-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
104 lines (88 loc) · 3.55 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# Utility subnet CIDR
variable "utility_subnet_cidr" {
description = "CIDR for the utility subnet. This subnet is not HA."
}
variable "enable_utility_public_ips" {
default = true
description = "Enables public IP addresses for the utility subnet. On by default."
}
variable "vpc_name" {
default = "Primary VPC"
description = "Name of the VPC. Shows up in tags. Defaults to 'Primary VPC'"
}
# This will actually be a list of maps, which stores information about
# the public/private subnet configuration. Every private subnet needs
# a corresponding public subnet. This is especially usefull if you're
# going to load balance something inside a private subnet.
variable "public_private_subnet_pairs" {
type = list(any)
description = "A list of maps that connect public and private subnet pairs."
}
# This is a list of additional private subnets with no automatic public
# subnet associated with them. They will be added to the appropriate
# routing table to ensure NAT'd access to the internet.
variable "addl_private_subnets" {
type = list(any)
default = []
description = "A list of private only subnets with no public subnets associated with them. Defaults to empty list."
}
# At least one CIDR Needs to exist on the VPC in order to create it. All other values will be inferred when you
# create your subnets. Magic!
variable "vpc_primary_cidr" {
description = "To avoid any irritation with specifying CIDRs that belong on a VPC specify one that's your primary."
}
# List out all the additional address space you need in addition to the primary CIDR. You must include all subnets
# or you will get failures during creation of those subnets.
variable "vpc_addl_address_space" {
type = list(any)
description = "Additional high level address space to add to the VPC. You must provide this, it can be an empty list."
}
# CIDR for ingress access to bastion hosts.
variable "ssh_ingress_cidr" {
default = "0.0.0.0/0"
description = "A CIDR describing where the bastion hosts boxes may come in from. This is defaulted to 0.0.0.0/0; change if you have a VPN."
}
##### BASTION HOST VARIABLES #####
# The number of bastion hosts to create. Defaults to 1.
variable "bastion_count" {
default = 1
description = "The number of bastion hosts to create. Defaults to one."
}
# The instance type for bastions. Defaults to the free tier.
variable "bastion_instance_type" {
description = "The bastion host type."
}
# The name of the key for bastion hosts.
variable "bastion_key_name" {
description = "The key name for the bastion host without.pem on the end. Make sure you have access to it."
}
variable "bastion_patch_schedule" {
default = "cron(0 0 * * ? *)"
description = "The frequency to patch the cluster. Defaults to midnight."
}
variable "schedule_timezone" {
default = "America/New_York"
description = "The timezone inside of which to run the patch windows. Defaults to US eastern."
}
variable "enable_dns_hostnames" {
description = "A boolean flag to enable/disable DNS hostnames in the VPC. Enabling this is required for using private hosted zones in Route 53."
type = bool
default = false
}
variable "enable_dns_support" {
description = "A boolean flag to enable/disable DNS support in the VPC. Enabling this is required for using private hosted zones in Route 53."
type = bool
default = true
}
variable "bastion_route53" {
description = "Route53 configuration."
type = object({
zone = object({
name = string
})
record = object({
name = string
})
})
default = null
}