5.x: Allow Bastion reserved Public IP assignment

[thpham]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Current 5.x branch allow the creation of bastion with ephemeral public IP, or with the IP of a pre-existing bastion which has a public ip.

Some companies are blocking external traffic to un-conventional ports and therefore are only allowing ssh(22) on whitelisted public IPs. To avoid continuously updating the whitelist through internal support tickets, we would like to be able to attach a reserved IP.

The current internal bastion module cannot be easily changed, because of related terraform provisioner issue #1802.

To be able to provision this OKE module in one run the only solution is to run concurrently a separate plan that core_public_ip does the attachment to the bastion private vnic.

New or Affected Resource(s)

module:

• bastion

or potential a fix in the terraform-provider-oci.