Merge pull request #1 from oracle-devrel/CloudFoundation

Cloud Foundation

Author: ionelpanaitescu

cloud-foundation/modules/cloud-foundation/bastion/instance/instance.tf

@@ -0,0 +1,43 @@
+
+resource "oci_core_instance" "instance" {
+
+  for_each = var.instance_params
+
+    availability_domain = each.value.availability_domain
+    compartment_id      = each.value.compartment_id
+    display_name        = each.value.display_name
+    shape               = each.value.shape
+
+    defined_tags = each.value.defined_tags
+    freeform_tags = each.value.freeform_tags
+
+    create_vnic_details {
+      subnet_id = each.value.create_vnic_details.subnet_id
+      skip_source_dest_check = each.value.create_vnic_details.skip_source_dest_check
+    }
+
+    shape_config {
+      #Optional
+      ocpus = each.value.ocpus 
+    }
+
+    source_details {
+      source_type = each.value.source_type
+      source_id   = each.value.source_id
+    }
+
+    metadata = each.value.metadata
+  
+    instance_options {
+      are_legacy_imds_endpoints_disabled = each.value.are_legacy_imds_endpoints_disabled
+    }
+  
+    timeouts {
+      create = "${each.value.provisioning_timeout_mins}m"
+    }
+
+    #prevent any metadata changes to destroy instance
+    lifecycle {
+      ignore_changes = [metadata, shape, shape_config]
+    }
+}

cloud-foundation/modules/cloud-foundation/bastion/instance/outputs.tf

@@ -0,0 +1,25 @@
+
+# Output the private and public IPs of the instance
+output "InstancePrivateIPs" {
+  value = [ for b in oci_core_instance.instance : b.private_ip]
+}
+
+output "InstancePublicIPs" {
+  value = [ for b in oci_core_instance.instance : b.public_ip]
+}
+
+output "InstanceOcids" {
+  value = [ for b in oci_core_instance.instance : b.id]
+}
+
+output "display_names" {
+  value = [ for b in oci_core_instance.instance : b.display_name]
+}
+
+output "InstanceShapes" {
+  value = [ for b in oci_core_instance.instance : b.shape]
+}
+
+output "AvailabilityDomains" {
+  value = [ for b in oci_core_instance.instance : b.availability_domain]
+}

cloud-foundation/modules/cloud-foundation/bastion/instance/variables.tf

@@ -0,0 +1,28 @@
+variable "instance_params" {
+
+  type = map(object({
+
+    availability_domain = string
+    compartment_id      = string
+    display_name        = string
+    shape               = string
+
+    defined_tags = map(string)
+    freeform_tags = map(string)
+
+    create_vnic_details = map(string)
+
+    ocpus = number
+    
+    source_type = string
+    source_id   = string
+
+    metadata = map(string)
+  
+    are_legacy_imds_endpoints_disabled = string
+ 
+    provisioning_timeout_mins = string
+    
+}))
+
+}

