Split base module into 3 separate (oracle-terraform-modules#51)

* refactor base module to use terraform-oci-vcn module. also refactored the variables

Signed-off-by: Ali Mukadam <[email protected]>

* use vcn module from registry, testing modules from github

Signed-off-by: Ali Mukadam <[email protected]>

* all 3 modules now pointing to their respective registry modules

Signed-off-by: Ali Mukadam <[email protected]>

datasources.tf

@@ -2,7 +2,7 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/
 
 data "oci_identity_availability_domains" "ad_list" {
-  compartment_id = var.oci_base_identity.tenancy_id
+  compartment_id = var.oci_base_provider.tenancy_id
 }
 
 data "template_file" "ad_names" {
@@ -11,7 +11,7 @@ data "template_file" "ad_names" {
 }
 
 data "oci_identity_tenancy" "tenancy" {
-  tenancy_id = var.oci_base_identity.tenancy_id
+  tenancy_id = var.oci_base_provider.tenancy_id
 }
 
 # get the tenancy's home region

docs/instanceprincipal.adoc

@@ -22,31 +22,32 @@
 :uri-terraform: https://www.terraform.io
 :uri-terraform-download: https://www.terraform.io/downloads.html
 
-This section documents the use of {uri-oci-instance-principal}[instance_principal] in the project.
+This section documents the use of {uri-oci-instance-principal}[instance_principal] for admin purposes in the project.
 
 . link:#using-instance_principal[Using instance_principal]
-.. link:#enabling-instance_principal-on-the-bastion-host[Enabling instance_principal on the bastion host]
-.. link:#disabling-instance_principal-on-the-bastion-host[Disabling instance_principal on the bastion host]
+.. link:#enabling-instance_principal-on-the-operator-host[Enabling instance_principal on the operator host]
+.. link:#disabling-instance_principal-on-the-operator-host[Disabling instance_principal on the operator host]
 .. link:#recommendations-for-using-instance_principal[Recommendations for using instance_principal]
 
 
 === Using instance_principal
 
-==== Enabling instance_principal on the admin host
+==== Enabling instance_principal on the operator host
 {uri-oci-instance-principal}[instance_principal] is an IAM service feature that enables instances to be authorized actors (or principals) to perform actions on service resources. Each compute instance has its own identity, and it authenticates using the certificates that are added to it. These certificates are automatically created, assigned to instances and rotated, preventing the need for you to distribute credentials to your hosts and rotate them.
 
 Any user who has access to the instance (who can SSH to the instance), automatically inherits the privileges granted to the instance. Before you enable this feature, ensure that you know who can access it, and that they should be authorized with the permissions you are granting to the instance.
 
 By default, this feature is *_disabled_*.
 
-When you enable this feature, by default, the admin host has privileges to manage all resources in the compartment. 
+After you enable this feature, the operator host has privileges to manage all resources in the compartment. 
 
-You can also turn on and off the feature at any time without impact on the admin host.
+You can also turn on and off the feature at any time without impact on the operator host.
 
-To enable, set enable_instance_principal in oci_base_admin to true:
+To enable, set enable_instance_principal in oci_base_operator to true:
 
+[source,hcl]
 ----
-oci_base_admin = {
+oci_base_operator = {
   ....
   enable_instance_principal = true
   ....
@@ -55,19 +56,20 @@ oci_base_admin = {
 
 and verify:
 
+[source,bash]
 ----
 oci network vcn list --compartment-id <compartment-ocid>
 ----
 
 You should be able to see a list of VCNs created in the compartment.
 
-==== Disabling instance_principal on the admin host
+==== Disabling instance_principal on the operator host
 
-To disable, set enable_instance_principal in oci_base_admin to false:
+To disable, set enable_instance_principal in oci_base_operator to false:
 
-+
+[source,hcl]
 ----
-oci_base_admin = {
+oci_base_operator = {
   ....
   enable_instance_principal = false
   ....
@@ -76,13 +78,13 @@ oci_base_admin = {
 
 . Run terraform apply again:
 
-+
+[source,bash]
 ----
 terraform apply
 ----
 
 ==== Recommendations for using instance_principal
 
 . Do not enable instance_principal if you are not using it
-. Enable instance_principal *_if and only if_* you are using the admin host to execute oci commands e.g. modifying dynamic groups, changing policies
+. Enable instance_principal *_if and only if_* you are using the operator host to execute oci commands e.g. modifying dynamic groups, changing policies
 . Disable instance_principal once the oci operation is done

docs/quickstart.adoc

@@ -71,10 +71,10 @@ cp terraform.tfvars.example terraform.tfvars
 
 ----
 provider "oci" {
-  tenancy_ocid         = var.oci_base_identity.tenancy_id
-  user_ocid            = var.oci_base_identity.user_id
-  fingerprint          = var.oci_base_identity.api_fingerprint
-  private_key_path     = var.oci_base_identity.api_private_key_path
+  tenancy_ocid         = var.oci_base_provider.tenancy_id
+  user_ocid            = var.oci_base_provider.user_id
+  fingerprint          = var.oci_base_provider.api_fingerprint
+  private_key_path     = var.oci_base_provider.api_private_key_path
   region               = var.oci_base_general.region
   disable_auto_retries = false
 }

docs/terraformoptions.adoc

@@ -17,13 +17,13 @@
 
 Configuration Terraform Options:
 
