generated from oracle/template-repo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables_net_hub.tf
184 lines (175 loc) · 6.7 KB
/
variables_net_hub.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
# Copyright (c) 2023 Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
# ------------------------------------------------------
# ----- Networking - Hub
#-------------------------------------------------------
variable "hub_deployment_option" {
type = string
default = "No"
description = "The available options for hub deployment. Valid values: 'No', 'Yes, new DRG as hub', 'Yes, existing DRG as hub', 'Yes, new VCN as hub with new DRG', 'Yes, new VCN as hub with existing DRG'. All the VCNs that attach to the DRG join the topology as spokes."
}
variable "existing_drg_ocid" {
type = string
default = null
description = "The OCID of an existing DRG that you want to reuse for hub deployment. Only applicable if hub_deployment_option is 'Yes, existing DRG as hub' or 'Yes, new VCN as hub with existing DRG'."
}
variable "hub_vcn_east_west_entry_point_ocid" {
type = string
default = null
description = "The OCID of a private address the Hub VCN routes traffic to for inbound internal cross-vcn traffic (East/West). This variable is to be assigned with the OCID of the indoor network load balancer's private IP address."
}
variable "hub_vcn_north_south_entry_point_ocid" {
type = string
default = null
description = "The OCID of a private address the Hub VCN routes traffic to for inbound external traffic (North/South). This variable is to be assigned with the OCID of the outdoor network load balancer's private IP address."
}
variable "hub_vcn_name" {
type = string
default = null
description = "The Hub VCN name."
}
variable "hub_vcn_cidrs" {
type = list(string)
default = ["192.168.0.0/26"]
description = "List of CIDR blocks for the Hub VCN."
}
variable "hub_vcn_dns" {
type = string
default = null
description = "The Hub VCN DNS name."
}
# ------------------------------------------------------
# ----- Networking - Firewall settings
#-------------------------------------------------------
variable "hub_vcn_deploy_firewall_option" {
type = string
default = "No"
description = "The firewall option for deploying in the Hub VCN. Valid values: 'No' (default), 'Palo Alto Networks VM-Series Firewall', 'Fortinet FortiGate Firewall'. Costs are incurred."
}
variable "fw_instance_name_prefix" {
type = string
default = "firewall-instance"
description = "Common prefix to firewall name. To this common prefix, numbers 1 and 2 are appended to the corresponding instance."
}
variable "fw_instance_shape" {
type = string
default = "VM.Optimized3.Flex"
description = "The instance shape for the firewall nodes."
}
variable "fw_instance_flex_shape_memory" {
type = number
default = 56
description = "The amount of memory (in GB) for the selected flex shape. Applicable to flexible shapes only."
}
variable "fw_instance_flex_shape_cpu" {
type = number
default = 2
description = "The number of OCPUs for the selected flex shape. Applicable to flexible shapes only."
}
variable "fw_instance_boot_volume_size" {
type = number
default = 60
description = "The boot volume size (in GB) for the firewall instances."
}
variable "fw_instance_public_rsa_key" {
type = string
default = null
description = "The SSH public key to login to firewall Compute instance."
}
variable "customize_hub_vcn_subnets" {
type = bool
default = false
description = "Whether to customize default subnets settings of the Hub VCN. Only applicable to RMS deployments."
}
# -------------------------------------------
# ----- Networking - Hub Web Subnet
#--------------------------------------------
variable "hub_vcn_web_subnet_name" {
type = string
default = null
description = "The Hub VCN Web subnet name."
}
variable "hub_vcn_web_subnet_cidr" {
type = string
default = null
description = "The Hub VCN Web subnet CIDR block. It must be within the VCN CIDR blocks."
}
variable "hub_vcn_web_subnet_dns" {
type = string
default = null
description = "The Hub VCN Web subnet DNS name. Use only letters and numbers, no special characters."
}
variable "hub_vcn_web_subnet_is_private" {
type = bool
default = false
description = "Whether the Web subnet private. It is public by default."
}
variable "hub_vcn_web_subnet_jump_host_allowed_cidrs" {
type = list(string)
default = []
description = "List of CIDRs allowed to SSH into the Web subnet via a jump host eventually deployed in the Web subnet. Leave empty for no access."
}
# -------------------------------------------
# ----- Networking - Hub Mgmt Subnet
#--------------------------------------------
variable "hub_vcn_mgmt_subnet_name" {
type = string
default = null
description = "The Hub VCN Management subnet Name."
}
variable "hub_vcn_mgmt_subnet_cidr" {
type = string
default = null
description = "The Hub VCN Management subnet CIDR block. It must be within the VCN CIDR blocks."
}
variable "hub_vcn_mgmt_subnet_dns" {
type = string
default = null
description = "The Hub VCN Management subnet DNS name. Use only letters and numbers, no special characters."
}
variable "hub_vcn_mgmt_subnet_external_allowed_cidrs_for_http" {
type = list(string)
default = []
description = "List of CIDR blocks allowed to connect to Management subnet over HTTP. Leave empty for no access."
}
variable "hub_vcn_mgmt_subnet_external_allowed_cidrs_for_ssh" {
type = list(string)
default = []
description = "List of CIDR blocks allowed to connect to Management subnet over SSH. Leave empty for no access."
}
# -------------------------------------------
# ----- Networking - Hub Outdoor Subnet
#--------------------------------------------
variable "hub_vcn_outdoor_subnet_name" {
type = string
default = null
description = "The Hub VCN Outdoor subnet name."
}
variable "hub_vcn_outdoor_subnet_cidr" {
type = string
default = null
description = "The Hub VCN Outdoor subnet CIDR block. It must be within the VCN CIDR blocks."
}
variable "hub_vcn_outdoor_subnet_dns" {
type = string
default = null
description = "The Hub VCN Outdoor subnet DNS name. Use only letters and numbers, no special characters."
}
# -------------------------------------------
# ----- Networking - Hub Indoor Subnet
#--------------------------------------------
variable "hub_vcn_indoor_subnet_name" {
type = string
default = null
description = "The Hub VCN Indoor subnet name."
}
variable "hub_vcn_indoor_subnet_cidr" {
type = string
default = null
description = "The Hub VCN Indoor subnet CIDR block. It must be within the VCN CIDR blocks."
}
variable "hub_vcn_indoor_subnet_dns" {
type = string
default = null
description = "The Hub VCN Indoor subnet DNS name. Use only letters and numbers, no special characters."
}