cloud-foundation/modules/cloud-foundation/database/atp/atp.tf

@@ -0,0 +1,57 @@
+#Resource for ATP database
+
+/*data "oci_kms_decrypted_data" "password" {
+  ciphertext = "${var.kms_encrypted_value}"
+  crypto_endpoint = "${var.kms_crypto_endpoint}"
+  key_id = "${var.kms_key_id}"
+}*/
+
+resource "oci_database_autonomous_database" "autonomous_database" {
+
+    #Required
+
+    compartment_id = var.compartment_ocid
+    cpu_core_count = var.autonomous_database_cpu_core_count
+    db_name = var.autonomous_database_db_name
+    display_name = var.autonomous_database_db_name
+   //admin_password = "${data.oci_kms_decrypted_data.password.plaintext}"
+    admin_password = base64decode(var.autonomous_database_admin_password)
+    data_storage_size_in_tbs = var.autonomous_database_data_storage_size_in_tbs
+
+    #Optional
+    #admin_password = var.autonomous_database_admin_password
+    #are_primary_whitelisted_ips_used = var.autonomous_database_are_primary_whitelisted_ips_used
+    #autonomous_container_database_id = oci_database_autonomous_container_database.test_autonomous_container_database.id
+    #autonomous_database_backup_id = oci_database_autonomous_database_backup.test_autonomous_database_backup.id
+    #autonomous_database_id = oci_database_autonomous_database.test_autonomous_database.id
+    #clone_type = var.autonomous_database_clone_type
+    #customer_contacts {
+
+        #Optional
+        #email = var.autonomous_database_customer_contacts_email
+    #}
+    #data_safe_status = var.autonomous_database_data_safe_status
+    #db_version = var.autonomous_database_db_version
+    #db_workload = var.autonomous_database_db_workload
+    #defined_tags = var.autonomous_database_defined_tags
+    #display_name = var.autonomous_database_display_name
+    #freeform_tags = {"Department"= "Finance"}
+    #is_access_control_enabled = var.autonomous_database_is_access_control_enabled
+    #is_auto_scaling_enabled = var.autonomous_database_is_auto_scaling_enabled
+    #is_data_guard_enabled = var.autonomous_database_is_data_guard_enabled
+    #is_dedicated = var.autonomous_database_is_dedicated
+    #is_free_tier = var.autonomous_database_is_free_tier
+    #is_preview_version_with_service_terms_accepted = var.autonomous_database_is_preview_version_with_service_terms_accepted
+    #kms_key_id = oci_kms_key.test_key.id
+    #license_model = var.autonomous_database_license_model
+    #nsg_ids = var.autonomous_database_nsg_ids
+    #private_endpoint_label = var.autonomous_database_private_endpoint_label
+    #refreshable_mode = var.autonomous_database_refreshable_mode
+    #source = var.autonomous_database_source
+    #source_id = oci_database_source.test_source.id
+    #standby_whitelisted_ips = var.autonomous_database_standby_whitelisted_ips
+    #subnet_id = oci_core_subnet.test_subnet.id
+    #timestamp = var.autonomous_database_timestamp
+    #vault_id = oci_kms_vault.test_vault.id
+    #whitelisted_ips = var.autonomous_database_whitelisted_ips
+}

cloud-foundation/modules/cloud-foundation/database/atp/outputs.tf

@@ -0,0 +1,15 @@
+# Output details of the autonomous database
+
+output "atp_db_id" {
+  value = join ("",oci_database_autonomous_database.autonomous_database.*.id)
+}
+
+output "is_atp_db" {
+  value = "true"
+}
+
+/* resource "local_file" "db_pass" {
+    //content  = data.oci_kms_decrypted_data.password.plaintext
+    content = base64decode(var.kms_encrypted_value)
+    filename = "db_pass.txt"
+} */

cloud-foundation/modules/cloud-foundation/database/atp/variables.tf

@@ -0,0 +1,28 @@
+#Tenancy Details
+
+variable "tenancy_ocid" {}
+variable "compartment_ocid" {}
+
+#Database
+
+variable "autonomous_database_cpu_core_count"{}
+
+variable "autonomous_database_db_name" {}
+
+variable autonomous_database_admin_password {}
+
+variable autonomous_database_data_storage_size_in_tbs {}
+
+/* variable "kms_encrypted_value" {
+    default = "V2xzQXRwRGIxMjM0Iw=="
+}
+
+variable "kms_crypto_endpoint" {
+    type = string
+    default = "https://bjqmywdtaafak-crypto.kms.eu-frankfurt-1.oraclecloud.com"
+}
+
+variable "kms_key_id" {
+    default = "ocid1.key.oc1.eu-frankfurt-1.bjqmywdtaafak.abtheljr4na5bc7nxsqhjlagwybhkyafvvnq63rjtot4txgqiiafmzwwsvma"
+}
+*/

