Merge pull request #169 from oracle-quickstart/LANZ2666

Official Document Changes as per New Refactoring

Official_Documentation/OELZ_Baseline_Deployment/Architecture_Guide.md

@@ -421,7 +421,7 @@ The following OCI cloud-native services will be implemented by OELZv2 to help yo
 - Cloud Guard
 - Vulnerability Scanning Service (VSS)
 - Vault (Key Management)
-- Bastion
+
 
 **Cloud Guard**
 
@@ -455,19 +455,17 @@ OCI Vault is our cloud-native encryption management service that will be used in
 
 Please refer to [Vault (Key Management)](https://docs.oracle.com/en-us/iaas/Content/KeyManagement/Concepts/keyoverview.htm) for more details.
 
-**Bastion**
-
-OCI Bastions provides restricted and time-limited access to target resources that don't have public endpoints, letting authorized users connect from specific IP addresses to target resources using Secure Shell (SSH) sessions.  This Landing Zone deployment will also include the OCI Bastion service which allows privileged users to connect from specified IP Addresses to target resources over Secure Shell (SSH).   When connected via Bastion, users can interact with the target OCI resource by using any software or protocol supported by SSH. For example, you can use the Remote Desktop Protocol (RDP) to connect to a Windows host or use Oracle Net Services to connect to a database.  The Bastion Service is associated with a single VCN and there is a limit of 5 Bastions per region.
-
-For more information, please see [OCI Bastion](https://docs.oracle.com/en-us/iaas/Content/Bastion/Concepts/bastionoverview.htm).
 
 ## **_Workload Module_**
 The workload expansion module is responsible for deploying the resources for an empty workload. It will deploy following resources:
-* Compartment
-* Network (Spoke)
-* Logging
-* Monitoring
-* Policies and workload group
+
+- Compartment
+- Network (Spoke)
+- Logging
+- Monitoring
+- Policies and workload group
+- Bastion 
+
 
 **Compartment**
 
@@ -496,7 +494,13 @@ Same as the default workload, the monitoring structure contains following elemen
 - Monitor OCI service incidents and action required from OCI maintenance by subscribing to Console Announcements
 - Monitor Cloud Guard status (e.g. problemthresholdreached) by subscribing Cloud Guard events
 - Monitor VSS and Cloud Guard detected problem by subscribing Cloud Guard events
-- Enable metrics-based monitoring of Network, Security, Logging and Workload compartments by creating sample alarm rules for the deployed service metrics namespaces
+- Enable metrics-based monitoring of Network, Security, Logging and Workload compartments by creating sample alarm rules for the deployed service metrics namespaces.
+
+**Bastion**
+
+OCI Bastions provides restricted and time-limited access to target resources that don't have public endpoints, letting authorized users connect from specific IP addresses to target resources using Secure Shell (SSH) sessions.  This Landing Zone deployment will also include the OCI Bastion service which allows privileged users to connect from specified IP Addresses to target resources over Secure Shell (SSH).   When connected via Bastion, users can interact with the target OCI resource by using any software or protocol supported by SSH. For example, you can use the Remote Desktop Protocol (RDP) to connect to a Windows host or use Oracle Net Services to connect to a database.  The Bastion Service is associated with a single VCN and there is a limit of 5 Bastions per region.
+
+For more information, please see [OCI Bastion](https://docs.oracle.com/en-us/iaas/Content/Bastion/Concepts/bastionoverview.htm).
 
 **Policies and workload group**
 

Official_Documentation/OELZ_Baseline_Deployment/CONFIGURATION.md

@@ -24,6 +24,13 @@ The required provider variables for the OELZ:
 | <a name="input_region"></a> [region](#input\_region)                                                 | The OCI region to deploy the OELZ resources to.      | `string` | n/a     |   yes    |
 | <a name="input_resource_label"></a> [resource\_label](#input\_resource\_label)                       | The prefix used to avoid naming conflict                     | `string` | n/a     |    no    |
 
+## Environment Module
+
+By default, OELZ will deploy both the Production and Non-Production Environments. From Release v2.3.1 onwards, if end users don't need the Non-Proudction Environment, they can use the flag "is_nonprod_env_deploy" and set it to "false".
+
+| Name                                                                                                 | Description                                                  | Type     | Default | Required |
+| ---------------------------------------------------------------------------------------------------- | ------------------------------------------------------------ | -------- | ------- | :------: |
+| <a name="is_nonprod_env_deploy"></a> [is\_nonprod\_env\_deploy](#is\_nonprod\_env\_deploy)            | Deployment of Non-Production Environment.                   | `bool` | `"true"`    |    yes (In case Non-Prod Env not needed)    |
 
 ## Compartment Module
 

Official_Documentation/OELZ_Baseline_Deployment/IMPLEMENTATION.md

@@ -144,7 +144,7 @@ Environments are each full infrastructure deployments with their own hub-and-spo
 
 They are designed to ensure isolation between each environment. They can each contain multiple Workloads.
 
-The Oracle Enterprise Landing Zone will initially set up two Environments: `Prod` and `Nonprod`.  Infrastructure resources within each Environment will have a single letter abbreviation (such as `N` or `P`) to indicate which environment they are part of.
+The Oracle Enterprise Landing Zone will initially set up two Environments: `Prod` and `Nonprod`.  Infrastructure resources within each Environment will have a single letter abbreviation (such as `N` or `P`) to indicate which environment they are part of. From Release v2.3.1 onwards, if end users don't need the Non-Proudction Environment, they can use the flag "is_nonprod_env_deploy" and set it to "false".
 
 In the future, the `elz-environment` template will allow you to easily add new Environments to an existing Oracle Enterprise Landing Zone.
 

README.md

@@ -22,7 +22,7 @@ at [Official_Documentation/OELZ_Workload_Deployment](./Official_Documentation/OE
 ## Deploy Using Oracle Resource Manager
 1. Click to deploy the stack
 
-[![Deploy to Oracle Cloud](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/oracle-quickstart/oci-landing-zones/archive/refs/tags/v2.3.0.zip)
+[![Deploy to Oracle Cloud](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/oracle-quickstart/oci-landing-zones/archive/refs/tags/v2.3.1.zip)
 
     If you aren't already signed in, when prompted, enter the tenancy and user credentials. Review and accept the terms and conditions.
 

RELEASE.md

@@ -1,6 +1,13 @@
 # Release Notes
 
-## v2.2.2 - 2023-1-19
+## v2.3.1 - 2024-2-29
+-  Move Bastion resources to workload stack module.
+-  Added Flag to deploy Non-Production Environment as per customer need.
+-  Removed cloud guard target tenancy variable and changed default to Environment Home Compartment OCID.
+-  Added Access Governance Module on OELZ.
+
+
+## v2.3.0 - 2024-1-19
 -  Added Multi-Region and Disaster Recovery Module.
 -  Cloud Guard Key Replication from the Home Region to the Backup Region or vice-verse is currently not supported(Work in Progress).