Prepare the Terraform Template Files

Before deploying the VM-Series firewall, you must download and prepare the Terraform template files for your OCI environment.
  1. Download the template files from GitHub.
  2. Generate a key pair (public and private keys) in the PEM format. See the Oracle Cloud documentation for more information about the required keys.
  3. Create an API Key.
    1. Log in to the OCI web interface.
    2. Open the User menu and select
      User Settings
      Add Public Key
      .
    3. Paste the public key you created in the previous step into the Public Key field.
    4. Click
      Add
      .
  4. Modify the terraform.tfvars file for your OCI environment to allow the template to access and deploy the specified resources. The terraform.tfvars file consists of the following components:
    • tenancy_ocid—the identifier of your Oracle Cloud tenant. You can locate the tenancy OCID by selecting
      User
      Tenancy
      .
    • compartment_ocid—the identifier of your OCI compartment. You can locate the compartment OCID by selecting
      Identity
      Compartments
      .
    • user_ocid—the identifier of the user account you will be using with the Terraform template. You can locate the user OCI by selecting
      User
      User Settings
      .
    • fingerprint—The fingerprint of the public key added in the user API Keys section of the OCI console. You can locate the fingerprint in the OCI web interface by selecting
      User
      User Settings
      API Keys
      .
    • private_key_path—Each OCI user requires a keypair to access OCI and deploy resources. The private key is located on your computer and you need to provide the path to that key in the terraform.tfvars file.
    • region—The region where you are deploying the VM-Series firewall.
    oci_terraform_vars_file.png
  5. If your private key requires a password, you must add the password to the Terraform template files in three places.
    1. Add
      private_key_password="test"
      to the terraform.vars file and save.
      oci_terraform_vars_add_pk_password.png
    2. Add
      private_key_password = "${var.private_key_password}"
      to the provider.tf file and save.
      oci_terraform_provider_add_pk_password.png
    3. Add
      variable "private_key_password" {}
      to the variables.tf file and save.
      oci_terraform_variables_add_pk_password.png
  6. Set the VM-Series image OCID.
    1. Log in to the OCI console.
    2. Select
      Compute
      Custom Images
      and click on your VM-Series image.
    3. Click
      Show
      and copy the displayed OCID.
    4. Open the variables.tf template file.
    5. Replace the OCID next to the region as shown below.
      oci_update_image_ocid.png
    6. Save your changes.
  7. (
    optional
    ) You can change other values in the template files to suit your deployment. These values include the display name of the VM-Series firewall instance, the instance shape, the VCN CIDR block, etc. The provided templates have default values set.
    For example, the default VCN CIDR block is 10.1.0.0/16. You can change this value in the variables.tf file.
  8. Save any changes you have made to your template files.

Related Documentation