+ oci_core_subnet.PrivateSubnetAD3
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-3"
cidr_block: "10.0.6.0/24"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "PrivateSubnetAD3"
freeform_tags.%: <computed>
prohibit_public_ip_on_vnic: "true"
route_table_id: "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "1"
security_list_ids.617853071: "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: <computed>
subnet_domain_name: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: <computed>
virtual_router_mac: <computed>
+ oci_core_subnet.WebSubnetAD1
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-1"
cidr_block: "10.0.1.0/24"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "WebSubnetAD1"
freeform_tags.%: <computed>
prohibit_public_ip_on_vnic: <computed>
route_table_id: "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "1"
security_list_ids.1316391714: "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: <computed>
subnet_domain_name: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: <computed>
virtual_router_mac: <computed>
+ oci_core_subnet.WebSubnetAD2
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-2"
cidr_block: "10.0.2.0/24"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "WebSubnetAD2"
freeform_tags.%: <computed>
prohibit_public_ip_on_vnic: <computed>
route_table_id: "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "1"
security_list_ids.1316391714: "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: <computed>
subnet_domain_name: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: <computed>
virtual_router_mac: <computed>
+ oci_core_subnet.WebSubnetAD3
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-3"
cidr_block: "10.0.3.0/24"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "WebSubnetAD3"
freeform_tags.%: <computed>
prohibit_public_ip_on_vnic: <computed>
route_table_id: "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "1"
security_list_ids.1316391714: "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: <computed>
subnet_domain_name: <computed>
time_created: <computed>
vcn_id: "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: <computed>
virtual_router_mac: <computed>
Plan: 9 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
This plan was saved to: plan04
To perform exactly these actions, run the following command to apply:
terraform apply "plan04"
PS C:\ex01> terraform apply "plan04"
oci_core_subnet.WebSubnetAD3: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-3"
cidr_block: "" => "10.0.3.0/24"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "" => "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "WebSubnetAD3"
freeform_tags.%: "" => "<computed>"
prohibit_public_ip_on_vnic: "" => "<computed>"
route_table_id: "" => "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "" => "1"
security_list_ids.1316391714: "" => "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
subnet_domain_name: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: "" => "<computed>"
virtual_router_mac: "" => "<computed>"
oci_core_subnet.WebSubnetAD2: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-2"
cidr_block: "" => "10.0.2.0/24"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "" => "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "WebSubnetAD2"
freeform_tags.%: "" => "<computed>"
prohibit_public_ip_on_vnic: "" => "<computed>"
route_table_id: "" => "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "" => "1"
security_list_ids.1316391714: "" => "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
subnet_domain_name: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: "" => "<computed>"
virtual_router_mac: "" => "<computed>"
oci_core_subnet.WebSubnetAD1: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-1"
cidr_block: "" => "10.0.1.0/24"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "" => "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "WebSubnetAD1"
freeform_tags.%: "" => "<computed>"
prohibit_public_ip_on_vnic: "" => "<computed>"
route_table_id: "" => "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "" => "1"
security_list_ids.1316391714: "" => "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
subnet_domain_name: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: "" => "<computed>"
virtual_router_mac: "" => "<computed>"
oci_core_subnet.PrivateSubnetAD1: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-1"
cidr_block: "" => "10.0.4.0/24"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "" => "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "PrivateSubnetAD1"
freeform_tags.%: "" => "<computed>"
prohibit_public_ip_on_vnic: "" => "true"
route_table_id: "" => "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "" => "1"
