This is a Terraform module that deploys OCI Network Firewall solutions on Oracle Cloud Infrastructure (OCI). It is developed jointly by Oracle and Palo Alto Networks.
The Oracle Cloud Infrastructure (OCI) Quick Start is a collection of examples that allow OCI users to get a quick start deploying advanced infrastructure on OCI. The oci-network-firewall repository contains the initial templates that can be used for accelerating deployment of OCI Network Firewall Solution and related configuration from local Terraform CLI and OCI Resource Manager.
This repo is under active development. Building open source software is a community effort. We're excited to engage with the community building this.
This project contains multiple solutions. Each solution folder is structured in at least 3 modules:
- solution-folder: launch a simple VM that subscribes to a Marketplace Image running from Terraform CLI.
- solution-folder/build-orm: Package cloudguard-ngfw template in OCI Resource Manager Stack format.
- solution-folder/terraform-modules: Contains a list of re-usable terraform modules (if any) for managing infrastructure resources like vcn, subnets, security, etc.
This project includes below solutions supported:
- OCI Network Firewall Reference Architecture : oci-network-firewall-reference-architecture this allows end user to deploy OCI Network Firewall in a distributed architecture. It uses Dynamic Routing Gateway to communicate between VCNs and from/to VCNs.
- Create Certificate Scripts : create-certificate this allows end user to create certificate using shell script. Which can be used to create decryption profiles on OCI Network Firewall Policy.
To get it started, navigate to the solution folder and check individual README.md file.
This project welcomes contributions from the community. Before submitting a pull request, please review our contribution guide
Please consult the security guide for our responsible security vulnerability disclosure process
Copyright (c) 2022 Oracle and/or its affiliates.
Released under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl/.