Merge branch 'master' of ssh://bitbucket.oci.oraclecorp.com:7999/orc/terraform-provider into release_gh

Author: TaranbirBhullar

CHANGELOG.md

@@ -1,3 +1,23 @@
+## 7.27.0 (November 20, 2025)
+
+### Added
+- Support for Marketplace Service Catalog Access Control feature
+- Support for Compute: GPU Memory Fabric API - Firmware Pinning
+- Support for Refresh Exa Dataguard Health
+- Support for AWS integration for DB@AWS - DBMCI
+- Support for Private Service Access
+- Support for GGS Zero ETL Usability Improvements
+- Support for Zero-Trust Packet Routing (ZPR) Security Attribute Onboarding for bastion service
+- Support for IPv6 and Reserved IPs in API Gateway
+- Support for IoT actions APIs and spec bug fixes
+- Support for [Terraform] Support AWS KMS integration for DB@AWS
+- Support for Data Catalog - ZPR Intercom
+- Revert SIGINT changes for ODSC
+- config for retries
+
+### Bug Fix
+- added support for real resource for Autonomous CC
+
 ## 7.26.1 (November 13, 2025)
 - Reverted Support for Passing TF CLI context to Go SDK
 

examples/api_gateway/gateway/main.tf

@@ -20,7 +20,7 @@ variable "compartment_ocid" {
 }
 
 variable "gateway_endpoint_type" {
-  default = "PRIVATE"
+  default = "PUBLIC"
 }
 
 variable "gateway_state" {
@@ -51,6 +51,10 @@ variable "deployment_state" {
   default = "ACTIVE"
 }
 
+variable "gateway_ip_mode" {
+  default = "IPV4"
+}
+
 provider "oci" {
   tenancy_ocid     = var.tenancy_ocid
   user_ocid        = var.user_ocid
@@ -70,6 +74,12 @@ resource "oci_core_subnet" "regional_subnet" {
   dhcp_options_id   = oci_core_vcn.vcn1.default_dhcp_options_id
 }
 
+resource "oci_core_public_ip" "reserved_public_ip" {
+  compartment_id = var.compartment_ocid
+  display_name   = "reservedPublicIp"
+  lifetime       = "RESERVED"
+}
+
 data "oci_identity_availability_domain" "ad" {
   compartment_id = var.tenancy_ocid
   ad_number      = 1
@@ -87,6 +97,11 @@ resource "oci_apigateway_gateway" "test_gateway" {
   compartment_id = var.compartment_ocid
   endpoint_type  = var.gateway_endpoint_type
   subnet_id      = oci_core_subnet.regional_subnet.id
+  ip_mode        = var.gateway_ip_mode
+  #Optional
+  ipv4address_configuration {
+    reserved_ip_ids = [oci_core_public_ip.reserved_public_ip.id]
+  }
 }
 
 resource "oci_apigateway_deployment" "test_deployment" {

examples/bastion/bastion.tf

@@ -24,6 +24,10 @@ variable "bastion_name" {
   default = "bastionExample"
 }
 
+variable "bastionWithSA_name" {
+  default = "bastionExampleWithSA"
+}
+
 variable "bastion_freeform_tags" {
   default = {
     "bar-key" = "bastion_test"
@@ -42,21 +46,20 @@ variable "tag_namespace_name" {
   default = "testexamples-tag-namespace"
 }
 
-
 provider "oci" {
   tenancy_ocid     = var.tenancy_ocid
   user_ocid        = var.user_ocid
   fingerprint      = var.fingerprint
   private_key_path = var.private_key_path
   region           = var.region
+  #version          = "7.22.0"
 }
 
 resource "oci_bastion_bastion" "test_bastion" {
   #Required
   bastion_type                   = "STANDARD"
   compartment_id                 = var.compartment_ocid
   target_subnet_id               = oci_core_subnet.test_subnet.id
-
   #Optional
   client_cidr_block_allow_list = var.bastion_client_cidr_block_allow_list
   defined_tags                 = {
@@ -67,6 +70,26 @@ resource "oci_bastion_bastion" "test_bastion" {
   max_session_ttl_in_seconds   = var.bastion_max_session_ttl_in_seconds
 }
 
