Added Flag to deploy Non_Prod Environment

templates/elz-environment/main.tf

@@ -148,7 +148,12 @@ module "network" {
   private_spoke_subnet_web_cidr_block = var.private_spoke_subnet_web_cidr_block
   private_spoke_subnet_app_cidr_block = var.private_spoke_subnet_app_cidr_block
   private_spoke_subnet_db_cidr_block  = var.private_spoke_subnet_db_cidr_block
+  hub_public_subnet_dns_label         = var.hub_public_subnet_dns_label
+  hub_private_subnet_dns_label        = var.hub_private_subnet_dns_label
   spoke_vcn_cidr                      = var.spoke_vcn_cidr
+  subnet_app_dns_label                = var.subnet_app_dns_label
+  subnet_db_dns_label                 = var.subnet_db_dns_label
+  subnet_web_dns_label                = var.subnet_web_dns_label
   ipsec_connection_static_routes      = var.ipsec_connection_static_routes
   enable_vpn_or_fastconnect           = var.enable_vpn_or_fastconnect
   enable_vpn_on_environment           = var.enable_vpn_on_environment

templates/elz-environment/variables.tf

@@ -226,6 +226,27 @@ variable "create_master_encryption_key" {
 # Network Variables
 # -----------------------------------------------------------------------------
 
+variable "hub_public_subnet_dns_label" {
+  type        = string
+  description = "Hub Public Subnet DNS Label."
+}
+variable "hub_private_subnet_dns_label" {
+  type        = string
+  description = "Hub Private Subnet DNS Label."
+}
+variable "subnet_app_dns_label" {
+  type        = string
+  description = "Spoke App Subnet DNS Label."
+}
+variable "subnet_db_dns_label" {
+  type        = string
+  description = "Spoke DB Subnet DNS Label."
+}
+variable "subnet_web_dns_label" {
+  type        = string
+  description = "Spoke Web Subnet DNS Label."
+}
+
 variable "enable_internet_gateway_hub" {
   type        = string
   description = "Option to enable true and Disable false."

