Note:
- This tutorial requires access to Oracle Cloud. To sign up for a free account, see Get started with Oracle Cloud Infrastructure Free Tier.
- It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.
QuickStart Oracle Database@Azure with Terraform or OpenTofu Modules
Introduction
Oracle Database@Azure is an Oracle Database service running on Oracle Cloud Infrastructure (OCI), colocated in Microsoft data centers, empowering you to use Oracle Database services with fastest connection to Azure resources. The multicloud onboarding involves multiple steps navigating between OCI and Microsoft Azure portal. This tutorial explains how to streamline the provision process by leveraging our reference implementation of Terraform or OpenTofu modules and templates, available in the GitHub repository of OCI multicloud landing zone for Microsoft Azure: terraform-oci-multicloud-azure.
Provision Process
Once you have completed the service purchase, you can start simplifying the provision process with Terraform or OpenTofu.
There are multiple steps an organization must perform to purchase, configure, and use the service in their Azure environment. Depending on your organization’s Azure configuration, policies, and procedures you may use some or all of the steps outlined in the figure below. The diagram below illustrates opportunities for Terraform or OpenTofu to simplify the provisioning process, eliminating manual steps performed in the Azure Portal and OCI Console.
To get a quickstart with using the Terraform templates and modules, typically you will have to go through these high level tasks.
Objectives
- Quickstart Oracle Database@Azure with Terraform or OpenTofu modules
Prerequisites
- Ensure that your environment has the necessary software installed. Apart from Terraform or OpenTofu and Azure/OCI CLI, you will also need Python for operations that are not supported by Terraform providers at the moment.
Task 1: Fork and Clone the GitHub repository
Clone the terraform-oci-multicloud-azure repository and navigate to the appropriate template directory to get started. Alternatively, you can fork it first, which allows you to sync your copy with our latest updates later, or optionally contribute your updates via through a pull request.
Task 2: Initialize Terraform
Run terraform init
or tofu init
in your terminal to setup the local Terraform environment. Alternatively, you can configure Terraform with remote state by refer to documentations from Terraform, OCI or Azure for further details.
Task 3: Configure the Required Terraform Variables
Each template directory contains a terraform.tfvars.template
file makes it easy for you to populate the required input variables. You can leverage it to construct your own variable definition file (for example, terraform.tfvars
), or alternatively make use of other methods (for example, environment variables with TF_VAR_
prefix, or terraform CLI with -var
parameters ) to setup the required variables.
Task 4: Authenticate to Azure and OCI
Since the terraform templates leverage both OCI and Azure terraform providers, you must login to each environment before provisioning. For example, oci session authenticate
and az login
. You can authenticate using alternative methods as stated in the linked OCI and Azure documentation.
Task 5: Review and Apply the Terraform Plan
After configuring your variables and authentication, run terraform plan
or tofu plan
to review the changes. Once you are satisfied with the plan, proceed by running terraform apply
or tofu apply
to provision the configurations.
Terraform Templates and Modules Coverage
The following table outlines the available Terraform templates, describes what they do and which modules they rely on. You can use them individually according to your situation, and you can combine them with Azure Verified Modules (AVM) for a more complex setup. For example, we have leveraged AVM for the Azure network configuration.
Template | Configuration | Modules |
---|---|---|
az-oci-sso-federation for SSO between OCI and Azure | 1. Get service provider metadata from OCI IAM 2. Create a Microsoft Entra ID application 3. Set up SAML SSO for the Entra ID application 4. Set up Attributes and Claims in your new Entra ID application 5. Assign a Test User to the Entra ID application 6. Enable Entra ID as the Identity Provider (IdP) for OCI IAM 7. Set up Identity Lifecycle Management from Entra ID to OCI IAM |
oci-identity-domain azure-ad oci-identity-provider azure-id-lifecycle |
az-odb-rbac for RBAC of ExaDB and/or ADB-S | 1. Create Azure role definition for ADB-S Administrator role 2. Create Azure groups 3. Create Azure role assignment |
azure-identity |
az-oci-rbac-n-sso-fed for both SSO and RBAC enablement | All the above | All the above |
az-oci-exa-pdb for Oracle Exadata Database Service | 1. Configure Azure VNet with a delegated subnet for Oracle Database@Azure 2. Create Exadata Infrastructure 3. Create Exadata VM Cluster 4. Create Database Home 5. Create Container Database (CDB) 6. Create Pluggable Database (PDB) |
Azure/avm-res-network-virtualnetwork azure-exainfra-vmcluster oci-db-home-cdb-pdb |
az-oci-adbs for Autonomous Database | 1. Configure Azure VNet with a delegated subnet for Oracle Database@Azure 2. Create Oracle Autonomous Database |
Azure/avm-res-network-virtualnetwork azure-oracle-adbs |
Next Steps
This tutorial explained how you can use Terraform or OpenTofu in provisioning Oracle Database@Azure services. See the Related Links section for details about Oracle Database@Azure, automation effort, and more.
Let us know if you have any feature or enhancement request by creating a GitHub issue on our repository or engage with our OCI Multicloud Forum. We are eager to support your use case every step of the way.
Related Links
Acknowledgments
-
Author - Steven Chan (Senior Principal Product Manager, OCI Multicloud)
-
Contributors - Anwar Belayachi (Senior Principal Solution Architect, OCI Multicloud), John Wargo (Principal Product Manager), Partha Srinivasan (Principal Product Manager), Wei Han (Principal Product Manager)
More Learning Resources
Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.
For product documentation, visit Oracle Help Center.
QuickStart Oracle Database@Azure with Terraform or OpenTofu Modules
G13011-01
August 2024