| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| current_user_ocid | OCID of the current user | string |
n/a | yes |
| mission_owner_key | n/a | string |
n/a | yes |
| region | the OCI home region | string |
n/a | yes |
| resource_label | Resource label to append to resource names to prevent collisions. | string |
n/a | yes |
| secondary_region | the other region in OCI tenancy | string |
n/a | yes |
| tenancy_ocid | The OCID of tenancy | string |
n/a | yes |
| workload_name | The name of workload stack | string |
n/a | yes |
| api_fingerprint | The fingerprint of API | string |
"" |
no |
| api_private_key_path | The local path to the API private key | string |
"" |
no |
| backup_bucket_name | n/a | string |
"OCI-SCCA-LZ-IAC-Backup" |
no |
| backup_compartment_name | Name of the Logging compartment. | string |
"OCI-SCCA-LZ-IAC-TF-Configbackup" |
no |
| bastion_client_cidr_block_allow_list | Bastion Variables | list(string) |
[] |
no |
| bucket_storage_tier | n/a | string |
"Archive" |
no |
| central_vault_name | n/a | string |
"OCI-SCCA-LZ-Central-Vault" |
no |
| central_vault_type | Set value to DEFAULT for testing purpose. The default should be VIRTUAL_PRIVATE | string |
"DEFAULT" |
no |
| cloud_guard_target_tenancy | Cloud Guard Variable | bool |
false |
no |
| enable_compartment_delete | Set to true to allow the compartments to delete on terraform destroy. | bool |
true |
no |
| enable_logging_compartment | Set to true to enable logging compartment, to false if you already had existing buckets in another tenancy | bool |
true |
no |
| enable_replication | Can only be enabled when vault type is VIRTUAL_PRIVATE | bool |
false |
no |
| enable_vdms_critical_alarm | Enable critical alarms in VDMS compartment | bool |
false |
no |
| enable_vdms_warning_alarm | Enable warning alarms in VDMS compartment | bool |
false |
no |
| enable_vdss_critical_alarm | Enable critical alarms in VDSS compartment | bool |
false |
no |
| enable_vdss_warning_alarm | Enable warning alarms in VDSS compartment | bool |
false |
no |
| enable_workload_critical_alarm | Enable critical alarms in Workload compartment | bool |
false |
no |
| enable_workload_warning_alarm | Enable warning alarms in Workload compartment | bool |
false |
no |
| firewall_subnet_cidr_block | n/a | string |
"192.168.0.0/25" |
no |
| home_compartment_name | Name of the Landing Zone Home compartment. | string |
"OCI-SCCA-LZ-Home" |
no |
| home_region_deployment | Set to true if deploying in home region, set to false for Backup Region Deployment | bool |
true |
yes |
| is_vdms_vtap_enabled | n/a | bool |
false |
no |
| is_workload_vtap_enabled | n/a | bool |
false |
no |
| lb_subnet_cidr_block | n/a | string |
"192.168.0.128/25" |
no |
| logging_compartment_name | Name of the Logging compartment. | string |
"OCI-SCCA-LZ-Logging" |
no |
| master_encryption_key_name | n/a | string |
"OCI-SCCA-LZ-MSK" |
no |
| multi_region_home_compartment_ocid | OCID of the home compartment created in home region for multi-region deployment | string |
"" |
no |
| multi_region_logging_compartment_ocid | OCID of the logging compartment created in home region for multi-region deployment | string |
"" |
no |
| multi_region_vdss_compartment_ocid | OCID of the VDSS compartment created in home region for multi-region deployment | string |
"" |
no |
| multi_region_vdms_compartment_ocid | OCID of the VDMS compartment created in home region for multi-region deployment | string |
"" |
no |
| multi_region_workload_compartment_ocid | OCID of the workload compartment created in home region for multi-region deployment | string |
"" |
no |
| realm_key | 1 for OC1 (commercial) and 3 for OC3 (Government) | string |
"1" |
no |
| remote_audit_log_bucket_name | n/a | string |
"" |
no |
| remote_default_log_bucket_name | n/a | string |
"" |
no |
| remote_namespace | n/a | string |
"" |
no |
| remote_service_event_bucket_name | n/a | string |
"" |
no |
| remote_tenancy_name | n/a | string |
"" |
no |
| remote_tenancy_ocid | n/a | string |
"" |
no |
| retention_policy_duration_amount | variables to enable logging bucket | string |
"1" |
no |
| retention_policy_duration_time_unit | n/a | string |
"DAYS" |
no |
| vdms_compartment_name | Name of the VDMS compartment. | string |
"OCI-SCCA-LZ-VDMS" |
no |
| vdms_critical_topic_endpoints | List of email addresses for VDMS Critical notifications. | list(string) |
[] |
no |
| vdms_subnet_cidr_block | n/a | string |
"192.168.1.0/24" |
no |
| vdms_vcn_cidr_block | n/a | string |
"192.168.1.0/24" |
no |
| vdms_warning_topic_endpoints | List of email addresses for VDMS Warning notifications. | list(string) |
[] |
no |
| vdss_compartment_name | Name of the VDSS compartment. | string |
"OCI-SCCA-LZ-VDSS" |
no |
| vdss_critical_topic_endpoints | List of email addresses for VDSS Critical notifications. | list(string) |
[] |
no |
| vdss_vcn_cidr_block | n/a | string |
"192.168.0.0/24" |
no |
| vdss_warning_topic_endpoints | List of email addresses for VDSS Warning notifications. | list(string) |
[] |
no |
| workload_critical_topic_endpoints | List of email addresses for Workload Critical notifications. | list(string) |
[] |
no |
| workload_db_subnet_cidr_block | n/a | string |
"192.168.3.0/24" |
no |
| workload_db_vcn_cidr_block | n/a | string |
"192.168.3.0/24" |
no |
| workload_subnet_cidr_block | n/a | string |
"192.168.2.0/24" |
no |
| workload_vcn_cidr_block | n/a | string |
"192.168.2.0/24" |
no |
| workload_warning_topic_endpoints | List of email addresses for Workload Warning notifications. | list(string) |
[] |
no |
| Name | Description |
|---|---|
| bastion_ocid | n/a |
| policy_to_add | n/a |
Copyright (c) 2023 Oracle and/or its affiliates.
Licensed under the Universal Permissive License (UPL), Version 1.0.
See LICENSE for more details.