cloud-foundation/modules/cloud-foundation/instance/instance.tf

@@ -0,0 +1,47 @@
+
+resource "oci_core_instance" "instance" {
+
+  for_each = var.instance_params
+
+    availability_domain = each.value.availability_domain
+    compartment_id      = each.value.compartment_id
+    display_name        = each.value.display_name
+    shape               = each.value.shape
+
+    defined_tags = each.value.defined_tags
+    freeform_tags = each.value.freeform_tags
+
+    create_vnic_details {
+      subnet_id        = each.value.subnet_id
+      display_name     = each.value.vnic_display_name
+      assign_public_ip = each.value.assign_public_ip
+      hostname_label   = each.value.hostname_label
+    }
+
+    shape_config {
+      #Optional
+      ocpus = each.value.ocpus 
+    }
+
+    source_details {
+      source_type = each.value.source_type
+      source_id   = each.value.source_id
+    }
+
+    metadata = each.value.metadata
+  
+    instance_options {
+      are_legacy_imds_endpoints_disabled = each.value.are_legacy_imds_endpoints_disabled
+    }
+  
+    fault_domain = each.value.fault_domain
+  
+    timeouts {
+      create = "${each.value.provisioning_timeout_mins}m"
+    }
+
+    #prevent any metadata changes to destroy instance
+    lifecycle {
+      ignore_changes = [metadata, shape, shape_config]
+    }
+}

cloud-foundation/modules/cloud-foundation/instance/outputs.tf

@@ -0,0 +1,25 @@
+
+# Output the private and public IPs of the instance
+output "InstancePrivateIPs" {
+  value = [ for b in oci_core_instance.instance : b.private_ip]
+}
+
+output "InstancePublicIPs" {
+  value = [ for b in oci_core_instance.instance : b.public_ip]
+}
+
+output "InstanceOcids" {
+  value = [ for b in oci_core_instance.instance : b.id]
+}
+
+output "display_names" {
+  value = [ for b in oci_core_instance.instance : b.display_name]
+}
+
+output "InstanceShapes" {
+  value = [ for b in oci_core_instance.instance : b.shape]
+}
+
+output "AvailabilityDomains" {
+  value = [ for b in oci_core_instance.instance : b.availability_domain]
+}

cloud-foundation/modules/cloud-foundation/instance/variables.tf

@@ -0,0 +1,33 @@
+variable "instance_params" {
+
+  type = map(object({
+
+    availability_domain = string
+    compartment_id      = string
+    display_name        = string
+    shape               = string
+
+    defined_tags = map(string)
+    freeform_tags = map(string)
+
+    subnet_id        = string
+    vnic_display_name = string
+    assign_public_ip = string
+    hostname_label   = string
+
+    ocpus = number
+    
+    source_type = string
+    source_id   = string
+
+    metadata = map(string)
+  
+    are_legacy_imds_endpoints_disabled = string
+  
+    fault_domain = string
+ 
+    provisioning_timeout_mins = string
+    
+}))
+
+}

cloud-foundation/modules/cloud-foundation/keygen/keygen.tf

@@ -0,0 +1,39 @@
+# TEMP WAY OF CREATING ORACLE SSH KEY FOR DEVELOPMENT
+resource "tls_private_key" "oracle_key" {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+# Creating OPC key for script copy
+resource "tls_private_key" "opc_key" {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+//For Load Balancer 
+resource "tls_private_key" "ss_private_key" {
+
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+resource "tls_self_signed_cert" "demo_cert" {
+
+  key_algorithm     = "RSA"
+  private_key_pem   = tls_private_key.ss_private_key.private_key_pem
+
+  subject {
+    common_name         = format("%s-%s", var.display_name,var.subnet_domain_name)
+    organization        = "Demo"
+    organizational_unit = "FOR TESTING ONLY"
+  }
+
+  #1 year validity
+  validity_period_hours = 24 * 365
+
+  allowed_uses = [
+    "digital_signature",
+    "cert_signing",
+    "crl_signing",
+  ]
+}