+resource "oci_bastion_bastion" "test_bastion_with_security_attribute" {
+  #Required
+  bastion_type                   = "STANDARD"
+  compartment_id                 = var.compartment_ocid
+  target_subnet_id               = oci_core_subnet.test_subnet.id
+  #Optional
+  client_cidr_block_allow_list = var.bastion_client_cidr_block_allow_list
+  defined_tags                 = {
+    "${oci_identity_tag_namespace.bastion_tag_namespace1.name}.${oci_identity_tag.bastion_tag1.name}" = var.bastion_defined_tags_value
+  }
+  name                         = var.bastionWithSA_name
+  freeform_tags                = var.bastion_freeform_tags
+  max_session_ttl_in_seconds   = var.bastion_max_session_ttl_in_seconds
+  #Similarly you can add SA to session
+  security_attributes = {
+    "oracle-zpr.sensitivity.value" = "42"
+    "oracle-zpr.sensitivity.mode" = "enforce"
+  }
+}
+
 data "oci_bastion_bastions" "test_bastions" {
   #Required
   compartment_id = var.compartment_ocid
@@ -77,9 +100,6 @@ data "oci_bastion_bastions" "test_bastions" {
   name                    = var.bastion_name
 }
 
-data "oci_core_services" "test_bastion_services" {
-}
-
 data "oci_identity_availability_domain" "bastion_ad" {
   compartment_id = var.tenancy_ocid
   ad_number      = 1

examples/bastion/instance.tf

@@ -12,8 +12,11 @@ resource "oci_core_instance" "test_instance" {
   availability_domain = data.oci_identity_availability_domain.bastion_ad.name
   compartment_id      = var.compartment_ocid
   display_name        = "TestInstance"
-  shape               = "VM.Standard2.1"
-
+  shape = "VM.Standard.E4.Flex"
+  shape_config {
+    ocpus         = 1
+    memory_in_gbs = 16
+  }
   agent_config {
     are_all_plugins_disabled  = false
     is_management_disabled    = false

examples/bastion/network.tf

@@ -5,12 +5,21 @@ resource "oci_core_vcn" "test_bastion_vcn" {
   dns_label      = "testvcn"
 }
 
+# Returns: “All <region> Services In Oracle Services Network”
+data "oci_core_services" "osn_all" {
+  filter {
+    name   = "name"
+    values = ["^All .* Services In Oracle Services Network$"]
+    regex  = true
+  }
+}
+
 resource "oci_core_service_gateway" "test_bastion_service_gateway" {
   compartment_id = var.compartment_ocid
   display_name   = "sgw"
 
   services {
-    service_id = data.oci_core_services.test_bastion_services.services[0]["id"]
+    service_id = data.oci_core_services.osn_all.services[0].id
   }
 
   vcn_id = oci_core_vcn.test_bastion_vcn.id
@@ -21,7 +30,7 @@ resource "oci_core_default_route_table" "bastion_default_route_table" {
   display_name               = "DefaultRouteTable"
 
   route_rules {
-    destination       = lookup(data.oci_core_services.test_bastion_services.services[0], "cidr_block")
+    destination       = data.oci_core_services.osn_all.services[0].cidr_block
     destination_type  = "SERVICE_CIDR_BLOCK"
     network_entity_id = oci_core_service_gateway.test_bastion_service_gateway.id
   }

examples/bastion/session.tf

@@ -36,7 +36,7 @@ variable "session_target_resource_details_target_resource_port" {
 resource "time_sleep" "wait_3_minutes_for_bastion_plugin" {
   depends_on = [oci_core_instance.test_instance]
 
-  create_duration = "5m"
+  create_duration = "10m"
 }
 
 resource "oci_bastion_session" "test_session_managed_ssh" {

examples/compute/gpu_memory_fabric/gpu_memory_fabric.tf

@@ -9,6 +9,7 @@ variable "region" {}
 variable "config_file_profile" {}
 variable "compartment_ocid" {}
 variable "tenancy_ocid" {}
+variable "firmware_bundle_id" {}
 
 variable "compute_gpu_memory_fabric_compute_gpu_memory_fabric_health" {
   default = "HEALTHY"
@@ -23,7 +24,7 @@ variable "compute_gpu_memory_fabric_freeform_tags" {
 }
 
 data "oci_identity_availability_domain" "ad" {
-  compartment_id = var.tenancy_ocid
+  compartment_id = var.compartment_ocid
   ad_number      = 1
 }
 
