mirror of
https://gitea.com/mcereda/oam.git
synced 2026-02-09 05:44:23 +00:00
Added example for bastion
This commit is contained in:
Michele Cereda
45
examples/terraform/oracle cloud free tier bastion/main.tf
Normal file
45
examples/terraform/oracle cloud free tier bastion/main.tf
Normal file
@@ -0,0 +1,45 @@
|
||||
terraform {
|
||||
required_version = "1.2.9"
|
||||
|
||||
required_providers {
|
||||
oci = {
|
||||
source = "oracle/oci"
|
||||
version = "4.107.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
####################
|
||||
# Networking
|
||||
####################
|
||||
|
||||
# See https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_vcn
|
||||
resource "oci_core_vcn" "bastion" {
|
||||
compartment_id = var.compartment_id
|
||||
cidr_blocks = var.vcn_cidr_blocks
|
||||
}
|
||||
|
||||
# See https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_subnet
|
||||
resource "oci_core_subnet" "bastion" {
|
||||
compartment_id = var.compartment_id
|
||||
vcn_id = oci_core_vcn.bastion.id
|
||||
cidr_block = var.subnet_cidr_block
|
||||
}
|
||||
|
||||
####################
|
||||
# Bastion
|
||||
####################
|
||||
|
||||
data "http" "local_ip_address" { url = "https://ifconfig.co" }
|
||||
locals { local_ip_cidr = "${chomp(data.http.local_ip_address.response_body)}/32" }
|
||||
|
||||
# See:
|
||||
# - https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/bastion_bastion
|
||||
# - https://docs.oracle.com/en-us/iaas/api/#/en/bastion/20210331/Bastion/CreateBastion
|
||||
resource "oci_bastion_bastion" "bastion" {
|
||||
compartment_id = var.compartment_id
|
||||
target_subnet_id = oci_core_subnet.bastion.id
|
||||
|
||||
bastion_type = "STANDARD" # locked
|
||||
client_cidr_block_allow_list = [local.local_ip_cidr]
|
||||
}
|
||||
12
examples/terraform/oracle cloud free tier bastion/outputs.tf
Normal file
12
examples/terraform/oracle cloud free tier bastion/outputs.tf
Normal file
@@ -0,0 +1,12 @@
|
||||
####################
|
||||
# Debug
|
||||
####################
|
||||
|
||||
# output "local_ip_address" { value = data.http.local_ip_address }
|
||||
# output "local_ip_cidr" { value = local.local_ip_cidr }
|
||||
|
||||
####################
|
||||
# Bastion
|
||||
####################
|
||||
|
||||
output "bastion" { value = oci_bastion_bastion.bastion }
|
||||
@@ -0,0 +1,22 @@
|
||||
####################
|
||||
# Oracle Cloud Account
|
||||
####################
|
||||
|
||||
variable "compartment_id" {
|
||||
type = string
|
||||
}
|
||||
|
||||
####################
|
||||
# Networking
|
||||
####################
|
||||
|
||||
variable "vcn_cidr_blocks" {
|
||||
type = list(string)
|
||||
default = [
|
||||
"10.0.0.0/16"
|
||||
]
|
||||
}
|
||||
variable "subnet_cidr_block" {
|
||||
type = string
|
||||
default = "10.0.0.0/24"
|
||||
}
|
||||
Reference in New Issue
Block a user