OCI Multicloud Landing Zone for Azure for Autonomous Database Services
Oracle Cloud Infrastructure (OCI) partnered with Microsoft Azure to develop and distribute HashiCorp Terraform/OpenTofu modules that streamline the provisioning process.
Introduction
Using both OCI Multicloud Landing Zone for Azure (OCI LZ) and Microsoft Verified Modules (MVM), multiple templates empower Oracle Database@Azure. These Terraform/OpenTofu modules leverage four (4) terraform providers, AzureRM, AzureAD, AzAPI, and OCI, covering IAM, networking, and database layer resources. Leverage these reference implementations for a quick start deployment, or customize them for a more complex topology fit to your needs.
                  
The diagram below illustrates where Terraform or OpenTofu can be introduced to streamline the identity, access, networking, and provisioning processes within Oracle Database@Azure.
Description of the illustration odaaz-terraform-architecture.png
There are limited properties of Oracle Database@Azure updatable from Azure at the moment, either via Azure Portal or
AzAPI/AzureRM Terraform provider. If you allow changes via Oracle Cloud Infrastructure instead (e.g. Console or Oracle Cloud Infrastructure Terraform provider), we recommend you:
                     - Leverage the ignore_changes of the lifecycle block in the AzureRM/AzAPIresource block so that Terraform would not trigger a force replacement plan when you update the Autonomous Database outsideAzureRM/AzAPIworkflow. For more details, please refer to our module as a reference implementation.
- Avoid using the "-auto-approve" option for "Terraform apply", which is aligning with HashiCorp Terraform's recommendation.
Updatable properties for Oracle Autonomous Database@Azure:
- ECPU Count
- Compute auto scaling
- Storage auto scaling
- Backup retention period, only via AzAPI.
- Long-term backup schedule, only via AzAPI.
Prerequisites
- Complete, at a minimum, steps 1-2 of the Onboarding with Oracle Database@Azure.
- Have a Terraform/OpenTofu, OCI CLI, Azure CLI, and python (minimum 3.4) environment. For more information, see the Oracle Multicloud Landing Zone for Azure README.
Dependencies
The Oracle Multicloud Landing Zone for Azure modules and templates use multiple Terraform providers.
| Terraform/OpenTofu Providers | Terraform/OpenTofu Modules | 
|---|---|
Templates
Refer to Oracle Multicloud Landing Zone for Azure for module details.
| Template | Use Case and Configurations | Terraform/OpenTofu Providers | 
|---|---|---|
| azurerm-oci-adbs-quickstart | Quick start Autonomous Database ( | |
| az-oci-adbs | Quick start Autonomous Database ( 
 | |
| az-oci-rbac-n-sso-fed | Setup both identity federation and RBAC roles/groups | All the below | 
| az-oci-sso-federation | Setup SSO Between OCI and Microsoft Entra ID 
 | |
| az-odb-rbac | Create roles and groups in Azure for Exadata and Autonomous Database services. 
 | 
Additional Terraform/OpenTofu Resources