security_list_ids.617853071: "" => "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
subnet_domain_name: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: "" => "<computed>"
virtual_router_mac: "" => "<computed>"
oci_core_subnet.PrivateSubnetAD2: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-2"
cidr_block: "" => "10.0.5.0/24"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "" => "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "PrivateSubnetAD2"
freeform_tags.%: "" => "<computed>"
prohibit_public_ip_on_vnic: "" => "true"
route_table_id: "" => "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "" => "1"
security_list_ids.617853071: "" => "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
subnet_domain_name: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: "" => "<computed>"
virtual_router_mac: "" => "<computed>"
oci_core_subnet.PrivateSubnetAD3: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-3"
cidr_block: "" => "10.0.6.0/24"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "" => "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "PrivateSubnetAD3"
freeform_tags.%: "" => "<computed>"
prohibit_public_ip_on_vnic: "" => "true"
route_table_id: "" => "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "" => "1"
security_list_ids.617853071: "" => "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
subnet_domain_name: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: "" => "<computed>"
virtual_router_mac: "" => "<computed>"
oci_core_subnet.BastionSubnetAD1: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-1"
cidr_block: "" => "10.0.7.0/24"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "" => "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "BastionSubnetAD1"
freeform_tags.%: "" => "<computed>"
prohibit_public_ip_on_vnic: "" => "<computed>"
route_table_id: "" => "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "" => "1"
security_list_ids.3550324086: "" => "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
subnet_domain_name: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: "" => "<computed>"
virtual_router_mac: "" => "<computed>"
oci_core_subnet.BastionSubnetAD2: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-2"
cidr_block: "" => "10.0.8.0/24"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "" => "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "BastionSubnetAD2"
freeform_tags.%: "" => "<computed>"
prohibit_public_ip_on_vnic: "" => "<computed>"
route_table_id: "" => "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "" => "1"
security_list_ids.3550324086: "" => "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
subnet_domain_name: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: "" => "<computed>"
virtual_router_mac: "" => "<computed>"
oci_core_subnet.BastionSubnetAD3: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-3"
cidr_block: "" => "10.0.9.0/24"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "" => "ocid1.dhcpoptions.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "BastionSubnetAD3"
freeform_tags.%: "" => "<computed>"
prohibit_public_ip_on_vnic: "" => "<computed>"
route_table_id: "" => "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "" => "1"
security_list_ids.3550324086: "" => "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
subnet_domain_name: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: "" => "<computed>"
virtual_router_mac: "" => "<computed>"
oci_core_subnet.PrivateSubnetAD3: Creation complete after 2s (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.BastionSubnetAD1: Creation complete after 2s (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.WebSubnetAD2: Creation complete after 3s (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.WebSubnetAD1: Creation complete after 3s (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.PrivateSubnetAD1: Creation complete after 4s (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.BastionSubnetAD3: Creation complete after 4s (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.BastionSubnetAD2: Creation complete after 5s (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.PrivateSubnetAD2: Creation complete after 5s (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.WebSubnetAD3: Creation complete after 7s (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
Apply complete! Resources: 9 added, 0 changed, 0 destroyed.
Web Console で作成された Subnetを確認します。
##作成した環境を削除する
以下のコマンドで削除します。
- terraform destroy
実行例
PS C:\ex01> terraform destroy
oci_core_virtual_network.CompleteVCN: Refreshing state... (ID: ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
