Last active
March 8, 2020 01:53
-
-
Save kral2/737b0617c1f1dfa12ab606918ef1c698 to your computer and use it in GitHub Desktop.
Generate RSA key pair in pem format, then add it as OCI API key to specified user using Terraform
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
Last update : March, 2020 | |
Author: cetin.ardal | |
Description: Add OCI API key to specified user. | |
*/ | |
# OCI Home Region | |
provider "oci" { | |
tenancy_ocid = var.tenancy_ocid | |
user_ocid = var.user_ocid | |
fingerprint = var.fingerprint | |
private_key_path = var.private_key_path | |
region = var.region | |
} | |
variable "tenancy_ocid" {} | |
variable "user_ocid" {} | |
variable "fingerprint" {} | |
variable "private_key_path" {} | |
variable "compartment_ocid" {} | |
variable "region" {} | |
variable "target_user" { | |
default = { | |
ocid = "<target_user_ocid>" | |
api_key = "/path/to/public-key.pem" | |
} | |
} | |
data "oci_identity_user" "target_user" { | |
user_id = var.target_user.ocid | |
} | |
resource "oci_identity_api_key" "target_user" { | |
key_value = file(var.target_user.api_key) | |
user_id = var.target_user.ocid | |
} | |
output "target_user" { | |
value = { | |
user = data.oci_identity_user.target_user.name | |
ocid = oci_identity_api_key.target_user.user_id | |
key_fingerprint = oci_identity_api_key.target_user.fingerprint | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# Last update : March, 2020 | |
# Author: cetin.ardal | |
# Description: Generate RSA key pair in pem format. | |
KEY_NAME=my_rsa_key | |
openssl genrsa -out $KEY_NAME.pem 2048 | |
chmod go-rwx $KEY_NAME.pem | |
openssl rsa -pubout -in $KEY_NAME.pem -out ${KEY_NAME}_public.pem |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
Last update : May, 2018 | |
Author: cetin.ardal | |
Description: Assign value to Terraform variables. | |
Any variable for which you define a value needs to exist in the terraform configuration (ideally declared inside *variables.tf) | |
*/ | |
/*---------------------------------------------------------------------------- | |
HOW TO USE THIS FILE | |
1. Edit variables values below to fit your environment | |
2. rename this file to "terraform.tfvars" (remove the .SAMPLE extension) | |
3. keep this file in the same folder as your terraform *.tf files | |
4. Add the renamed tfvars file to your .gitignore. Your team don't want you to share it and ruin their local repo. | |
5. Keep your RSA private key outside of your terraform work folder! | |
----------------------------------------------------------------------------*/ | |
# Oracle Cloud Infrastructure (OCI) connection information | |
/* REFERENCE BLOCK | |
# Don't forget to update this section. Your future you will thank you. | |
Tenant name : <tenancy> | |
User name : <user> | |
Compartment : root/<compartment> | |
*/ | |
# See online documentation for information about how to populate the variables below | |
# https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm | |
tenancy_ocid = "<my_tenant_ocid>" | |
user_ocid = "<my_user_ocid>" | |
fingerprint = "<my_api_key_fingerprint>" | |
private_key_path = "../path/to/private_key.pem" | |
compartment_ocid = "<my_compartment_ocid>" | |
region = "<my_region>" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment