From 61fa168c721f0d419ddad77e7037c1b88dc8ea19 Mon Sep 17 00:00:00 2001
From: Michele Cereda <cereda.michele@gmail.com>
Date: Sat, 11 Feb 2023 14:13:24 +0100
Subject: [PATCH] Added example for bastion

---
 .../oracle cloud free tier bastion/main.tf    | 45 +++++++++++++++++++
 .../oracle cloud free tier bastion/outputs.tf | 12 +++++
 .../variables.tf                              | 22 +++++++++
 3 files changed, 79 insertions(+)
 create mode 100644 examples/terraform/oracle cloud free tier bastion/main.tf
 create mode 100644 examples/terraform/oracle cloud free tier bastion/outputs.tf
 create mode 100644 examples/terraform/oracle cloud free tier bastion/variables.tf

diff --git a/examples/terraform/oracle cloud free tier bastion/main.tf b/examples/terraform/oracle cloud free tier bastion/main.tf
new file mode 100644
index 0000000..fb18840
--- /dev/null
+++ b/examples/terraform/oracle cloud free tier bastion/main.tf	
@@ -0,0 +1,45 @@
+terraform {
+  required_version = "1.2.9"
+
+  required_providers {
+    oci = {
+      source  = "oracle/oci"
+      version = "4.107.0"
+    }
+  }
+}
+
+####################
+# Networking
+####################
+
+# See https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_vcn
+resource "oci_core_vcn" "bastion" {
+  compartment_id = var.compartment_id
+  cidr_blocks    = var.vcn_cidr_blocks
+}
+
+# See https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_subnet
+resource "oci_core_subnet" "bastion" {
+  compartment_id = var.compartment_id
+  vcn_id         = oci_core_vcn.bastion.id
+  cidr_block     = var.subnet_cidr_block
+}
+
+####################
+# Bastion
+####################
+
+data "http" "local_ip_address" { url = "https://ifconfig.co" }
+locals { local_ip_cidr = "${chomp(data.http.local_ip_address.response_body)}/32" }
+
+# See:
+# - https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/bastion_bastion
+# - https://docs.oracle.com/en-us/iaas/api/#/en/bastion/20210331/Bastion/CreateBastion
+resource "oci_bastion_bastion" "bastion" {
+  compartment_id   = var.compartment_id
+  target_subnet_id = oci_core_subnet.bastion.id
+
+  bastion_type                 = "STANDARD" # locked
+  client_cidr_block_allow_list = [local.local_ip_cidr]
+}
diff --git a/examples/terraform/oracle cloud free tier bastion/outputs.tf b/examples/terraform/oracle cloud free tier bastion/outputs.tf
new file mode 100644
index 0000000..3f1dcd1
--- /dev/null
+++ b/examples/terraform/oracle cloud free tier bastion/outputs.tf	
@@ -0,0 +1,12 @@
+####################
+# Debug
+####################
+
+# output "local_ip_address" { value = data.http.local_ip_address }
+# output "local_ip_cidr" { value = local.local_ip_cidr }
+
+####################
+# Bastion
+####################
+
+output "bastion" { value = oci_bastion_bastion.bastion }
diff --git a/examples/terraform/oracle cloud free tier bastion/variables.tf b/examples/terraform/oracle cloud free tier bastion/variables.tf
new file mode 100644
index 0000000..8d19fa3
--- /dev/null
+++ b/examples/terraform/oracle cloud free tier bastion/variables.tf	
@@ -0,0 +1,22 @@
+####################
+# Oracle Cloud Account
+####################
+
+variable "compartment_id" {
+  type = string
+}
+
+####################
+# Networking
+####################
+
+variable "vcn_cidr_blocks" {
+  type = list(string)
+  default = [
+    "10.0.0.0/16"
+  ]
+}
+variable "subnet_cidr_block" {
+  type    = string
+  default = "10.0.0.0/24"
+}