vcscsvcscs/OCI-Kubernetes-cluster-with-traefik
1
0
Fork 0
mirror of https://github.com/vcscsvcscs/OCI-Kubernetes-cluster-with-traefik.git synced 2025-08-13 22:39:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

add half done self managed version

Browse Source
This commit is contained in:
Vargha Csongor
2024-03-03 12:39:01 +01:00
parent 42fc446cc7
commit 49b182878b
22 changed files with 1951 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
self-managed/iam.tf Normal file
View File

@@ -0,0 +1,28 @@
resource "oci_identity_dynamic_group" "compute_dynamic_group" {
compartment_id = var.tenancy_ocid
description = "Dynamic group which contains all instance in this compartment"
matching_rule = "All {instance.compartment.id = '${var.compartment_ocid}'}"
name = var.oci_identity_dynamic_group_name
freeform_tags = {
"provisioner" = "terraform"
"environment" = "${var.environment}"
"${var.unique_tag_key}" = "${var.unique_tag_value}"
}
}
resource "oci_identity_policy" "compute_dynamic_group_policy" {
compartment_id = var.compartment_ocid
description = "Policy to allow dynamic group ${oci_identity_dynamic_group.compute_dynamic_group.name} to read instance-family and compute-management-family in the compartment"
name = var.oci_identity_policy_name
statements = [
"allow dynamic-group ${oci_identity_dynamic_group.compute_dynamic_group.name} to read instance-family in compartment id ${var.compartment_ocid}",
"allow dynamic-group ${oci_identity_dynamic_group.compute_dynamic_group.name} to read compute-management-family in compartment id ${var.compartment_ocid}"
]
freeform_tags = {
"provisioner" = "terraform"
"environment" = "${var.environment}"
"${var.unique_tag_key}" = "${var.unique_tag_value}"
}
}