add vcn, igw, route table, security list

This commit is contained in:
bdeshi 2024-05-24 16:17:53 +06:00
parent d4f4d01645
commit e80919d3be
Signed by: bdeshi
GPG Key ID: 410D03DA9A3468E0
4 changed files with 79 additions and 0 deletions

View File

@ -5,4 +5,6 @@ locals {
"iac/source" = var.iac_project_source
"iac/component" = var.iac_project_name
}
# vcn dns label must be only alphanumeric and max 15 chars
vcn_dns_label = substr(replace(join("", [var.prefix, "vcn"]), "/(?i)[^0-9a-z]/", ""), 0, 15)
}

View File

@ -0,0 +1,50 @@
resource "oci_core_vcn" "vcn" {
compartment_id = oci_identity_compartment.compartment.id
cidr_block = var.vcn_cidr
is_ipv6enabled = var.enable_ipv6
display_name = join("", [var.prefix, "vcn"])
dns_label = local.vcn_dns_label
freeform_tags = local.freeform_tags
}
resource "oci_core_internet_gateway" "igw" {
compartment_id = oci_identity_compartment.compartment.id
vcn_id = oci_core_vcn.vcn.id
display_name = join("", [var.prefix, "igw"])
freeform_tags = local.freeform_tags
}
# https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformbestpractices_topic-vcndefaults.htm
resource "oci_core_default_route_table" "rt" {
compartment_id = oci_identity_compartment.compartment.id
manage_default_resource_id = oci_core_vcn.vcn.default_route_table_id
freeform_tags = local.freeform_tags
route_rules {
network_entity_id = oci_core_internet_gateway.igw.id
destination = "0.0.0.0/0"
}
}
resource "oci_core_security_list" "open_ports" {
compartment_id = oci_identity_compartment.compartment.id
vcn_id = oci_core_vcn.vcn.id
display_name = "all-open"
freeform_tags = local.freeform_tags
egress_security_rules {
destination = "0.0.0.0/0"
protocol = "all"
}
egress_security_rules {
destination = "::/0"
protocol = "all"
}
ingress_security_rules {
source = "0.0.0.0/0"
protocol = "all"
}
ingress_security_rules {
source = "::/0"
protocol = "all"
}
}

View File

@ -56,3 +56,18 @@ output "api_key_fingerprint" {
description = "The fingerprint of the admin user API key"
value = try(oci_identity_api_key.admin[0].fingerprint, null)
}
output "vcn_cidr_blocks" {
description = "The CIDR block for the VCN"
value = oci_core_vcn.vcn.cidr_blocks
}
output "vcn_ipv6_cidr_blocks" {
description = "The IPv6 CIDR block for the VCN"
value = oci_core_vcn.vcn.ipv6cidr_blocks
}
output "vcn_ipv6_cidr_private_blocks" {
description = "The IPv6 CIDR block for the VCN"
value = oci_core_vcn.vcn.ipv6private_cidr_blocks
}

View File

@ -48,3 +48,15 @@ variable "admin_create_credentials" {
}
description = "Types of credentials to create for the admin user"
}
variable "vcn_cidr" {
description = "The CIDR block for the VCN"
type = string
default = "10.0.0.0/16"
}
variable "enable_ipv6" {
description = "Enable IPv6 for the VCN"
type = bool
default = true
}