The Oracle Cloud Infrastructure (OCI) Quick Start is a collection of examples that allow Oracle Cloud Infrastructure users to get a quick start deploying advanced infrastructure on OCI. This repository contains Terraform scripts specific to the Oracle Database@Azure service.
This repository is under active development. Building open source software is a community effort. We're excited to engage with the community building this.
A repository contains a collection of terraform modules and templates that helps an Azure administrator configure an Azure environment for Oracle Database@Azure and provision database related components (Exadata hardware, Virtual Machine (VM) Clusters, and databases) in Azure.
A user can apply the terraform plans from any computer that has connectivity to both Azure and OCI.
To use the Terraform modules and templates in your environment, you must install the following software on the system from which you execute the terraform plans:
- Terraform
- Alternate OpenTofu
- Azure CLI - How to install the Azure CLI
- OCI CLI - Quickstart
- Setup OCI-CLI to authenticate to your tenancy
- Create a token auth profile in your oci config with
<MY_PROFILE_NAME>requirements.txt)
- Python 3.x (min version 3.4) with packages
Dependent which cloud resources a module manages, it will use some subset of the terraform cloud providers:
- OCI terraform provider
- In this template example use OCI provider
SecurityTokenauth method, other acceptable provider implementation are described in OCI terraform provider configuration doc
- In this template example use OCI provider
- azuread terraform provider
- azurerm terraform provider
These module automates the provisioning of components for running Oracle Database@Azure. Each template can run independently and default input values are configured which can be overridden per customer's preferences.
templates/azurerm-oci-exadata-quickstart: Quickstart OracleDB@Azure (Exadata) with OCI LZ modules (AzureRM)templates/avm-oci-exadata-quickstart: Quickstart OracleDB@Azure (Exadata) with Azure Verified Modules (AzAPI) and OCI LZ Modules
templates/azurerm-oci-adbs-quickstart: Quickstart OracleDB@Azure (Autonomous Database) with OCI LZ modules (AzureRM)
templates/az-oci-sso-federation: Configures Single Sign-on (SSO) Between OCI and Microsoft Azure with identity federation.templates/az-oci-rbac-n-sso-fed: Configures SSO Between OCI and Microsoft Azure with identity federation And role, groups required for Oracle Database@Azure.templates/az-odb-rbac: Creates Roles and Groups required for for Oracle Database@Azure.templates/az-oci-exa-pdb: Provisions Oracle database infrastructure including networks, Exadata Infrastructure, VM Cluster, and database.
Please read the individual template documentation for more details.
The OCI Terraform provider supports multiple authentication methods. We recommend to configure OCI Terraform Provider using API Key Authentication as illustrated below. Please refer to the documentation for details.
export TF_VAR_oci_tenancy_ocid="OCID of the OCI tenancy"
export TF_VAR_oci_user_ocid="<OCID of the OCI user>"
export TF_VAR_oci_private_key_path="<path (including filename) of the private key>"
export TF_VAR_oci_fingerprint="<Key's fingerprint>"You can verify the configuration using OCI CLI as illustrated below.
export OCI_CLI_TENANCY=$TF_VAR_oci_tenancy_ocid
export OCI_CLI_USER=$TF_VAR_oci_user_ocid
export OCI_CLI_FINGERPRINT=$TF_VAR_oci_fingerprint
export OCI_CLI_KEY_FILE=$TF_VAR_oci_private_key_path
oci iam tenancy get --tenancy-id $TF_VAR_oci_tenancy_ocid --output table --query "data.{Name:name, OCID:id}" --auth api_keyYou can authenticate to Azure with service principal and verify it with Azure CLI as illustrated below. Please refer to the offical Azure documentation for details.
export ARM_CLIENT_ID="<service_principal_appid>"
export ARM_CLIENT_SECRET="<service_principal_password>"
export ARM_TENANT_ID="<azure_subscription_tenant_id>"
export ARM_SUBSCRIPTION_ID="<azure_subscription_id>"
az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET -t $ARM_TENANT_ID
az account show -o tableNavigate into the templates directory.
Note: The Terraform state file writes to the directory from where you execute plans. You should keep this file in case you want to use Terraform to modify the environment configuration later. Refer to the Terraform documentation for more persistent and shareable ways to save state.
Input variable can be set in the Variable Definitions file (e.g. terraform.tfvars) or through the command line or environment variables:
compartment_ocid="<MY_OCI_TENANCY_ID>"
region="<MY_REGION_IDENTIFIER>"or via Command Line
terraform plan -var="compartment_ocid=<MY_OCI_TENANCY_ID>" -var="region=<MY_REGION_IDENTIFIER>"or via Environment Variables
export TF_VAR_compartment_ocid="<MY_OCI_TENANCY_ID>"
export TF_VAR_region="<MY_REGION_IDENTIFIER>"When running for first time, initialize the workspace directory using:
Terraform:
terraform initOpenTofu:
tofu initTo validate changes described without applying
Terraform:
terraform planOpenTofu:
tofu planTo apply changes and create resources
Terraform:
terraform applyOpenTofu:
tofu applyTo remove all resources created in above steps, run destroy:
Terraform:
terraform destroyOpenTofu:
tofu destroy- Oracle Cloud Infrastructure Provider
- Azure Active Directory Provider
- AzureRm Provider
- AzAPI Provider
Acknowledgement: Code derived adapted from samples, examples and documentations provided by above mentioned providers.
Open an issue in this repository.
This project welcomes contributions from the community. Before submitting a pull request, please review our contribution guide.
Please consult the security guide for our responsible security vulnerability disclosure process.
Copyright (c) 2024 Oracle and/or its affiliates.
Released under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl/.