templates/elz-network/main.tf

@@ -14,10 +14,8 @@ locals {
   vcn-hub-info = {
     hub_public_subnet_display_name   = "OCI-ELZ-SUB-${var.environment_prefix}-HUB-${local.region_key[0]}001"
     hub_public_subnet_description    = "Hub Public Subnet"  
-    hub_public_subnet_dns_label      = "publabel"
     hub_private_subnet_display_name  = "OCI-ELZ-SUB-${var.environment_prefix}-HUB-${local.region_key[0]}002"
     hub_private_subnet_description   = "Hub Private Subnet"
-    hub_private_subnet_dns_label     = "prilabel"
     hub_security_list_display_name   = "OCI-ELZ-${var.environment_prefix}-Hub-Security-List"
     igw_gateway_display_name         = "OCI-ELZ-IGW-${var.environment_prefix}-HUB"
     nat_gateway_display_name         = "OCI-ELZ-NGW-${var.environment_prefix}-HUB"
@@ -56,10 +54,10 @@ module "hub" {
   hub_vcn_dns_label                       = local.vcn_hub.dns_label
   hub_public_subnet_display_name          = local.vcn-hub-info.hub_public_subnet_display_name
   hub_public_subnet_description           = local.vcn-hub-info.hub_public_subnet_description
-  hub_public_subnet_dns_label             = local.vcn-hub-info.hub_public_subnet_dns_label
+  hub_public_subnet_dns_label             = var.hub_public_subnet_dns_label
   hub_private_subnet_display_name         = local.vcn-hub-info.hub_private_subnet_display_name
   hub_private_subnet_description          = local.vcn-hub-info.hub_private_subnet_description
-  hub_private_subnet_dns_label            = local.vcn-hub-info.hub_private_subnet_dns_label
+  hub_private_subnet_dns_label            = var.hub_private_subnet_dns_label
   igw_gateway_display_name                = local.vcn-hub-info.igw_gateway_display_name
   nat_gateway_display_name                = local.vcn-hub-info.nat_gateway_display_name
   srv_gateway_display_name                = local.vcn-hub-info.srv_gateway_display_name
@@ -94,9 +92,6 @@ locals {
     route_table_display_name         = "OCI-ELZ-RTPRV-${var.environment_prefix}-SPK001"
     nat_gateway_display_name         = "OCI-ELZ-NGW-${var.environment_prefix}-SPK"
     service_gateway_display_name     = "OCI-ELZ-SGW-${var.environment_prefix}-SPK"
-    subnet_app_dns_label             = "appdnslabel"
-    subnet_db_dns_label              = "dbdnslabel"
-    subnet_web_dns_label             = "webdnslabel"
     subnet_web_display_name          = "OCI-ELZ-SUB-${var.environment_prefix}-SPK-${local.region_key[0]}001"
     subnet_app_display_name          = "OCI-ELZ-SUB-${var.environment_prefix}-SPK-${local.region_key[0]}002"
     subnet_db_display_name           = "OCI-ELZ-SUB-${var.environment_prefix}-SPK-${local.region_key[0]}003"
@@ -124,13 +119,13 @@ module "spoke" {
   workload_compartment_id                        = var.workload_compartment_id
   workload_private_spoke_subnet_app_cidr_block   = var.private_spoke_subnet_app_cidr_block
   workload_private_spoke_subnet_app_display_name = local.vcn-spoke-info.subnet_app_display_name
-  workload_private_spoke_subnet_app_dns_label    = local.vcn-spoke-info.subnet_app_dns_label
+  workload_private_spoke_subnet_app_dns_label    = var.subnet_app_dns_label
   workload_private_spoke_subnet_db_cidr_block    = var.private_spoke_subnet_db_cidr_block
   workload_private_spoke_subnet_db_display_name  = local.vcn-spoke-info.subnet_db_display_name
-  workload_private_spoke_subnet_db_dns_label     = local.vcn-spoke-info.subnet_db_dns_label
+  workload_private_spoke_subnet_db_dns_label     = var.subnet_db_dns_label
   workload_private_spoke_subnet_web_cidr_block   = var.private_spoke_subnet_web_cidr_block
   workload_private_spoke_subnet_web_display_name = local.vcn-spoke-info.subnet_web_display_name
-  workload_private_spoke_subnet_web_dns_label    = local.vcn-spoke-info.subnet_web_dns_label
+  workload_private_spoke_subnet_web_dns_label    = var.subnet_web_dns_label
   workload_spoke_vcn_cidr                        = var.spoke_vcn_cidr
   enable_vpn_or_fastconnect                      = var.enable_vpn_or_fastconnect
   enable_vpn_on_environment                      = var.enable_vpn_on_environment

templates/elz-network/variables.tf

@@ -135,6 +135,28 @@ variable "add_ssh_to_security_list" {
   default     = false
 }
 
+variable "hub_public_subnet_dns_label" {
+  type        = string
+  description = "Hub Public Subnet DNS Label."
+}
+variable "hub_private_subnet_dns_label" {
+  type        = string
+  description = "Hub Private Subnet DNS Label."
+}
+variable "subnet_app_dns_label" {
+  type        = string
+  description = "Spoke App Subnet DNS Label."
+}
+variable "subnet_db_dns_label" {
+  type        = string
+  description = "Spoke DB Subnet DNS Label."
+}
+variable "subnet_web_dns_label" {
+  type        = string
+  description = "Spoke Web Subnet DNS Label."
+}
+
+
 # -----------------------------------------------------------------------------
 # VPN Variables
 # -----------------------------------------------------------------------------

templates/enterprise-landing-zone/backup-main.tf

@@ -112,11 +112,11 @@ module "backup_prod_environment" {
 
 module "backup_nonprod_environment" {
   source = "../elz-backup/elz-backup-environment"
-  count = var.enable_landing_zone_replication ? 1 : 0
+  count = var.enable_landing_zone_replication && var.is_nonprod_env_deploy ? 1 : 0
 