data.oci_identity_availability_domains.ADs: Refreshing state...
oci_core_internet_gateway.CompleteIG: Refreshing state... (ID: ocid1.internetgateway.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_security_list.BastionSubnet: Refreshing state... (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_security_list.PrivateSubnet: Refreshing state... (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_security_list.WebSubnet: Refreshing state... (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_route_table.RouteForComplete: Refreshing state... (ID: ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.BastionSubnetAD1: Refreshing state... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.PrivateSubnetAD2: Refreshing state... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.BastionSubnetAD2: Refreshing state... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.PrivateSubnetAD3: Refreshing state... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.PrivateSubnetAD1: Refreshing state... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.WebSubnetAD3: Refreshing state... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.WebSubnetAD2: Refreshing state... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.WebSubnetAD1: Refreshing state... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.BastionSubnetAD3: Refreshing state... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
- oci_core_internet_gateway.CompleteIG
- oci_core_route_table.RouteForComplete
- oci_core_security_list.BastionSubnet
- oci_core_security_list.PrivateSubnet
- oci_core_security_list.WebSubnet
- oci_core_subnet.BastionSubnetAD1
- oci_core_subnet.BastionSubnetAD2
- oci_core_subnet.BastionSubnetAD3
- oci_core_subnet.PrivateSubnetAD1
- oci_core_subnet.PrivateSubnetAD2
- oci_core_subnet.PrivateSubnetAD3
- oci_core_subnet.WebSubnetAD1
- oci_core_subnet.WebSubnetAD2
- oci_core_subnet.WebSubnetAD3
- oci_core_virtual_network.CompleteVCN
Plan: 0 to add, 0 to change, 15 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
oci_core_subnet.WebSubnetAD3: Destroying... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.WebSubnetAD1: Destroying... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.BastionSubnetAD1: Destroying... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.BastionSubnetAD3: Destroying... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.WebSubnetAD2: Destroying... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.PrivateSubnetAD3: Destroying... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.BastionSubnetAD2: Destroying... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.PrivateSubnetAD1: Destroying... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.PrivateSubnetAD2: Destroying... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.BastionSubnetAD1: Destruction complete after 1s
oci_core_subnet.WebSubnetAD1: Destruction complete after 2s
oci_core_subnet.PrivateSubnetAD2: Destruction complete after 3s
oci_core_subnet.BastionSubnetAD2: Destruction complete after 3s
oci_core_subnet.WebSubnetAD3: Destruction complete after 4s
oci_core_subnet.BastionSubnetAD3: Destruction complete after 5s
oci_core_security_list.BastionSubnet: Destroying... (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.PrivateSubnetAD1: Destruction complete after 6s
oci_core_subnet.PrivateSubnetAD3: Destruction complete after 6s
oci_core_subnet.WebSubnetAD2: Destruction complete after 6s
oci_core_security_list.PrivateSubnet: Destroying... (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_route_table.RouteForComplete: Destroying... (ID: ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_security_list.WebSubnet: Destroying... (ID: ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_security_list.BastionSubnet: Destruction complete after 2s
oci_core_security_list.WebSubnet: Destruction complete after 1s
oci_core_route_table.RouteForComplete: Destruction complete after 1s
oci_core_internet_gateway.CompleteIG: Destroying... (ID: ocid1.internetgateway.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_security_list.PrivateSubnet: Destruction complete after 1s
oci_core_internet_gateway.CompleteIG: Destruction complete after 1s
oci_core_virtual_network.CompleteVCN: Destroying... (ID: ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_virtual_network.CompleteVCN: Destruction complete after 2s
Destroy complete! Resources: 15 destroyed.
PS C:\ex01>
インスタンスを構築する
VNC,Internet GatewayとRoute Table,Subnet,VMインスタンスを構築し以下のような環境を作成します。
新規ディレクトリを作成(例:C:\ex03)し、以下6つのファイルを配置します。
env-vars.ps1
### Substitute USERNAME-Lab to correct the path if not using Lab
### Substitute the OCIDs, fingerprints and keys with the correct ones for your environment
### Authentication details
$env:TF_VAR_tenancy_ocid="<Your Tenancy OCID>"
