Allow VPC attachment to a DRG located in another compartment #14
Description
Community note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Description
In the context of VPC attachments to a DRG which is in another compartment (because potentially managed by other Network dept.), we would like to be able to use this module close to where we create the VPCs which will be attached to it. Therefore, beside the policies statements* required to do the attachments, we would need to adapt the current code with the terraform proposition below.
Note:
policy statements required to attach VPCs in another compartment than the DRG.
Allow group '<group-name>' to use drg in compartment '<drg-cmp-ocid>',
Allow group '<group-name>' to manage drg-route-tables in compartment '<drg-cmp-ocid>',
Allow group '<group-name>' to manage drg-attachment in compartment '<drg-cmp-ocid>'
New or existing resource(s)
- add a new variable
drg_compartment_idwhich is null by default - modify the datasource
data.oci_core_drgs.drg_datato use it in case the DRG is in another compartment.
Example Terraform configuration
data "oci_core_drgs" "drg_data" {
compartment_id = coalesce(var.drg_compartment_id, var.compartment_id)
filter {
name = "id"
values = [var.drg_id == null ? "none" : var.drg_id]
}
}