Skip to content

Latest commit

 

History

History
219 lines (173 loc) · 4.48 KB

terraformoptions.adoc

File metadata and controls

219 lines (173 loc) · 4.48 KB
Raw

Terraform Options

Configuration Terraform Options:

Ensure you review the {uri-terraform-dependencies}[dependencies].

1. Provider and Identity

Parameter Description Values Default

tenancy_id

Tenancy id of the user. Required when configuring provider.

None

2. General OCI

Parameter Description Values Default

compartment_id

Compartment id where the VCN Cluster will be provisioned. Required.

None

label_prefix

a string to be prepended to the name of resources. Required.

None

3. Network Parameters

Parameter Description Values Default

availability_domain

the AD to place the bastion host

1

1

bastion_access

A list of CIDR blocks to which ssh access to the bastion must be restricted to. anywhere is equivalent to 0.0.0.0/0 and allows ssh access from anywhere. Updatable.

["anywhere"]` or a list of cidr block such as [XXX.XXX.XXX.XXX/YY]

["anywhere"]

ig_route_id

the route id to the internet gateway of the VCN

netnum

0-based index of the bastion subnet when the VCN’s CIDR is masked with the corresponding newbit value.

0

newbits

The difference between the VCN’s netmask and the desired bastion subnet mask.

14

vcn_id

The id of the VCN to use when creating the bastion resources. Required

None

4. Bastion Host Parameters

Parameter Description Values Default

bastion_image_id

Provide a custom image id for the bastion host or leave as Autonomous.

imageid/Autonomous

Autonomous

bastion_os_version

In case Autonomous Linux is used, allow specification of Autonomous version

7.9

bastion_shape

The shape of bastion instance. This is now specified as a map and supports E3.Flex. If a non-Flex shape is specified, then the other parameters are ignored.

e.g. bastion_shape = { shape="VM.Standard.E4.Flex", ocpus=1, memory=4, boot_volume_size=50 }

bastion_shape = { shape="VM.Standard.E4.Flex", ocpus=1, memory=4, boot_volume_size=50 }

bastion_state

The target state for the instance. Could be set to RUNNING or STOPPED. (Updatable)

RUNNING/STOPPED

RUNNING

bastion_timezone

The preferred timezone for the bastion host. {uri-timezones}[List of timezones]

e.g. Australia/Sydney

The preferred timezone for the bastion host. {uri-timezones}[List of timezones]

bastion_type

Whether to make the bastion host public or private.

public/private

public

ssh_public_key

the content of the ssh public key used to access the bastion. set this or the ssh_public_key_path

""

ssh_public_key_path

path to the ssh public key used to access the bastion. set this or the ssh_public_key

""

upgrade_bastion

Whether to upgrade the bastion host packages after provisioning. It’s useful to set this to false during development/testing so the bastion is provisioned faster.

true/false

true

5. Notification Parameters

Parameter Description Values Default

enable_bastion_notification

Whether to enable ONS notification for the bastion host.

true/false

false

bastion_notification_endpoint

The subscription notification endpoint. Email address to be notified. Required if enable_notification = true ..

Autonomous

bastion_notification_protocol

The notification protocol used.

EMAIL

bastion_notification_topic

The name of the notification topic.

bastion

6. Tagging Parameters

Parameter Description Values Default

freeform_tags

Freeform tags for bastion.

 
freeform_tags = {
    access      = "public"
    environment = "dev"
    role        = "bastion"
}