$env:TF_VAR_user_ocid="<Your User OCID>"
$env:TF_VAR_fingerprint="<Your User Fingerprint>"
$env:TF_VAR_private_key_path="<Private Key File Path>"
### Compartment
$env:TF_VAR_compartment_ocid="<Your Compartment OCID>"
### Public/private keys used on the instances
$env:TF_VAR_ssh_public_key = Get-Content <ssh public key file path> -Raw
$env:TF_VAR_ssh_private_key = Get-Content <ssh private key file path> -Raw
### Region
$env:TF_VAR_region="<Your Region>"
### Check variables are set in PowerShell wth "dir env:"
#
#
ファイル内の以下の箇所をご自身の環境に合わせて編集します。
- < Your Tenancy OCID > :Tenancy OCID
- < Your User OCID > : ユーザ OCID
- < Your User Fingerprint > : ユーザ Fingerprint
- < Private Key File Path > : Private Keyファイルパス(例:C:\key\private.pem)
- < Your Compartment OCID > : コンパートメント OCID
- < ssh public key file path > : ssh 用公開鍵ファイルパス (例:C:\key\id_rsa.pub)
- < ssh private key file path > : ssh 用秘密鍵ファイルパス (例:C:\key\id_rsa)
- < Your Region > :リージョン名 (例:us-ashburn-1)
provider.tf
provider "oci" {
tenancy_ocid = "${var.tenancy_ocid}"
user_ocid = "${var.user_ocid}"
fingerprint = "${var.fingerprint}"
private_key_path = "${var.private_key_path}"
region = "${var.region}"
}
variables.tf
variable "tenancy_ocid" {}
variable "user_ocid" {}
variable "fingerprint" {}
variable "private_key_path" {}
variable "region" {}
variable "compartment_ocid" {}
variable "ssh_public_key" {}
# Choose an Availability Domain
variable "availability_domain" {
default = "2"
}
variable "instance_shape" {
default = "VM.Standard2.1"
}
variable "ImageOS" {
default = "Oracle Linux"
}
variable "ImageOSVersion" {
default = "7.5"
}
- Availability Domain 2 にインスタンス作成します。
- VMシェイプは VM.Standard2.1 を使用します。
- Oracle Linux 7.5 のイメージを使用します。
datasources.tf
# Gets a list of Availability Domains
data "oci_identity_availability_domains" "ADs" {
compartment_id = "${var.tenancy_ocid}"
}
# Gets a list of all Oracle Linux 7.5 images that support a given Instance shape
data "oci_core_images" "TFSupportedShapeImages" {
compartment_id = "${var.tenancy_ocid}"
shape = "${var.instance_shape}"
operating_system = "${var.ImageOS}"
operating_system_version = "${var.ImageOSVersion}"
}
network.tf
resource "oci_core_virtual_network" "ExampleVCN" {
cidr_block = "10.1.0.0/16"
compartment_id = "${var.compartment_ocid}"
display_name = "TFExampleVCN"
dns_label = "tfexamplevcn"
}
resource "oci_core_subnet" "ExampleSubnet" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.availability_domain - 1],"name")}"
cidr_block = "10.1.20.0/24"
display_name = "TFExampleSubnet"
dns_label = "tfexamplesubnet"
security_list_ids = ["${oci_core_virtual_network.ExampleVCN.default_security_list_id}"]
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.ExampleVCN.id}"
route_table_id = "${oci_core_route_table.ExampleRT.id}"
dhcp_options_id = "${oci_core_virtual_network.ExampleVCN.default_dhcp_options_id}"
}
resource "oci_core_internet_gateway" "ExampleIG" {
compartment_id = "${var.compartment_ocid}"
display_name = "TFExampleIG"
vcn_id = "${oci_core_virtual_network.ExampleVCN.id}"
}
resource "oci_core_route_table" "ExampleRT" {
compartment_id = "${var.compartment_ocid}"
vcn_id = "${oci_core_virtual_network.ExampleVCN.id}"
display_name = "TFExampleRouteTable"
route_rules {
destination = "0.0.0.0/0"
destination_type = "CIDR_BLOCK"
network_entity_id = "${oci_core_internet_gateway.ExampleIG.id}"
}
}
compute.tf
resource "oci_core_instance" "TFInstance" {
availability_domain = "${lookup(data.oci_identity_availability_domains.ADs.availability_domains[var.availability_domain - 1],"name")}"
compartment_id = "${var.compartment_ocid}"
display_name = "TFInstance"
shape = "${var.instance_shape}"
create_vnic_details {
subnet_id = "${oci_core_subnet.ExampleSubnet.id}"
display_name = "primaryvnic"
assign_public_ip = true
hostname_label = "tfexampleinstance"
}
source_details {
source_type = "image"
source_id = "${lookup(data.oci_core_images.TFSupportedShapeImages.images[0], "id")}"
}
metadata {
ssh_authorized_keys = "${var.ssh_public_key}"
}
timeouts {
create = "60m"
}
}
##環境構築する
以下のコマンドを実行し、環境を作成します。
- terraform init
- terraform plan -out plan01
- terraform apply "plan01"
実行例
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
PS C:\ex03> . .\env-vars.ps1
PS C:\ex03> terraform init
Initializing provider plugins...
The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.oci: version = "~> 3.8"
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
PS C:\ex03> terraform plan -out plan01
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
data.oci_identity_availability_domains.ADs: Refreshing state...
data.oci_core_images.TFSupportedShapeImages: Refreshing state...
