Notitie
Voor toegang tot deze pagina is autorisatie vereist. U kunt proberen u aan te melden of de directory te wijzigen.
Voor toegang tot deze pagina is autorisatie vereist. U kunt proberen de mappen te wijzigen.
Oracle Cloud Infrastructure (OCI) partnered with Microsoft Azure to develop and distribute HashiCorp Terraform/OpenTofu modules that streamline the provisioning process.
Both OCI Multicloud Landing Zone for Azure (OCI LZ) and Microsoft Verified Modules (MVM) use multiple templates to empower Oracle Database@Azure. These Terraform/OpenTofu modules use four (4) terraform providers, AzureRM, AzureAD, AzAPI, and OCI, covering IAM, networking, and database layer resources. Apply these reference implementations for a quick start deployment, or customize them for a more complex topology fit to your needs.
The following diagram illustrates where Terraform or OpenTofu can be introduced to streamline the identity, access, networking, and provisioning processes within Oracle Database@Azure.
Prerequisites
- Complete, at a minimum, steps 1-2 of the Onboarding with Oracle Database@Azure.
- Have a Terraform/OpenTofu, OCI CLI, Azure CLI, and python (minimum 3.4) environment. For more information, see the Oracle Multicloud Landing Zone for Azure README.
Dependencies
The Oracle Multicloud Landing Zone for Azure modules and templates use multiple Terraform providers.
| Terraform/OpenTofu Providers | Terraform/OpenTofu Modules |
|---|---|
| AzAPI | OCI Landing Zone modules |
| AzureAD | Azure Verified Modules |
| AzureRM | |
| OCI |
Templates
For module details, see Oracle Multicloud Landing Zone for Azure.
| Template | Use Case and Configurations | Terraform/OpenTofu Providers |
|---|---|---|
| az-oci-exa-pdb | Quick start Exadata Database Service | hashicorp/azurerm |
| 1. Configuring Azure virtual network with delegated subnet limits | azure/azapi | |
| 2. Provision Exadata infrastructure | hashicorp/oci | |
| 3. Provision an Exadata VM Cluster | ||
| 4. Creating Database Home | ||
| 5. Creating Container Database (CDB) | ||
| 6. Creating Pluggable Database (PDB) | ||
| az-oci-rbac-n-sso-fed | Set up both identity federation and RBAC roles/groups | All the following |
| az-oci-sso-federation | Set up SSO Between OCI and Microsoft Entra ID | hashicorp/azuread |
| 1. Get service provider metadata from OCI IAM. | hashicorp/azurerm | |
| 2. Create an Microsoft Entra ID application. | hashicorp/oci | |
| 3. Set up SAML SSO for the Microsoft Entra ID application. | ||
| 4. Set up attributes and claims in the Microsoft Entra ID application. | ||
| 5. Assign a test user to the Microsoft Entra ID application. | ||
| 6. Enable the Microsoft Entra ID application as the Identity Provider (IdP) for OCI IAM. | ||
| 7. Set up Identity Lifecycle Management Between OCI IAM and Microsoft Entra ID. | ||
| az-odb-rbac | Create roles and groups in Azure for Exadata and Autonomous Database services. | hashicorp/azuread |
| 1. Create Azure role definition for ADBS Administrator role. | hashicorp/azurerm | |
| 2. Create Azure group. | ||
| 3. Create Azure role assignment. |