oci-networking.tf

# Copyright (c) 2022-2024, Oracle and/or its affiliates. All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
# 

# File Version: 0.10.1

# Dependencies:
#   - defaults.tf file
#   - local.create_new_vcn
#   - local.create_subnets
#   - local.resolved_vcn_compartment_ocid
#   - local.subnets
#   - local.route_tables
#   - local.security_lists
#   - terraform-oci-networking module

################################################################################
#
#       *** Note: Normally, you should not need to edit this file. ***
#
################################################################################

################################################################################
# Module: Virtual Cloud Network (VCN)
################################################################################
module "vcn" {
  source = "github.com/oracle-quickstart/terraform-oci-networking//modules/vcn?ref=0.3.2"

  # Oracle Cloud Infrastructure Tenancy and Compartment OCID
  compartment_ocid = local.vcn_compartment_ocid

  # Deployment Tags + Freeform Tags + Defined Tags
  vcn_tags = local.oci_tag_values

  # Virtual Cloud Network (VCN) arguments
  create_new_vcn          = local.create_new_vcn
  existent_vcn_ocid       = var.existent_vcn_ocid
  cidr_blocks             = local.pre_vcn_cidr_blocks
  display_name            = local.vcn_display_name
  dns_label               = "${local.app_name_for_dns}${local.deploy_id}"
  is_ipv6enabled          = var.is_ipv6enabled
  ipv6private_cidr_blocks = var.ipv6private_cidr_blocks
}

################################################################################
# Module: Subnets
################################################################################
module "subnets" {
  for_each = { for map in local.subnets : map.subnet_name => map }
  source   = "github.com/oracle-quickstart/terraform-oci-networking//modules/subnet?ref=0.3.2"

  # Oracle Cloud Infrastructure Tenancy and Compartment OCID
  compartment_ocid = local.vcn_compartment_ocid
  vcn_id           = module.vcn.vcn_id

  # Deployment Tags + Freeform Tags + Defined Tags
  subnet_tags = local.oci_tag_values

  # Subnet arguments
  create_subnet              = local.create_subnets
  subnet_name                = each.value.subnet_name
  cidr_block                 = each.value.cidr_block
  display_name               = try(each.value.display_name, null) # If null, is autogenerated
  dns_label                  = try(each.value.dns_label, null)    # If null, is autogenerated
  prohibit_public_ip_on_vnic = each.value.prohibit_public_ip_on_vnic
  prohibit_internet_ingress  = each.value.prohibit_internet_ingress
  route_table_id = (anytrue([(each.value.alternative_route_table_name == ""), (each.value.alternative_route_table_name == null)])
    ? try(each.value.route_table_id, null)
  : module.route_tables[each.value.alternative_route_table_name].route_table_id)                                                                        # If null, the VCN's default route table is used
  dhcp_options_id   = each.value.dhcp_options_id                                                                                                        # If null, the VCN's default set of DHCP options is used
  security_list_ids = concat(each.value.security_list_ids, [for v in each.value.extra_security_list_names : module.security_lists[v].security_list_id]) # If null, the VCN's default security list is used
  ipv6cidr_block    = each.value.ipv6cidr_block                                                                                                         # If null, no IPv6 CIDR block is assigned

  #   security_list_ids = (anytrue([(each.value.alternative_security_list == ""), (each.value.alternative_security_list == null)]) # If null, the VCN's default security list is used
  #   ? each.value.security_list_ids
  # : [module.security_lists[each.value.alternative_security_list].security_list_id])
}

################################################################################
# Module: Gateways
################################################################################
module "gateways" {
  source = "github.com/oracle-quickstart/terraform-oci-networking//modules/gateways?ref=0.3.2"

  # Oracle Cloud Infrastructure Tenancy and Compartment OCID
  compartment_ocid = local.vcn_compartment_ocid
  vcn_id           = module.vcn.vcn_id

  # Deployment Tags + Freeform Tags + Defined Tags
  gateways_tags = local.oci_tag_values

  # Internet Gateway
  create_internet_gateway       = local.create_subnets
  internet_gateway_display_name = "Internet Gateway (${local.deploy_id})"
  internet_gateway_enabled      = true

  # NAT Gateway
  create_nat_gateway       = local.create_subnets
  nat_gateway_display_name = "NAT Gateway (${local.deploy_id})"
  nat_gateway_public_ip_id = null

  # Service Gateway
  create_service_gateway       = local.create_subnets
  service_gateway_display_name = "Service Gateway (${local.deploy_id})"

  # Local Peering Gateway (LPG)
  create_local_peering_gateway       = false
  local_peering_gateway_display_name = "Local Peering Gateway (${local.deploy_id})"
  local_peering_gateway_peer_id      = null
}

################################################################################
# Module: Route Tables
################################################################################
module "route_tables" {
  for_each = { for map in local.route_tables : map.route_table_name => map }
  source   = "github.com/oracle-quickstart/terraform-oci-networking//modules/route_table?ref=0.3.2"

  # Oracle Cloud Infrastructure Tenancy and Compartment OCID
  compartment_ocid = local.vcn_compartment_ocid
  vcn_id           = module.vcn.vcn_id

  # Deployment Tags + Freeform Tags + Defined Tags
  route_table_tags = local.oci_tag_values

  # Route Table attributes
  create_route_table = local.create_subnets
  route_table_name   = each.value.route_table_name
  display_name       = try(each.value.display_name, null)
  route_rules        = each.value.route_rules
}

################################################################################
# Module: Security Lists
################################################################################
module "security_lists" {
  for_each = { for map in local.security_lists : map.security_list_name => map }
  source   = "github.com/oracle-quickstart/terraform-oci-networking//modules/security_list?ref=0.3.2"

  # Oracle Cloud Infrastructure Tenancy and Compartment OCID
  compartment_ocid = local.vcn_compartment_ocid
  vcn_id           = module.vcn.vcn_id

  # Deployment Tags + Freeform Tags + Defined Tags
  security_list_tags = local.oci_tag_values

  # Security List attributes
  create_security_list   = local.create_subnets
  security_list_name     = each.value.security_list_name
  display_name           = each.value.display_name
  egress_security_rules  = each.value.egress_security_rules
  ingress_security_rules = each.value.ingress_security_rules
}

locals {
  vcn_compartment_ocid = var.create_new_vcn ? local.resolved_vcn_compartment_ocid : var.existent_vcn_compartment_ocid
}