   environment_prefix      = local.nonprod_environment.environment_prefix
   spoke_vcn_cidr          = var.backup_nonprod_workload_cidr
-  workload_compartment_id = module.nonprod_environment.workload_compartment_id
+  workload_compartment_id = module.nonprod_environment[0].workload_compartment_id
   backup_region           = var.backup_region
   tenancy_ocid            = var.tenancy_ocid
   region                  = var.region
@@ -127,7 +127,7 @@ module "backup_nonprod_environment" {
   igw_hub_check                           = var.backup_igw_hub_check
   nat_gw_hub_check                        = var.backup_nat_gw_hub_check
   service_gw_hub_check                    = var.backup_service_gw_hub_check
-  network_compartment_id                  = module.nonprod_environment.compartment.network.id
+  network_compartment_id                  = module.nonprod_environment[0].compartment.network.id
   vcn_cidr_block                          = var.backup_nonprod_hub_vcn_cidr_block
   public_subnet_cidr_block                = var.backup_nonprod_public_subnet_cidr_block
   private_subnet_cidr_block               = var.backup_nonprod_private_subnet_cidr_block
@@ -152,17 +152,17 @@ module "backup_nonprod_environment" {
   enable_replication           = var.backup_nonprod_vault_enable_replication
   replica_region               = var.backup_nonprod_vault_replica_region
   resource_label               = var.resource_label
-  security_compartment_id      = module.nonprod_environment.compartment.security.id
+  security_compartment_id      = module.nonprod_environment[0].compartment.security.id
   vault_type                   = var.backup_nonprod_vault_type
   home_compartment_id          = module.home_compartment.compartment_id
 
   home_compartment_name               = var.home_compartment_name
-  logging_compartment_id              = module.nonprod_environment.compartment.logging.id
+  logging_compartment_id              = module.nonprod_environment[0].compartment.logging.id
   retention_policy_duration_amount    = var.backup_nonprod_retention_policy_duration_amount
   retention_policy_duration_time_unit = var.backup_nonprod_retention_policy_duration_time_unit
 
   bastion_client_cidr_block_allow_list = var.backup_nonprod_bastion_client_cidr_block_allow_list
-  environment_compartment_id           = module.nonprod_environment.compartment.environment.id
+  environment_compartment_id           = module.nonprod_environment[0].compartment.environment.id
 
   is_create_alarms         = var.is_create_alarms_backup
   network_topic_endpoints  = var.nonprod_network_topic_endpoints_backup
@@ -206,7 +206,7 @@ module "backup_nonprod_environment" {
   enable_fastconnect_on_environment = var.backup_nonprod_enable_fastconnect
   customer_onprem_ip_cidr           = var.backup_customer_onprem_ip_cidr
 
-  depends_on = [module.nonprod_environment]
+  depends_on = [module.nonprod_environment[0]]
 
   providers = {
     oci               = oci

templates/enterprise-landing-zone/environment.tf

@@ -101,6 +101,11 @@ module "prod_environment" {
   private_spoke_subnet_web_cidr_block = var.prod_spoke_subnet_web_cidr_block
   private_spoke_subnet_app_cidr_block = var.prod_spoke_subnet_app_cidr_block
   private_spoke_subnet_db_cidr_block  = var.prod_spoke_subnet_db_cidr_block
+  hub_public_subnet_dns_label         = var.prod_hub_public_subnet_dns_label
+  hub_private_subnet_dns_label        = var.prod_hub_private_subnet_dns_label
+  subnet_app_dns_label                = var.prod_subnet_app_dns_label
+  subnet_db_dns_label                 = var.prod_subnet_db_dns_label
+  subnet_web_dns_label                = var.prod_subnet_web_dns_label
 
   enable_network_firewall   = var.enable_network_firewall_prod
   enable_traffic_threat_log = var.enable_traffic_threat_log_prod
@@ -190,7 +195,8 @@ locals {
 }
 
 module "nonprod_environment" {
-  source = "../elz-environment"
+  count  =  var.is_nonprod_env_deploy   ? 1 : 0
+  source =  "../elz-environment"
 