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ oci_core_instance.TFInstance
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-2"
boot_volume_id: <computed>
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
create_vnic_details.#: "1"
create_vnic_details.0.assign_public_ip: "true"
create_vnic_details.0.display_name: "primaryvnic"
create_vnic_details.0.freeform_tags.%: <computed>
create_vnic_details.0.hostname_label: "tfexampleinstance"
create_vnic_details.0.private_ip: <computed>
create_vnic_details.0.skip_source_dest_check: <computed>
create_vnic_details.0.subnet_id: "${oci_core_subnet.ExampleSubnet.id}"
display_name: "TFInstance"
fault_domain: <computed>
freeform_tags.%: <computed>
image: <computed>
ipxe_script: <computed>
launch_mode: <computed>
launch_options.#: <computed>
metadata.%: "1"
metadata.ssh_authorized_keys: "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA+/WnQBuzxsiOWxzoPrNeAESsROSRhpVuwgefqC0ejgRHYJXZqlx/Y//SUOyNfM8SooOKNaIQ+TVHc0Ct5p+o7+/3SDnBTqYy/jNjsNvkbPP3awqPClOJ7gL82O/o3Ced1ZyOKKEy11JoesUTKvjk6lY8+aGtbsn4hgAIkGdDIFom2fDyW4A9a3ysijXdk5PGd6UDbe/1UvChQkfmdye9kL6mfVlTqdgv+oTnjHA2ZFhHJOAtobmV2vaRWjWEf7eWRNEPsdVG7abzoExRe+JM1nhTiwCqyGu57HIBXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==\n"
private_ip: <computed>
public_ip: <computed>
region: <computed>
shape: "VM.Standard2.1"
source_details.#: "1"
source_details.0.boot_volume_size_in_gbs: <computed>
source_details.0.kms_key_id: <computed>
source_details.0.source_id: "ocid1.image.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
source_details.0.source_type: "image"
state: <computed>
subnet_id: <computed>
time_created: <computed>
time_maintenance_reboot_due: <computed>
+ oci_core_internet_gateway.ExampleIG
id: <computed>
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "TFExampleIG"
enabled: "true"
freeform_tags.%: <computed>
state: <computed>
time_created: <computed>
time_modified: <computed>
vcn_id: "${oci_core_virtual_network.ExampleVCN.id}"
+ oci_core_route_table.ExampleRT
id: <computed>
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "TFExampleRouteTable"
freeform_tags.%: <computed>
route_rules.#: "1"
route_rules.~2204571947.cidr_block: <computed>
route_rules.~2204571947.destination: "0.0.0.0/0"
route_rules.~2204571947.destination_type: "CIDR_BLOCK"
route_rules.~2204571947.network_entity_id: "${oci_core_internet_gateway.ExampleIG.id}"
state: <computed>
time_created: <computed>
time_modified: <computed>
vcn_id: "${oci_core_virtual_network.ExampleVCN.id}"
+ oci_core_subnet.ExampleSubnet
id: <computed>
availability_domain: "hMKA:US-ASHBURN-AD-2"
cidr_block: "10.1.20.0/24"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "${oci_core_virtual_network.ExampleVCN.default_dhcp_options_id}"
display_name: "TFExampleSubnet"
dns_label: "tfexamplesubnet"
freeform_tags.%: <computed>
prohibit_public_ip_on_vnic: <computed>
route_table_id: "${oci_core_route_table.ExampleRT.id}"
security_list_ids.#: <computed>
state: <computed>
subnet_domain_name: <computed>
time_created: <computed>
vcn_id: "${oci_core_virtual_network.ExampleVCN.id}"
virtual_router_ip: <computed>
virtual_router_mac: <computed>
+ oci_core_virtual_network.ExampleVCN
id: <computed>
cidr_block: "10.1.0.0/16"
compartment_id: "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
default_dhcp_options_id: <computed>
default_route_table_id: <computed>
default_security_list_id: <computed>
display_name: "TFExampleVCN"
dns_label: "tfexamplevcn"
freeform_tags.%: <computed>
state: <computed>
time_created: <computed>
vcn_domain_name: <computed>
Plan: 5 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
This plan was saved to: plan01
To perform exactly these actions, run the following command to apply:
terraform apply "plan01"
PS C:\ex03> terraform apply "plan01"
oci_core_virtual_network.ExampleVCN: Creating...
cidr_block: "" => "10.1.0.0/16"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
default_dhcp_options_id: "" => "<computed>"
default_route_table_id: "" => "<computed>"
default_security_list_id: "" => "<computed>"
display_name: "" => "TFExampleVCN"
dns_label: "" => "tfexamplevcn"
freeform_tags.%: "" => "<computed>"
state: "" => "<computed>"
time_created: "" => "<computed>"
vcn_domain_name: "" => "<computed>"
oci_core_virtual_network.ExampleVCN: Creation complete after 2s (ID: ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_internet_gateway.ExampleIG: Creating...
