Dynamic groups can only be created in the root compartment

garutilorenzo / k3s-oci-cluster

Deploy a Kubernetes cluster for free, using k3s and Oracle always free resources

https://garutilorenzo.github.io/deploy-kubernetes-for-free-oracle-cloud

GNU General Public License v3.0

225 stars 79 forks source link

Dynamic groups can only be created in the root compartment #13

Closed Djelibeybi closed 2 years ago

Djelibeybi commented 2 years ago

Using the tenancy OCID as the compartment OCID is the way to ensure that Terraform creates the dynamic group successfully.

This PR also tightens up the policy by only allowing the dynamic group to read instance-family and compute-management-family in the compartment created by Terraform and not the entire tenancy.

Signed-off-by: Avi Miller avi.miller@oracle.com

garutilorenzo commented 2 years ago

Hi @Djelibeybi thank you very much for your contribution :)