Merge pull request #177 from oracle-quickstart/WRK_EXADATA

Fixed Minor Issue
oci-landing-zones · Mar 8, 2024 · 5bfe796 · 5bfe796
2 parents e498247 + 6980446
commit 5bfe796
Show file tree

Hide file tree

Showing 7 changed files with 23 additions and 8 deletions.
diff --git a/Official_Documentation/OELZ_Baseline_Deployment/Architecture_Guide.md b/Official_Documentation/OELZ_Baseline_Deployment/Architecture_Guide.md
@@ -137,6 +137,9 @@ Use the same group names in Oracle Cloud Infrastructure as you use for Active Di
 
 For more information about federating with Active Directory, see [Federating with Microsoft Active Directory](https://docs.oracle.com/iaas/Content/Identity/Tasks/federatingADFS.htm).
 
+For more information about federating with 3rd party Identity Providers with IAM Identity domain. [Managing Identity Providers](https://docs.oracle.com/en-us/iaas/Content/Identity/identityproviders/manage-identity-providers.htm#manage-identity-providers).
+
+
 ## _Compliance_
 
 OELZv2 includes a set of pre-built policies and guardrails that help ensure that your OCI environment has a strong security foundation to help your organization achieve your security compliance goals.  The security controls that have been implemented in OELZv2 include recommendations that help our customers attain [CIS 1.2](https://www.cisecurity.org/benchmark/oracle_cloud) compliance Level 1.

diff --git a/templates/elz-exadata-spoke/tagging.tf b/templates/elz-exadata-spoke/tagging.tf
@@ -20,7 +20,7 @@ locals {
     }
     tag_default_map = {
       architecture_tag = {
-        compartment_id      = module.workload_compartment.compartment_id
+        compartment_id      = var.workload_compartment_id
         tag_definition_name = "architecture_tag"
         value               = "3.0.0"
         is_required         = false

diff --git a/templates/elz-exadata-spoke/variables.tf b/templates/elz-exadata-spoke/variables.tf
@@ -142,3 +142,7 @@ variable "enable_fan_events" {
   type        = bool
   description = "Security List to be enabled for ONS FAN events"
 }
+variable "is_baseline_deploy" {
+  type        = bool
+  description = "TagNameSpace Optimization: Enable this flag to disable dependent module TagNameSpace Tag Creation."
+}
diff --git a/templates/elz-exadata-workload/logging.tf b/templates/elz-exadata-workload/logging.tf
@@ -11,18 +11,22 @@ locals {
     log_source_service  = "flowlogs"
     log_source_type     = "OCISERVICE"
   }
+  wrk_private_spoke_subnet_lb_display_name     = var.workload_private_spoke_subnet_lb_display_name != "" ? var.workload_private_spoke_subnet_lb_display_name : "OCI-ELZ-${var.workload_prefix}-EXA-SPK-SUB-${local.region_key[0]}-LB"
+  wrk_private_spoke_subnet_app_display_name    = var.workload_private_spoke_subnet_app_display_name != "" ? var.workload_private_spoke_subnet_app_display_name : "OCI-ELZ-${var.workload_prefix}-EXA-SPK-SUB-${local.region_key[0]}-APP"
+  wrk_private_spoke_subnet_client_display_name = var.workload_private_spoke_subnet_client_display_name != "" ? var.workload_private_spoke_subnet_client_display_name : "OCI-ELZ-${var.workload_prefix}-EXA-SPK-SUB-${local.region_key[0]}-CLT"
+  wrk_private_spoke_subnet_backup_display_name = var.workload_private_spoke_subnet_backup_display_name != "" ? var.workload_private_spoke_subnet_backup_display_name : "OCI-ELZ-${var.workload_prefix}-EXA-SPK-SUB-${local.region_key[0]}-BKP"
 
