Create the Compartment Infrastructure Resources

Compartment resources are virtual containers that delineate resources for each function: networks, administration, shared services, business logic, databases and deployments.

About Compartment Resources

Compartment resources are created to separate resources according to logical boundaries.

In your Terraform script, you create compartments across each availability domain in the region. Compartments let you create policies and apply them to the resources in particular compartments.

• Networks compartment: The networks compartment lets you manage network traffic into and out of the tenancy. Within the network compartment, you create virtual cloud networks (VCNs), and public and private subnets.
• Admin compartment: The admin compartment lets you create demilitarized zone (DMZ) subnets for additional network security, including definitions for Bastion hosts.
• Shared services compartment: The shared services compartment includes resources that are common across instances in the business logic and database compartment, such as storage services.
• Business logic compartment: The business logic compartment lets you define resources that provide a specific business function, such as WebLogic application services, PeopleSoft applications or E-Business Suite.
• Database compartment: The database compartment lets you separate data resources from the rest of tenancy for increased security. This approach lets you define restrictive polices to manage database resources.

Description of the illustration compartments_arch.png

Define the Compartments Infrastructure Resources

Create the compartments module configuration files that define the compartment resources.

1. Change directories to the compartments folder.
2. Create a text file named compartments.tf and copy the following code into the file.

   resource "oci_identity_compartment" "networks" {
     description = "The networks compartment"
     name        = "${var.app_tag}_${var.environment}_networks"
   }
   
   resource "oci_identity_compartment" "admin" {
     description = "The admin compartment"
     name        = "${var.app_tag}_${var.environment}_admin"
   }
   
   resource "oci_identity_compartment" "shared_services" {
     description = "The shared_services compartment"
     name        = "${var.app_tag}_${var.environment}_shared_services"
   }
   
   resource "oci_identity_compartment" "business_logic" {
     description = "The business_logic compartment"
     name        = "${var.app_tag}_${var.environment}_business_logic"
   }
   
   resource "oci_identity_compartment" "database" {
     description = "The database compartment"
     name        = "${var.app_tag}_${var.environment}_database"
   }
   

Build the Compartment Infrastructure Terraform Configuration

Create the Terraform configuration files to define variables that are passed from the root file to the compartments module and to report data back to the Terraform user.

1. In the compartments folder, create a text file named variables.tf and copy the following code into the file.

   variable "tenancy_ocid" {}
   
   variable "app_tag" {}
   
   variable "environment" {}

2. Create a text file named compartments_output.tf and copy the following code into the file.

   output "networks_id" {
     value = "${oci_identity_compartment.networks.id}"
   }
   
   output "admin_id" {
     value = "${oci_identity_compartment.admin.id}"
   }
   
   output "shared_services_id" {
     value = "${oci_identity_compartment.shared_services.id}"
   }
   
   output "business_logic_id" {
     value = "${oci_identity_compartment.business_logic.id}"
   }
   
   output "database_id" {
     value = "${oci_identity_compartment.database.id}"
   }