Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Oracle partnered with Microsoft to develop and distribute HashiCorp Terraform/OpenTofu modules to streamline the process of provisioning Oracle Cloud Infrastructure (OCI) in Azure.
The OCI multicloud landing zone for Azure and Azure Verified Modules for Terraform give you a set of templates that help you provision Oracle Database@Azure. The Terraform/OpenTofu modules use four Terraform providers: AzureRM, AzureAD, AzAPI, and OCI. Together, they cover identity and access management (IAM), networking, and database layer resources. Apply these reference implementations for a quickstart deployment, or customize them for a more complex topology fit to your needs.
The following figure illustrates where Terraform or OpenTofu can be introduced to streamline the processes of identity, access, networking, and provisioning in Oracle Database@Azure.
Prerequisites
- Steps 1 and 2 completed in Onboard Oracle Database@Azure, minimum
- Terraform/OpenTofu, the OCI CLI, the Azure CLI, and Python (version 3.4 or later) installed in your environment
For more information, see Oracle multicloud landing zone for Azure on GitHub.
Dependencies
The multicloud landing zone for Azure modules and templates use multiple Terraform providers. The following table lists dependencies:
| Terraform/OpenTofu providers | Terraform/OpenTofu modules |
|---|---|
| AzAPI | OCI landing zone modules |
| AzureAD | Azure Verified Modules |
| AzureRM | |
| OCI |
Templates
The following table describes Oracle multicloud landing zone for Azure templates.
For more information about modules, see Oracle multicloud landing zone for Azure.
| Template | Use case and configurations | Terraform/OpenTofu providers |
|---|---|---|
| az-oci-adbs | Quickstart Oracle Autonomous Database | hashicorp/azurerm |
| - Configure an Azure virtual network with delegated subnet limits | azure/api | |
| - Provision Autonomous Database | ||
| az-oci-rbac-n-sso-fed | Set up identity federation and role-based access control (RBAC) roles and groups | All the following scenarios: |
| az-oci-sso-federation | Set up SSO between OCI and Microsoft Entra ID | hashicorp/azuread |
| - Get service provider metadata from OCI IAM | hashicorp/azurerm | |
| - Create a Microsoft Entra ID application | hashicorp/oci | |
| - Set up Security Assertion Markup Language (SAML) single sign-on (SSO) for a Microsoft Entra ID application | ||
| - Set up attributes and claims in a Microsoft Entra ID application | ||
| - Assign a test user to a Microsoft Entra ID application | ||
| - Enable a Microsoft Entra ID application as the identity provider (IdP) for OCI IAM | ||
| - Set up identity lifecycle management between OCI IAM and Microsoft Entra ID | ||
| az-odb-rbac | Create roles and groups in Azure for Oracle Exadata and Oracle Autonomous Database | hashicorp/azuread |
| - Create an Azure role definition for the ADBS Administrator role | hashicorp/azurerm | |
| - Create an Azure resource group | ||
| - Create an Azure role assignment |