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "TFExampleIG"
enabled: "" => "true"
freeform_tags.%: "" => "<computed>"
state: "" => "<computed>"
time_created: "" => "<computed>"
time_modified: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
oci_core_internet_gateway.ExampleIG: Creation complete after 1s (ID: ocid1.internetgateway.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_route_table.ExampleRT: Creating...
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "TFExampleRouteTable"
freeform_tags.%: "" => "<computed>"
route_rules.#: "" => "1"
route_rules.1029273391.cidr_block: "" => "<computed>"
route_rules.1029273391.destination: "" => "0.0.0.0/0"
route_rules.1029273391.destination_type: "" => "CIDR_BLOCK"
route_rules.1029273391.network_entity_id: "" => "ocid1.internetgateway.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
time_created: "" => "<computed>"
time_modified: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
oci_core_route_table.ExampleRT: Creation complete after 0s (ID: ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.ExampleSubnet: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-2"
cidr_block: "" => "10.1.20.0/24"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
dhcp_options_id: "" => "ocid1.dhcpoptions.oc1.iad.aaaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "TFExampleSubnet"
dns_label: "" => "tfexamplesubnet"
freeform_tags.%: "" => "<computed>"
prohibit_public_ip_on_vnic: "" => "<computed>"
route_table_id: "" => "ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
security_list_ids.#: "" => "1"
security_list_ids.1794921792: "" => "ocid1.securitylist.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
state: "" => "<computed>"
subnet_domain_name: "" => "<computed>"
time_created: "" => "<computed>"
vcn_id: "" => "ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
virtual_router_ip: "" => "<computed>"
virtual_router_mac: "" => "<computed>"
oci_core_subnet.ExampleSubnet: Creation complete after 1s (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_instance.TFInstance: Creating...
availability_domain: "" => "hMKA:US-ASHBURN-AD-2"
boot_volume_id: "" => "<computed>"
compartment_id: "" => "ocid1.compartment.oc1..aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
create_vnic_details.#: "" => "1"
create_vnic_details.0.assign_public_ip: "" => "true"
create_vnic_details.0.display_name: "" => "primaryvnic"
create_vnic_details.0.freeform_tags.%: "" => "<computed>"
create_vnic_details.0.hostname_label: "" => "tfexampleinstance"
create_vnic_details.0.private_ip: "" => "<computed>"
create_vnic_details.0.skip_source_dest_check: "" => "<computed>"
create_vnic_details.0.subnet_id: "" => "ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
display_name: "" => "TFInstance"
fault_domain: "" => "<computed>"
freeform_tags.%: "" => "<computed>"
image: "" => "<computed>"
ipxe_script: "" => "<computed>"
launch_mode: "" => "<computed>"
launch_options.#: "" => "<computed>"
metadata.%: "" => "1"
metadata.ssh_authorized_keys: "" => "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA+/WnQBuzxsiOWxzoPrNeAESsROSRhpVuwgefqC0ejgRHYJXZqlx/Y//SUOyNfM8SooOKNaIQ+TVHc0Ct5p+o7+/3SDnBTqYy/jNjsNvkbPP3awqPClOJ7gL82O/o3Ced1ZyOKKEy11JoesUTKvjk6lY8+aGtbsn4hgAIkGdDIFom2fDyW4A9a3ysijXdk5PGd6UDbe/1UvChQkfmdye9kL6mfVlTqdgv+oTnjHA2ZFhHJOAtobmV2vaRWjWEf7eWRNEPsdVG7abzoExRe+JM1nhTiwCqyGu57HIBXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\n"
private_ip: "" => "<computed>"
public_ip: "" => "<computed>"
region: "" => "<computed>"
shape: "" => "VM.Standard2.1"
source_details.#: "" => "1"
source_details.0.boot_volume_size_in_gbs: "" => "<computed>"
source_details.0.kms_key_id: "" => "<computed>"
source_details.0.source_id: "" => "ocid1.image.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
source_details.0.source_type: "" => "image"
state: "" => "<computed>"
subnet_id: "" => "<computed>"
time_created: "" => "<computed>"
time_maintenance_reboot_due: "" => "<computed>"
oci_core_instance.TFInstance: Still creating... (10s elapsed)
oci_core_instance.TFInstance: Still creating... (20s elapsed)
