oci_core_drg_attachment
This resource provides the Drg Attachment resource in Oracle Cloud Infrastructure Core service.
Attaches the specified DRG to the specified network resource. A VCN can be attached to only one DRG
at a time, but a DRG can be attached to more than one VCN. The response includes a DrgAttachment
object with its own OCID. For more information about DRGs, see
Dynamic Routing Gateways (DRGs).
You may optionally specify a display name for the attachment, otherwise a default is provided. It does not have to be unique, and you can change it. Avoid entering confidential information.
For the purposes of access control, the DRG attachment is automatically placed into the currently selected compartment. For more information about compartments and access control, see Overview of the IAM Service.
Example Usage
resource "oci_core_drg_attachment" "test_drg_attachment" {
#Required
drg_id = oci_core_drg.test_drg.id
#Optional
defined_tags = {"Operations.CostCenter"= "42"}
display_name = var.drg_attachment_display_name
drg_route_table_id = oci_core_drg_route_table.test_drg_route_table.id
freeform_tags = {"Department"= "Finance"}
network_details {
#Required
id = oci_core_vcn.test_vcn.id
type = var.drg_attachment_network_details_type
#Optional
id = var.drg_attachment_network_details_id
route_table_id = oci_core_route_table.test_route_table.id
vcn_route_type = var.drg_attachment_network_details_vcn_route_type
}
}
Argument Reference
The following arguments are supported:
defined_tags- (Optional) (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:{"Operations.CostCenter": "42"}display_name- (Optional) (Updatable) A user-friendly name. Does not have to be unique, and it’s changeable. Avoid entering confidential information.drg_id- (Required) The OCID of the DRG.drg_route_table_id- (Optional) (Updatable) The OCID of the DRG route table that is assigned to this attachment.The DRG route table manages traffic inside the DRG.
export_drg_route_distribution_id- (Optional) (Updatable) The OCID of the export route distribution used to specify how routes in the assigned DRG route table are advertised to the attachment. If this value is null, no routes are advertised through this attachment. This field cannot be set by the user while creating the resource and gets a default value on creation. This can be only be updated to its default value. If this fields needs to be set to null, remove_export_drg_route_distribution_trigger needs to be used.freeform_tags- (Optional) (Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:{"Department": "Finance"}network_details- (Optional) (Updatable)id- (Optional) The OCID of the network attached to the DRG.route_table_id- (Optional) (Updatable) This is the OCID of the route table that is used to route the traffic as it enters a VCN through this attachment.For information about why you would associate a route table with a DRG attachment, see Advanced Scenario: Transit Routing. For information about why you would associate a route table with a DRG attachment, see:
type- (Required) (Updatable) The type can be one of these values:IPSEC_TUNNEL,LOOPBACK,REMOTE_PEERING_CONNECTION,VCN,VIRTUAL_CIRCUITvcn_route_type- (Optional) (Updatable) Indicates whether the VCN CIDRs or the individual subnet CIDRs are imported from the attachment. Routes from the VCN ingress route table are always imported.
route_table_id- (Optional) (Updatable) The OCID of the route table used by the DRG attachment.If you don’t specify a route table here, the DRG attachment is created without an associated route table. The Networking service does NOT automatically associate the attached VCN’s default route table with the DRG attachment. For information about why you would associate a route table with a DRG attachment, see:
- Transit Routing: Access to Multiple VCNs in Same Region
- Transit Routing: Private Access to Oracle Services This field is deprecated. Instead, use the networkDetails field to specify the VCN route table for this attachment.
vcn_id- (Deprecated) (Optional) The OCID of the VCN. This field is deprecated. Instead, use thenetworkDetailsfield to specify the OCID of the attached resource.remove_export_drg_route_distribution_trigger- (Optional) (Updatable) An optional property when set to true during update disables the export of route Distribution by setting export_drg_route_distribution_id to null.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Attributes Reference
The following attributes are exported:
compartment_id- The OCID of the compartment containing the DRG attachment.defined_tags- Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example:{"Operations.CostCenter": "42"}display_name- A user-friendly name. Does not have to be unique, and it’s changeable. Avoid entering confidential information.drg_id- The OCID of the DRG.drg_route_table_id- The OCID of the DRG route table that is assigned to this attachment.The DRG route table manages traffic inside the DRG.
export_drg_route_distribution_id- The OCID of the export route distribution used to specify how routes in the assigned DRG route table are advertised to the attachment. If this value is null, no routes are advertised through this attachment.freeform_tags- Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example:{"Department": "Finance"}id- The DRG attachment’s Oracle ID (OCID).is_cross_tenancy- Indicates whether the DRG attachment and attached network live in a different tenancy than the DRG. Example:falsenetwork_details-id- The OCID of the network attached to the DRG.ids- The OCID of the target IPSec tunnel attachment.ipsec_connection_id- The IPSec connection that contains the attached IPSec tunnel.route_table_id- The OCID of the route table the DRG attachment is using.For information about why you would associate a route table with a DRG attachment, see:
transport_attachment_id- The OCID of the virtual circuit’s DRG attachment.transport_only_mode- Boolean flag that determines wether all traffic over the virtual circuits is encrypted. Example:truetype- The type can be one of these values:IPSEC_TUNNEL,LOOPBACK,REMOTE_PEERING_CONNECTION,VCN,VIRTUAL_CIRCUITvcn_route_type- Indicates whether the VCN CIDRs or the individual subnet CIDRs are imported from the attachment. Routes from the VCN ingress route table are always imported.
route_table_id- The OCID of the route table the DRG attachment is using.For information about why you would associate a route table with a DRG attachment, see:
- Transit Routing: Access to Multiple VCNs in Same Region
- Transit Routing: Private Access to Oracle Services
This field is deprecated. Instead, use the
networkDetailsfield to view the OCID of the attached resource.state- The DRG attachment’s current state.time_created- The date and time the DRG attachment was created, in the format defined by RFC3339. Example:2016-08-25T21:10:29.600Zvcn_id- The OCID of the VCN. This field is deprecated. Instead, use thenetworkDetailsfield to view the OCID of the attached resource.
Timeouts
The timeouts block allows you to specify timeouts for certain operations:
* create - (Defaults to 20 minutes), when creating the Drg Attachment
* update - (Defaults to 20 minutes), when updating the Drg Attachment
* delete - (Defaults to 20 minutes), when destroying the Drg Attachment
Import
DrgAttachments can be imported using the id, e.g.
$ terraform import oci_core_drg_attachment.test_drg_attachment "id"