   tenancy_ocid   = var.tenancy_ocid
   region         = var.region
@@ -275,6 +281,11 @@ module "nonprod_environment" {
   private_spoke_subnet_web_cidr_block = var.nonprod_spoke_subnet_web_cidr_block
   private_spoke_subnet_app_cidr_block = var.nonprod_spoke_subnet_app_cidr_block
   private_spoke_subnet_db_cidr_block  = var.nonprod_spoke_subnet_db_cidr_block
+  hub_public_subnet_dns_label         = var.nonprod_hub_public_subnet_dns_label
+  hub_private_subnet_dns_label        = var.nonprod_hub_private_subnet_dns_label
+  subnet_app_dns_label                = var.nonprod_subnet_app_dns_label
+  subnet_db_dns_label                 = var.nonprod_subnet_db_dns_label
+  subnet_web_dns_label                = var.nonprod_subnet_web_dns_label
 
   enable_network_firewall   = var.enable_network_firewall_nonprod
   enable_traffic_threat_log = var.enable_traffic_threat_log_nonprod
@@ -309,7 +320,7 @@ module "nonprod_environment" {
   enable_workload_monitoring_alarms = var.nonprod_enable_workload_monitoring_alarms
   enable_datasafe                   = var.enable_datasafe
 
-  #workload_compartment_id             = module.nonprod_environment.workload_compartment_id
+  #workload_compartment_id             = module.nonprod_environment[0].workload_compartment_id
 
   remote_peering_connection_peer_id          = var.enable_vpn_or_fastconnect == "FASTCONNECT" ? module.prod_environment.rpc_id : null
   remote_peering_connection_peer_region_name = var.region

templates/enterprise-landing-zone/example.tfvars

@@ -15,6 +15,7 @@ resource_label             = "DEMO"
 prod_domain_admin_email    = "an-example-email-address@oracle.com"
 nonprod_domain_admin_email = "an-example-email-address@oracle.com"
 enable_compartment_delete  = false
+is_nonprod_env_deploy      = true
 
 # security
 enable_cloud_guard                           = true
@@ -60,20 +61,30 @@ nonprod_enable_service_gateway_spoke = "true"
 prod_hub_vcn_cidr_block            = "10.1.0.0/16"
 prod_hub_public_subnet_cidr_block  = "10.1.1.0/24"
 prod_hub_private_subnet_cidr_block = "10.1.2.0/24"
+prod_hub_public_subnet_dns_label   = "ppublabel"
+prod_hub_private_subnet_dns_label  = "prilabel"
 
 prod_spoke_vcn_cidr              = "10.2.0.0/16"
 prod_spoke_subnet_web_cidr_block = "10.2.1.0/24"
 prod_spoke_subnet_app_cidr_block = "10.2.2.0/24"
 prod_spoke_subnet_db_cidr_block  = "10.2.3.0/24"
+prod_subnet_app_dns_label        = "papplabel"
+prod_subnet_db_dns_label         = "pdblabel"
+prod_subnet_web_dns_label        = "pweblabel"
 
 nonprod_hub_vcn_cidr_block            = "10.3.0.0/16"
 nonprod_hub_public_subnet_cidr_block  = "10.3.1.0/24"
 nonprod_hub_private_subnet_cidr_block = "10.3.2.0/24"
+nonprod_hub_public_subnet_dns_label   = "npublabel"
+nonprod_hub_private_subnet_dns_label  = "nprilabel"
 
 nonprod_spoke_vcn_cidr              = "10.4.0.0/16"
 nonprod_spoke_subnet_web_cidr_block = "10.4.1.0/24"
 nonprod_spoke_subnet_app_cidr_block = "10.4.2.0/24"
 nonprod_spoke_subnet_db_cidr_block  = "10.4.3.0/24"
+nonprod_subnet_app_dns_label        = "napplabel"
+nonprod_subnet_db_dns_label         = "ndblabel"
+nonprod_subnet_web_dns_label        = "nweblabel"
 
 # Tagging
 prod_enable_tagging          = true