oci_core_instance.TFInstance: Still creating... (30s elapsed)
oci_core_instance.TFInstance: Still creating... (40s elapsed)
oci_core_instance.TFInstance: Still creating... (50s elapsed)
oci_core_instance.TFInstance: Still creating... (1m0s elapsed)
oci_core_instance.TFInstance: Still creating... (1m10s elapsed)
oci_core_instance.TFInstance: Still creating... (1m20s elapsed)
oci_core_instance.TFInstance: Still creating... (1m30s elapsed)
oci_core_instance.TFInstance: Still creating... (1m40s elapsed)
oci_core_instance.TFInstance: Still creating... (1m50s elapsed)
oci_core_instance.TFInstance: Still creating... (2m0s elapsed)
oci_core_instance.TFInstance: Still creating... (2m10s elapsed)
oci_core_instance.TFInstance: Creation complete after 2m10s (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
Apply complete! Resources: 5 added, 0 changed, 0 destroyed.
Web Console で作成された インスタンスを確認します。
##作成した環境を削除する
以下のコマンドで削除します。
- terraform destroy
実行例
PS C:\ex03> terraform destroy
oci_core_virtual_network.ExampleVCN: Refreshing state... (ID: ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
data.oci_identity_availability_domains.ADs: Refreshing state...
data.oci_core_images.TFSupportedShapeImages: Refreshing state...
oci_core_internet_gateway.ExampleIG: Refreshing state... (ID: ocid1.internetgateway.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_route_table.ExampleRT: Refreshing state... (ID: ocid1.routetable.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.ExampleSubnet: Refreshing state... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_instance.TFInstance: Refreshing state... (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
- oci_core_instance.TFInstance
- oci_core_internet_gateway.ExampleIG
- oci_core_route_table.ExampleRT
- oci_core_subnet.ExampleSubnet
- oci_core_virtual_network.ExampleVCN
Plan: 0 to add, 0 to change, 5 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
oci_core_instance.TFInstance: Destroying... (ID: ocid1.instance.oc1.iad.aXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_instance.TFInstance: Still destroying... (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, 10s elapsed)
oci_core_instance.TFInstance: Still destroying... (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, 20s elapsed)
oci_core_instance.TFInstance: Still destroying... (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, 30s elapsed)
oci_core_instance.TFInstance: Still destroying... (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, 40s elapsed)
oci_core_instance.TFInstance: Still destroying... (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, 50s elapsed)
oci_core_instance.TFInstance: Still destroying... (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, 1m0s elapsed)
oci_core_instance.TFInstance: Still destroying... (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, 1m10s elapsed)
oci_core_instance.TFInstance: Still destroying... (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, 1m20s elapsed)
oci_core_instance.TFInstance: Still destroying... (ID: ocid1.instance.oc1.iad.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, 1m30s elapsed)
oci_core_instance.TFInstance: Destruction complete after 1m34s
oci_core_subnet.ExampleSubnet: Destroying... (ID: ocid1.subnet.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_subnet.ExampleSubnet: Destruction complete after 1s
oci_core_route_table.ExampleRT: Destroying... (ID: ocid1.routetable.oc1.iad.aaaaaaaanXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_route_table.ExampleRT: Destruction complete after 1s
oci_core_internet_gateway.ExampleIG: Destroying... (ID: ocid1.internetgateway.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_internet_gateway.ExampleIG: Destruction complete after 1s
oci_core_virtual_network.ExampleVCN: Destroying... (ID: ocid1.vcn.oc1.iad.aaaaaaaaXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
oci_core_virtual_network.ExampleVCN: Destruction complete after 2s
Destroy complete! Resources: 5 destroyed.
今回は、Terraformを使ってVCN構成、簡単なインスタンス作成の方法を紹介しました。