torstenboettjer/ocloud-asset-network

Service Assets for the Terraform ocloud framework

Requirements

Define an encapsulating compartment.

Providers

Name	Version
oci	n/a
null	n/a
time	n/a

Module

module "service_segment" {
  source     = "./component/network_segment/"
  providers  = { oci = oci.home }
  depends_on = [ module.network_domain ]
  # Define unique number per segment
  segment    = 1
  config     = {
    service_id     = local.service_id
    display_name   = lower("${var.service.name}_${var.network}")
    compartment_id = module.network_domain.compartment_id
    deployment_type = var.deployment_types["${var.bundle}"]
    freeform_tags  = {
      "framework"  = "ocloud"
    }
  }
  network = {
    description          = "virtual cloud network"
    address_spaces = {
      "cidr_block"       = "10.0.0.0/24"
      "anywhere"         = "0.0.0.0/0"
      "interconnect"     = "192.168.0.0/16"
    }
    subnet_list = {
      # A list with newbits for the cidrsubnet function, for subnet calculations visit http://jodies.de/ipcalc
      app                = 1
      db                 = 2
      pres               = 2
    }
    create_drg           = true
    block_nat_traffic    = false
    # Alternative: "oci-${local.region_key}-objectstorage"
    service_gateway_cidr = "all-${lower(local.home_region_key)}-services-in-oracle-services-network"
  }
}

Resources

Name	Type
oci_core_default_security_list.default_security_list	resource
oci_core_drg.segment	resource
oci_core_drg_attachment.segment	resource
oci_core_internet_gateway.segment	resource
oci_core_nat_gateway.segment	resource
oci_core_network_security_group.segment	resource
oci_core_route_table.osn	resource
oci_core_route_table.private	resource
oci_core_route_table.public	resource
oci_core_service_gateway.segment	resource
oci_core_vcn.segment	resource
oci_core_drgs.segment	data source
oci_core_internet_gateways.segment	data source
oci_core_nat_gateways.segment	data source
oci_core_network_security_groups.segment	data source
oci_core_route_tables.osn	data source
oci_core_route_tables.private	data source
oci_core_route_tables.public	data source
oci_core_service_gateways.segment	data source
oci_core_services.all_services	data source
oci_core_vcns.segment	data source
oci_identity_compartments.segment	data source
time_sleep.wait	resource
null_resource.previous	resource

Inputs

Name	Description	Type	Default	Required
config	Service Configuration	object({ service_id = string, display_name = string, compartment_id = string, deployment_type = string, freeform_tags = map(any) })	n/a	yes
network	Settings for the virtual cloud network	object({ address_spaces = map(string), # Network address prefix in CIDR notation that all of the requested subnetwork prefixes will be allocated within. subnet_list = map(number), # A list of objects describing requested subnetwork prefixes. new_bits is the number of additional network prefix bits to add, in addition to the existing prefix on base_cidr_block. create_drg = bool, block_nat_traffic = bool, # Whether or not to block traffic through NAT gateway service_gateway_cidr = string # The OSN service cidr accessible through Service Gateway" })	n/a	yes
segment	Identify the domain, use a unique number	number	n/a	yes

Parameter definitions can be found in the glossary

Outputs

Name	Description
anywhere	Echoes back the anywhere setting for the vcn module
cidr_block	Echoes back the base_cidr_block input variable value, for convenience if passing the result of this module elsewhere as an object.
drg_id	Dynamic Routing Gateway
internet_id	Internet Gateway
nat_id	NAT Gateway
osn	Oracle Service Network
osn_id	Service Gateway
osn_route_table_id	Route traffic to the Oracle Service Network
nat_route_table_id	Route traffic inside the VCN
internet_route_table_id	Route traffic to the anywhere address space
security_group	Security Group
subnets	A list of objects corresponding to each of the objects in the input variable 'networks', each extended with a new attribute 'cidr_block' giving the network’s allocated address prefix.
vcn_id	Virtual Cloud Network