   subnets_map = {
-    SPK1 : module.exadata_workload_expansion_spoke.subnets["OCI-ELZ-${var.workload_prefix}-EXA-SPK-SUB-${local.region_key[0]}-LB"]
-    SPK2 : module.exadata_workload_expansion_spoke.subnets["OCI-ELZ-${var.workload_prefix}-EXA-SPK-SUB-${local.region_key[0]}-APP"]
-    SPK3 : module.exadata_workload_expansion_spoke.subnets["OCI-ELZ-${var.workload_prefix}-EXA-SPK-SUB-${local.region_key[0]}-CLT"]
-    SPK4 : module.exadata_workload_expansion_spoke.subnets["OCI-ELZ-${var.workload_prefix}-EXA-SPK-SUB-${local.region_key[0]}-BKP"]
+    SPK1 : module.exadata_workload_expansion_spoke.subnets[local.wrk_private_spoke_subnet_lb_display_name]
+    SPK2 : module.exadata_workload_expansion_spoke.subnets[local.wrk_private_spoke_subnet_app_display_name]
+    SPK3 : module.exadata_workload_expansion_spoke.subnets[local.wrk_private_spoke_subnet_client_display_name]
+    SPK4 : module.exadata_workload_expansion_spoke.subnets[local.wrk_private_spoke_subnet_backup_display_name]
   }
 
 }
 
 module "vcn_flow_log" {
-  source = "../../modules/service-log"
+  source = "../../modules/service-log-map"
 
   service_log_map     = local.subnets_map
   log_display_name    = local.vcn_flow_log.log_display_name

diff --git a/templates/elz-exadata-workload/network.tf b/templates/elz-exadata-workload/network.tf
@@ -14,6 +14,8 @@ module "exadata_workload_expansion_spoke" {
   vcn_display_name        = var.vcn_display_name != "" ? var.vcn_display_name : "OCI-ELZ-${var.workload_prefix}-EXA-SPK-VCN-${local.region_key[0]}"
   db_port                 = var.db_port
   enable_fan_events       = var.enable_fan_events
+  is_baseline_deploy      = var.is_baseline_deploy
+
   #Spoke VCN Subnet Variables
   workload_private_spoke_subnet_lb_display_name     = var.workload_private_spoke_subnet_lb_display_name != "" ? var.workload_private_spoke_subnet_lb_display_name : "OCI-ELZ-${var.workload_prefix}-EXA-SPK-SUB-${local.region_key[0]}-LB"
   workload_private_spoke_subnet_app_display_name    = var.workload_private_spoke_subnet_app_display_name != "" ? var.workload_private_spoke_subnet_app_display_name : "OCI-ELZ-${var.workload_prefix}-EXA-SPK-SUB-${local.region_key[0]}-APP"

diff --git a/templates/elz-exadata-workload/variables.tf b/templates/elz-exadata-workload/variables.tf
@@ -38,8 +38,10 @@ variable "enable_fan_events" {
   description = "Security List to be enabled for ONS FAN events"
   default     = true
 }
+
 variable "is_baseline_deploy" {
   type        = bool
+  default     = false
   description = "TagNameSpace Optimization: Enable this flag to disable dependent module TagNameSpace Tag Creation."
 }
 

diff --git a/templates/elz-logging/main.tf b/templates/elz-logging/main.tf
@@ -48,15 +48,15 @@ locals {
   }
 
   audit_log_service_connector = {
-    display_name  = "${var.resource_label}_${var.environment_prefix}_defaultLogs_standard"
+    display_name  = "${var.resource_label}_${var.environment_prefix}_auditLogs_standard"
     source_kind   = "logging"
     target_kind   = "objectStorage"
     log_group_id  = "_Audit_Include_Subcompartment"
     target_bucket = local.audit_log_bucket.name
   }
 
   default_log_service_connector = {
-    display_name  = "${var.resource_label}_${var.environment_prefix}_auditLogs_standard"
+    display_name  = "${var.resource_label}_${var.environment_prefix}_defaultLogs_standard"
     source_kind   = "logging"
     target_kind   = "objectStorage"
     target_bucket = local.default_log_bucket.name