add vcn, igw, route table, security list
This commit is contained in:
parent
d4f4d01645
commit
e80919d3be
@ -5,4 +5,6 @@ locals {
|
||||
"iac/source" = var.iac_project_source
|
||||
"iac/component" = var.iac_project_name
|
||||
}
|
||||
# vcn dns label must be only alphanumeric and max 15 chars
|
||||
vcn_dns_label = substr(replace(join("", [var.prefix, "vcn"]), "/(?i)[^0-9a-z]/", ""), 0, 15)
|
||||
}
|
||||
|
@ -0,0 +1,50 @@
|
||||
resource "oci_core_vcn" "vcn" {
|
||||
compartment_id = oci_identity_compartment.compartment.id
|
||||
cidr_block = var.vcn_cidr
|
||||
is_ipv6enabled = var.enable_ipv6
|
||||
display_name = join("", [var.prefix, "vcn"])
|
||||
dns_label = local.vcn_dns_label
|
||||
freeform_tags = local.freeform_tags
|
||||
}
|
||||
|
||||
resource "oci_core_internet_gateway" "igw" {
|
||||
compartment_id = oci_identity_compartment.compartment.id
|
||||
vcn_id = oci_core_vcn.vcn.id
|
||||
display_name = join("", [var.prefix, "igw"])
|
||||
freeform_tags = local.freeform_tags
|
||||
}
|
||||
|
||||
# https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformbestpractices_topic-vcndefaults.htm
|
||||
|
||||
resource "oci_core_default_route_table" "rt" {
|
||||
compartment_id = oci_identity_compartment.compartment.id
|
||||
manage_default_resource_id = oci_core_vcn.vcn.default_route_table_id
|
||||
freeform_tags = local.freeform_tags
|
||||
route_rules {
|
||||
network_entity_id = oci_core_internet_gateway.igw.id
|
||||
destination = "0.0.0.0/0"
|
||||
}
|
||||
}
|
||||
|
||||
resource "oci_core_security_list" "open_ports" {
|
||||
compartment_id = oci_identity_compartment.compartment.id
|
||||
vcn_id = oci_core_vcn.vcn.id
|
||||
display_name = "all-open"
|
||||
freeform_tags = local.freeform_tags
|
||||
egress_security_rules {
|
||||
destination = "0.0.0.0/0"
|
||||
protocol = "all"
|
||||
}
|
||||
egress_security_rules {
|
||||
destination = "::/0"
|
||||
protocol = "all"
|
||||
}
|
||||
ingress_security_rules {
|
||||
source = "0.0.0.0/0"
|
||||
protocol = "all"
|
||||
}
|
||||
ingress_security_rules {
|
||||
source = "::/0"
|
||||
protocol = "all"
|
||||
}
|
||||
}
|
@ -56,3 +56,18 @@ output "api_key_fingerprint" {
|
||||
description = "The fingerprint of the admin user API key"
|
||||
value = try(oci_identity_api_key.admin[0].fingerprint, null)
|
||||
}
|
||||
|
||||
output "vcn_cidr_blocks" {
|
||||
description = "The CIDR block for the VCN"
|
||||
value = oci_core_vcn.vcn.cidr_blocks
|
||||
}
|
||||
|
||||
output "vcn_ipv6_cidr_blocks" {
|
||||
description = "The IPv6 CIDR block for the VCN"
|
||||
value = oci_core_vcn.vcn.ipv6cidr_blocks
|
||||
}
|
||||
|
||||
output "vcn_ipv6_cidr_private_blocks" {
|
||||
description = "The IPv6 CIDR block for the VCN"
|
||||
value = oci_core_vcn.vcn.ipv6private_cidr_blocks
|
||||
}
|
||||
|
@ -48,3 +48,15 @@ variable "admin_create_credentials" {
|
||||
}
|
||||
description = "Types of credentials to create for the admin user"
|
||||
}
|
||||
|
||||
variable "vcn_cidr" {
|
||||
description = "The CIDR block for the VCN"
|
||||
type = string
|
||||
default = "10.0.0.0/16"
|
||||
}
|
||||
|
||||
variable "enable_ipv6" {
|
||||
description = "Enable IPv6 for the VCN"
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user