/oci-free-tier

Primary LanguageHCLMIT LicenseMIT

OCI free tier A1 compute

OCI offers a free forever (?) account where there is a number of A1 cpus available for use This repo contains sample terraform code to spin up the largest one available in the free tier (4 ocpu, 24GB of memory). It will generate a compartment for all the resources, a vcn, a private and public subnet and sample security lists for each. It will also provide a public ip where you can use to ssh to the machine. As is, it will try to use the latest available Canonical ubuntu image.

Prerequisites

  • an OCI account
  • a set of public/private key for ssh (use ssh-keygen for this)

policies and compartments

Consider adding restrictions to a compartment and apply policies to a group with a user so that a CI/CD can only access that compartment resources. This way governance is kept outside of any automation and can be manipulated via the oracle cloud web UI.

Have a look (here)[https://docs.oracle.com/en-us/iaas/developer-tutorials/tutorials/tf-compartment/01-summary.htm]

known issues

  • vcn module version above 3.3.0 fails

terraform-docs (generated using github action)

Requirements

No requirements.

Providers

Name Version
oci n/a

Modules

Name Source Version
vcn oracle-terraform-modules/vcn/oci 3.3.0

Resources

Name Type
oci_core_instance.a1 resource
oci_core_security_list.private-security-list resource
oci_core_security_list.public-security-list resource
oci_core_subnet.vcn-private-subnet resource
oci_core_subnet.vcn-public-subnet resource
oci_identity_compartment.tf-compartment resource
oci_core_images.os data source
oci_identity_availability_domains.ads data source

Inputs

Name Description Type Default Required
compartment_name Provide the name of the compartment to be created. All resources will then be created within this compartment string n/a yes
compartment_ocid Create a compartment for terraform generated resources any null no
fingerprint Your OCI private key fingerprint string n/a yes
operating_system The Operating System of the platform image to use. Valid values are "Canonical Ubuntu", "Oracle Linux", or "Oracle Linux Cloud Developer". string "Canonical Ubuntu" no
private_key_path Your OCI key path string n/a yes
region The region of your OCI account string n/a yes
ssh_authorized_keys SSH authorised keys to add in authorised keys in the VM. Normally just a .pub is sufficient. any n/a yes
ssh_private_key_path The filename to your private key matching a key in authorised keys. Is used by any remote exec provisioner. any n/a yes
tenancy_ocid Your OCI tenant ocid. string n/a yes
user_ocid Your OCI user ocid. string n/a yes

Outputs

Name Description
id-for-for-route-table-that-includes-the-nat-gateway OCID of the nat-route table - This route table has a nat gateway to be used for private subnets. This route table also has a service gateway.
id-for-route-table-that-includes-the-internet-gateway OCID of the internet-route table. This route table has an internet gateway to be used for public subnets
instance-OCPUs n/a
instance-memory-in-GBs n/a
instance-name The display name (and hostname) of the compute instance
instance-shape n/a
instance-state n/a
name-of-first-availability-domain The "name" of the availability domain to be used for the compute instance.
nat-gateway-id OCID for NAT gateway
os_image_used n/a
private-security-list-OCID n/a
private-security-list-name Outputs for private security list
private-subnet-OCID n/a
private-subnet-name Outputs for private subnet
public-ip-for-arm-ubuntu The public ip of the compute instance
public-security-list-OCID n/a
public-security-list-name Outputs for public security list
public-subnet-OCID n/a
public-subnet-name Outputs for public subnet
time-created n/a
vcn_id OCID of the VCN that is created