How to Configure the Terraform Provider for OCI (Oracle Cloud Infrastructure) with API Key Authentication

Guillermo Musumeci
5 min readJan 2


The OCI Terraform provider supports four authentication methods:

  • API Key Authentication
  • Instance Principal Authorization
  • Resource Principal Authorization
  • Security Token Authentication

In this story, we will set up the Terraform Provider for OCI (Oracle Cloud Infrastructure) using API Key Authentication.

1. Requirements

This is the list of requirements to configure the OCI Terraform provider:

  • Create a free OCI account at
  • Create an IAM User for Terraform
  • Generate the API Key
  • Get the Tenant Settings
  • Get the Root OCI compartment

2. Configuring the OCI Provider

To be able to authenticate to OCI, we will need all settings listed below:

  • tenancy - our tenancy's OCID
  • region - the OCI region in the Console
  • user - the OCID of the user for whom the key pair is being added
  • fingerprint - the fingerprint of the key that was just added
  • key_file- the path to our downloaded private key file. We must update this value to the path on our file system where we saved the private key file.

3. Getting the OCI Tenant OCID

We open the OCI Console and click on the hamburger menu located top left. Then, we click on the Governance & Administration menu, and on the Tenancy Details option.

Then click on the Copy link next to the OCID label to copy our OCID id. We will need this value to configure the Tenant on the OCI Provider.



Guillermo Musumeci

Certified AWS, Azure & GCP Architect | HashiCorp Ambassador | Terraform SME | KopiCloud Founder | ex-AWS | Entrepreneur | Book Author | Husband & Dad of ✌