-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathvars.tf
104 lines (79 loc) · 2.3 KB
/
vars.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# COMMON
variable "profile" {
type = string
description = "AWS Profile to use"
}
variable "region" {
type = string
description = "AWS region to deploy into"
}
# VPC
variable "cidr_block" {
type = string
description = "CIDR Block for the VPC (e.g.: 10.223.3.0/24)"
}
variable "tenancy" {
type = string
description = "Hardware Tenancy (default, dedicated)"
}
variable "dns_sup_hn" { # enable dns_support and dns_hostnames
type = bool
description = "Private DNS and Private Hostname support"
}
variable "availability_zones" {
type = list(string)
description = "List of availability zones (e.g.: [ eu-central-1a, eu-central-1b ])"
}
variable "vpc_tags" {
type = map
description = "Tags to propagate to the vpc"
default = {
"Name" = "MyVPC",
"ProvisionedBy" = "Terraform"
}
}
# ENDPOINTS
variable "ep_if_list" {
type = list(string)
description = "List of Interface endpoints to enable, Leave empty for no enpoints. Insert region as '/region/' as it will be interpolated at runtime"
default = [
"com.amazonaws./region/.logs",
"com.amazonaws./region/.ecr.dkr",
"com.amazonaws./region/.ssm",
"com.amazonaws./region/.ssmmessages"
]
}
variable "sn_pub_priv" {
type = string
description = "Associate the enpoints with public or private subnets? Explicit 'private' for private, else public"
default = "private"
}
variable "ep_priv_dns" {
type = bool
description = "Enable private DNS for the endpoints?"
}
variable "ep_gw_list" {
type = list(string)
description = "List of Gateway endpoints to enable, Leave empty for no enpoints. Insert region as '/region/' as it will be interpolated at runtime"
default = [
"com.amazonaws./region/.s3"
]
}
# INTERNET GATEWAY && ROUTE TABLES
variable "enable_igw" {
type = bool
description = "Create an internet gateway?"
}
# SECURITY GROUPS
variable "ingress_port" {
type = number
description = "Ingress port from outside AWS VPC (e.g.: 443 or 8080)"
}
variable "app_port" {
type = number
description = "Application ingress port. Ingress is allowed from sg_www"
}
variable "db_port" {
type = number
description = "Database ingress port. Ingress is allowed from sg_app"
}