Terraform template to deploy a complete VCN setup in Oracle Cloud Infrastructure (OCI). It includes:
## VCN
### Public and Private Subnets
## Internet Gateway
### NAT Gateway
## Service Gateway
### Route Tables
## Security Lists
### Optional compute instance placeholders
provider "oci" {
region = var.region
tenancy_ocid = var.tenancy_ocid
user_ocid = var.user_ocid
fingerprint = var.fingerprint
private_key_path = var.private_key_path
}
# Create VCN
resource "oci_core_virtual_network" "vcn" {
cidr_block = "10.0.0.0/16"
compartment_id = var.compartment_id
display_name = "my-vcn"
dns_label = "myvcn"
}
# Internet Gateway
resource "oci_core_internet_gateway" "ig" {
compartment_id = var.compartment_id
vcn_id = oci_core_virtual_network.vcn.id
display_name = "my-igw"
is_enabled = true
}
# NAT Gateway
resource "oci_core_nat_gateway" "nat" {
compartment_id = var.compartment_id
vcn_id = oci_core_virtual_network.vcn.id
display_name = "my-nat"
}
# Service Gateway
resource "oci_core_service_gateway" "svc_gateway" {
compartment_id = var.compartment_id
vcn_id = oci_core_virtual_network.vcn.id
services {
service_id = data.oci_core_services.all_services.services[0].id
}
display_name = "my-service-gw"
}
data "oci_core_services" "all_services" {
filter {
name = "name"
values = ["All .* Services In Oracle Services Network"]
regex = true
}
}
# Public Subnet
resource "oci_core_subnet" "public_subnet" {
cidr_block = "10.0.0.0/24"
compartment_id = var.compartment_id
vcn_id = oci_core_virtual_network.vcn.id
display_name = "public-subnet"
dns_label = "pubsubnet"
route_table_id = oci_core_route_table.public_rt.id
security_list_ids = [oci_core_security_list.public_sl.id]
prohibit_public_ip_on_vnic = false
}
# Private Subnet
resource "oci_core_subnet" "private_subnet" {
cidr_block = "10.0.1.0/24"
compartment_id = var.compartment_id
vcn_id = oci_core_virtual_network.vcn.id
display_name = "private-subnet"
dns_label = "privsubnet"
route_table_id = oci_core_route_table.private_rt.id
security_list_ids = [oci_core_security_list.private_sl.id]
prohibit_public_ip_on_vnic = true
}
# Route Table for Public Subnet
resource "oci_core_route_table" "public_rt" {
compartment_id = var.compartment_id
vcn_id = oci_core_virtual_network.vcn.id
display_name = "public-rt"
route_rules {
destination = "0.0.0.0/0"
destination_type = "CIDR_BLOCK"
network_entity_id = oci_core_internet_gateway.ig.id
}
}
# Route Table for Private Subnet
resource "oci_core_route_table" "private_rt" {
compartment_id = var.compartment_id
vcn_id = oci_core_virtual_network.vcn.id
display_name = "private-rt"
route_rules {
destination = "0.0.0.0/0"
destination_type = "CIDR_BLOCK"
network_entity_id = oci_core_nat_gateway.nat.id
}
route_rules {
destination = data.oci_core_services.all_services.services[0].cidr_block
destination_type = "SERVICE_CIDR_BLOCK"
network_entity_id = oci_core_service_gateway.svc_gateway.id
}
}
# Security List for Public Subnet
resource "oci_core_security_list" "public_sl" {
compartment_id = var.compartment_id
vcn_id = oci_core_virtual_network.vcn.id
display_name = "public-security-list"
ingress_security_rules {
protocol = "6"
source = "0.0.0.0/0"
tcp_options {
min = 22
max = 22
}
}
egress_security_rules {
protocol = "all"
destination = "0.0.0.0/0"
}
}
# Security List for Private Subnet
resource "oci_core_security_list" "private_sl" {
compartment_id = var.compartment_id
vcn_id = oci_core_virtual_network.vcn.id
display_name = "private-security-list"
ingress_security_rules {
protocol = "6"
source = oci_core_subnet.public_subnet.cidr_block
tcp_options {
min = 22
max = 22
}
}
egress_security_rules {
protocol = "all"
destination = "0.0.0.0/0"
}
}
================
Save the files as main.tf and variables.tf.
Run:
bash
terraform init
terraform plan
terraform apply
You’ll be prompted for values (or set them via a terraform.tfvars file).
No comments:
Post a Comment