@@ -34,8 +35,8 @@ output "ad" {
 data "oci_core_compute_gpu_memory_fabrics" "gpu_memory_fabrics" {
   compartment_id = var.tenancy_ocid
   availability_domain = data.oci_identity_availability_domain.ad.name
-  compute_gpu_memory_fabric_health = "HEALTHY"
-  compute_gpu_memory_fabric_lifecycle_state = "AVAILABLE"
+  compute_gpu_memory_fabric_health = var.compute_gpu_memory_fabric_compute_gpu_memory_fabric_health
+  compute_gpu_memory_fabric_lifecycle_state = var.compute_gpu_memory_fabric_compute_gpu_memory_fabric_lifecycle_state
 }
 
 output "list_gpu_memory_fabrics" {
@@ -53,6 +54,10 @@ output "get_gpu_memory_fabric" {
 resource "oci_core_compute_gpu_memory_fabric" "gpu_memory_fabric" {
   compute_gpu_memory_fabric_id = data.oci_core_compute_gpu_memory_fabrics.gpu_memory_fabrics.compute_gpu_memory_fabric_collection[0].items[0].id
   freeform_tags = var.compute_gpu_memory_fabric_freeform_tags
+  memory_fabric_preferences  {
+    customer_desired_firmware_bundle_id = var.firmware_bundle_id
+    fabric_recycle_level = "FULL_RECYCLE"
+  }
 }
 
 output "gpu_memory_fabric" {

examples/database/db_systems/db_exacs/aws/provider.tf

@@ -0,0 +1,10 @@
+// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+​
+provider "oci" {
+  tenancy_ocid     = var.tenancy_ocid
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+  region           = var.region
+}

examples/database/db_systems/db_exacs/aws/resources.tf

@@ -0,0 +1,63 @@
+resource "oci_database_cloud_vm_cluster" "aws_cluster" {
+    # import this resource because we need identity connector set up which is a multi cloud dependency
+
+}
+
+resource "oci_database_db_home" "test_db_home_vm_cluster_no_db" {
+  vm_cluster_id = oci_database_cloud_vm_cluster.aws_cluster.id
+
+  # VM_CLUSTER_BACKUP can also be specified as a source for cloud VM clusters.
+  source       = "VM_CLUSTER_NEW"
+  db_version   = "23.0.0.0.0"
+  display_name = "createdDbHomeNoDb"
+}
+
+resource "oci_database_database" "test_database_create" {
+  #Required
+  database {
+    admin_password = "BEstrO0ng_#11"
+    db_name        = "TFdb1"
+    character_set  = "AL32UTF8"
+    ncharacter_set = "AL16UTF16"
+    db_workload    = "OLTP"
+
+    db_backup_config {
+      auto_backup_enabled = false
+    }
+
+    encryption_key_location_details {
+        #Required
+        azure_encryption_key_id  =  var.aws_encryption_key
+        provider_type = "AWS"
+    }
+  }
+
+  db_home_id = oci_database_db_home.test_db_home_vm_cluster_no_db.id
+  source     = "NONE"
+}
+
+
+resource "oci_database_database" "test_database_migrate" {
+  #Required
+  database {
+    admin_password = "BEstrO0ng_#11"
+    db_name        = "TFdb2"
+    character_set  = "AL32UTF8"
+    ncharacter_set = "AL16UTF16"
+    db_workload    = "OLTP"
+
+    db_backup_config {
+      auto_backup_enabled = false
+    }
+/*
+    encryption_key_location_details {
+        #Required
+        aws_encryption_key_id  = var.aws_encryption_key
+        provider_type = "AWS"
+    }
+*/
+  }
+
+  db_home_id = oci_database_db_home.test_db_home_vm_cluster_no_db.id
+  source     = "NONE"
+}