-. link:#identity-and-access[Identity and Access]
+. link:#Provider[Identity and Access]
 . link:#general-oci[General OCI]
 . link:#oci-networking[OCI Networking]
 . link:#bastion-host[Bastion Host]
-. link:#admin-host[Admin Host]
+. link:#operator-host[Operator Host]
 
-=== Identity and access
+=== Provider
 
 [stripes=odd,cols="1d,4d,3a,3a", options=header,width="100%"] 
 |===
@@ -42,8 +42,8 @@ Configuration Terraform Options:
 |
 |None
 
-|compartment_id
-|Compartment id where the VCN and other resources will be provisioned. *Required*
+|region
+|Region where to provision the resources. {uri-oci-region}[List of regions]. *Required*
 |
 |None
 
@@ -68,16 +68,16 @@ Configuration Terraform Options:
 |Values
 |Default
 
+|compartment_id
+|Compartment id where the VCN and other resources will be provisioned. *Required*
+|
+|None
+
 |label_prefix
 |a string to be prepended to the name of resources. *Recommended*
 |
 |
 
-|region
-|Region where to provision the resources. {uri-oci-region}[List of regions]. *Required*
-|
-|us-phoenix-1
-
 |===
 
 === OCI Networking
@@ -89,6 +89,11 @@ Configuration Terraform Options:
 |Values
 |Default
 
+|internet_gateway_enabled
+|Whether to create an internet gateway. *Required* for public subnets.
+|true/false
+|true
+
 |nat_gateway_enabled
 |Whether to create a NAT gateway. *Required* for private subnets.
 |true/false
@@ -99,6 +104,12 @@ Configuration Terraform Options:
 |true/false
 |true
 
+|tags
+|The tags to apply on the VCN.
+|map(any)
+|null
+
+
 |vcn_cidr
 |The VCN's CIDR block.
 |
@@ -217,14 +228,27 @@ Configuration Terraform Options:
 |
 |None
 
+|tags
+|The tags to apply on the bastion resources.
+|map(any)
+|
+[source,hcl]
+----
+tags = {
+    department  = ""
+    environment = "dev"
+    role        = "bastion"
+}
+----
+
 |timezone
 |The preferred timezone for the bastion host. {uri-timezones}[List of timezones]
 |
 |
 
 |===
 
-== Admin Host
+== Operator Host
 
 [stripes=odd,cols="1d,4d,3a,3a", options=header,width="100%"] 
 |===
@@ -233,23 +257,23 @@ Configuration Terraform Options:
 |Values
 |Default
 
-|admin_enabled
-|Whether to create the admin host.
+|operator_enabled
+|Whether to create the operator host.
 |true/false
 |false
 
-|admin_image_id
-|Custom image id for the admin host
+|operator_image_id
+|Custom image id for the operator host
 |image_id/Oracle. If the value is set to Oracle, an Oracle Platform image will be used instead.
 |Oracle
 
 |enable_instance_principal
-|Whether to enable instance_principal on the admin server. Refer to {uri-instance-principal-note}[instance_principal][instance_principal]
+|Whether to enable instance_principal on the operator server. Refer to {uri-instance-principal-note}[instance_principal][instance_principal]
 |true/false
 |false
 
 |notification_enabled
-|Whether to enable ONS notification for the admin host. *Do not enable for now*.
+|Whether to enable ONS notification for the operator host. *Do not enable for now*.
 |true/false
 |false
 
@@ -266,40 +290,34 @@ Configuration Terraform Options:
 |notification_topic
 |The name of the notification topic
 |
-|admin
+|operator
 
-|admin_package_upgrade
-|Whether to also upgrade the packages for the admin host.
+|operator_package_upgrade
+|Whether to also upgrade the packages for the operator host.
 |true/false
 |true
 
-|admin_shape
-|The shape of admin instance.
+|operator_shape
+|The shape of operator instance.
 |
 |
 
-|admin_timezone
-|The preferred timezone for the admin host. {uri-timezones}[List of timezones]
+|tags
+|The tags to apply on the bastion resources.
+|map(any)
 |
-|Australia/Sydney
-
-|===
-
-== Tagging
-
-[stripes=odd,cols="1d,4d,3a,3a", options=header,width="100%"] 
-|===
-|Parameter
-|Description
-|Values
-|Default
+[source,hcl]
+----
+tags = {
+  department  = ""
+  environment = "dev"
+  role        = "operator"
+}
+----
 
-|computetag
-|Freeform tag for compute instances.
-|
+|operator_timezone
+|The preferred timezone for the operator host. {uri-timezones}[List of timezones]
 |
+|Australia/Sydney
 
-|networktag
-|Freeform tag for network components like VCN and subnets.
-|
-|
+|===

examples/database/README.md

@@ -68,7 +68,7 @@ module "base" {
   source = "./modules/base"
 
   # identity
-  oci_base_identity = local.oci_base_identity
+  oci_base_provider = local.oci_base_provider
 
   # general oci parameters
   oci_base_general = local.oci_base_general
@@ -79,8 +79,8 @@ module "base" {
   # bastion parameters
   oci_base_bastion = local.oci_base_bastion
 
-  # admin server parameters
-  oci_base_admin = local.oci_base_admin
+  # operator server parameters
+  oci_base_operator = local.oci_base_operator
 }
 ```