Note:

• This tutorial requires access to Oracle Cloud. To sign up for a free account, see Get started with Oracle Cloud Infrastructure Free Tier.
• It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.

QuickStart Oracle Database@Azure with Terraform or OpenTofu Modules

Introduction

Oracle Database@Azure is an Oracle Database service running on Oracle Cloud Infrastructure (OCI), co-located in Microsoft data centers, empowering you to use Oracle Database services with fastest connection to Azure resources. The multicloud onboarding involves multiple steps navigating between OCI and Microsoft Azure portal. This tutorial explains how to streamline the provision process by leveraging our reference implementation of Terraform or OpenTofu modules and templates, available in the GitHub repository of OCI multicloud landing zone for Microsoft Azure: terraform-oci-multicloud-azure.

Provision Process

Once you have completed the service purchase, you can start simplifying the provision process with Terraform or OpenTofu.

There are multiple steps an organization must perform to purchase, configure, and use the service in their Azure environment. Depending on your organization’s Azure configuration, policies, and procedures you may use some or all of the steps outlined in the figure below. The diagram below illustrates opportunities for Terraform or OpenTofu to simplify the provisioning process, eliminating manual steps performed in the Azure Portal and OCI Console.

To get a quickstart with using the Terraform templates and modules, typically you will have to go through these high level tasks.

Objectives

• Quickstart Oracle Database@Azure with Terraform or OpenTofu modules

Prerequisites

• Ensure that your environment has the necessary software installed. Apart from Terraform or OpenTofu and Azure/OCI CLI, you will also need Python for operations that are not supported by Terraform providers at the moment.

Task 1: Fork and Clone the GitHub repository

Clone the terraform-oci-multicloud-azure repository and navigate to the appropriate template directory to get started. Alternatively, you can fork it first, which allows you to sync your copy with our latest updates later, or optionally contribute your updates via through a pull request.

Task 2: Initialize Terraform

Run terraform init or tofu init in your terminal to setup the local Terraform environment. Alternatively, you can configure Terraform with remote state by refer to documentations from Terraform, OCI or Azure for further details.

Task 3: Configure the Required Terraform Variables

Each template directory contains a terraform.tfvars.template file makes it easy for you to populate the required input variables. You can leverage it to construct your own variable definition file (for example, terraform.tfvars), or alternatively make use of other methods (for example, environment variables with TF_VAR_ prefix, or terraform CLI with -var parameters ) to setup the required variables.

Task 4: Authenticate to Azure and OCI

Some of the terraform templates leverage both OCI and Azure terraform providers, you must login to each environment before provisioning.

• OCI Authentication

  The OCI Terraform provider supports multiple authentication methods. For more information, see Configuring the Provider.

  We recommend to configure OCI Terraform provider using API Key Authentication. For more information, see API Key Authentication.

  export TF_VAR_oci_tenancy_ocid="OCID of the OCI tenancy"
  export TF_VAR_oci_user_ocid="<OCID of the OCI user>"
  export TF_VAR_oci_private_key_path="<path (including filename) of the private key>"
  export TF_VAR_oci_fingerprint="<Key's fingerprint>"
  

  You can verify the configuration using OCI CLI.

  export OCI_CLI_TENANCY=$TF_VAR_oci_tenancy_ocid
  export OCI_CLI_USER=$TF_VAR_oci_user_ocid
  export OCI_CLI_FINGERPRINT=$TF_VAR_oci_fingerprint
  export OCI_CLI_KEY_FILE=$TF_VAR_oci_private_key_path
  oci iam tenancy get --tenancy-id $TF_VAR_oci_tenancy_ocid --output table --query "data.{Name:name, OCID:id}" --auth api_key
  

• Azure Authentication

  You can Authenticate to Azure with service principal and verify it with Azure CLI. For more information, see Authenticate Terraform to Azure.

  export ARM_CLIENT_ID="<service_principal_appid>"
  export ARM_CLIENT_SECRET="<service_principal_password>"
  export ARM_TENANT_ID="<azure_subscription_tenant_id>"
  export ARM_SUBSCRIPTION_ID="<azure_subscription_id>"
  az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET -t $ARM_TENANT_ID
  az account show -o table
  

Task 5: Review and Apply the Terraform Plan

After configuring your variables and authentication, run terraform plan or tofu plan to review the changes. Once you are satisfied with the plan, proceed by running terraform apply or tofu apply to provision the configurations.

Terraform Templates

The following table outlines the available Terraform templates, describes what they do and which Terraform Provider they rely on. You can use them individually according to your situation, and you can further customise them with OCI Landing Zone and Azure Verified Modules (AVM) for a more complex setup. For more information about Microsoft and HashiCorp’s joint guidance usage scenarios of AzureRM and AzAPI, see Unlocking the Best of Azure with AzureRM and AzAPI Providers.

Exadata and Autonomous Database

Oracle Database@Azure	AzureRM	AzAPI
Exadata	Quickstart Exadata with OCI Landing Zone Modules (azurerm-oci-exadata-quickstart)	Quickstart Exadata with Azure Verified Modules (avm-oci-exadata-quickstart)
Autonomous Database	Quickstart Autonomous Database with AzureRM (azurerm-oci-adbs-quickstart)	Quickstart Autonomous Database with AzAPI (az-oci-adbs)

Identity

• Terraform Template to setup SSO Federation between OCI & Azure

• Terraform Template to setup RBAC and SSO Federation between OCI & Azure

Next Steps

This tutorial explained how you can use Terraform or OpenTofu in provisioning Oracle Database@Azure services. See the Related Links section for details about Oracle Database@Azure, automation effort, and more.

Let us know if you have any feature or enhancement request by creating a GitHub issue on our repository or engage with our OCI Multicloud Forum. We are eager to support your use case every step of the way.

Related Links

• Become an Oracle Database@Azure Specialist

• Quickstart Terraform Templates and Modules

• Azure Verified Module for Virtual Network

• Quickstart: Install and Configure Terraform For Azure

• Terraform: Set Up OCI Terraform

• Oracle Database@Azure

• Reference architectures for Oracle Database@Azure

• Learn more about multicloud solutions

Acknowledgments

• Author - Steven Chan (Senior Principal Product Manager, OCI Multicloud)

• Contributors - Anwar Belayachi (Senior Principal Solution Architect, OCI Multicloud), John Wargo (Principal Product Manager), Partha Srinivasan (Principal Product Manager), Wei Han (Principal Product Manager)

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.

---

Title and Copyright Information

QuickStart Oracle Database@Azure with Terraform or OpenTofu Modules

G13011-02

November 2024

Copyright ©2024,

Oracle and/or its affiliates.