-
Notifications
You must be signed in to change notification settings - Fork 4
/
variables.tf
132 lines (109 loc) · 3.49 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
## Copyright 2023 Google LLC
##
## Licensed under the Apache License, Version 2.0 (the "License");
## you may not use this file except in compliance with the License.
## You may obtain a copy of the License at
##
## https://www.apache.org/licenses/LICENSE-2.0
##
## Unless required by applicable law or agreed to in writing, software
## distributed under the License is distributed on an "AS IS" BASIS,
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
## See the License for the specific language governing permissions and
## limitations under the License.
variable "project_id" {
type = string
description = "Project ID to deploy resources"
}
variable "vpc_network_name" {
type = string
description = "VPC network name for IDS"
}
variable "network_region" {
type = string
description = "Network region for IDS"
}
variable "network_zone" {
type = string
description = "Network zone for IDS"
}
variable "instance_list" {
type = list(string)
description = "Instance list to monitor with Cloud IDS"
default = null
}
variable "subnet_list" {
type = list(string)
description = "Subnet list to monitor with Cloud IDS"
default = null
}
variable "tag_list" {
type = list(string)
description = "Tag list to monitor with Cloud IDS"
default = null
}
variable "threat_exceptions" {
type = list(string)
description = "Threat_exceptions list to excluded from generating alerts. Limit: 99 IDs."
default = null
}
variable "ids_private_ip_range_name" {
type = string
description = "Cloud IDS private IP address range name"
default = "ids-private-address"
}
variable "ids_private_ip_address" {
type = string
description = "Cloud IDS private IP address"
default = null
}
variable "ids_private_ip_prefix_length" {
type = string
description = "Cloud IDS private IP address prefix length"
default = 24
}
variable "ids_private_ip_description" {
type = string
description = "Cloud IDS private IP address description"
default = "Cloud IDS reserved IP Range"
}
variable "ids_name" {
type = string
description = "Cloud IDS instance name"
default = "cloud-ids"
}
variable "severity" {
type = string
description = "The minimum alert severity level that is reported by the endpoint"
default = "INFORMATIONAL"
}
variable "packet_mirroring_policy_name" {
type = string
description = "Packet mirroring policy name"
default = "cloud-ids-packet-mirroring"
}
variable "packet_mirroring_policy_description" {
type = string
description = "Packet mirroring policy description"
default = "Packet mirroring policy for Cloud IDS"
}
variable "ip_protocols_filter" {
type = list(string)
description = "IP Protocols filter for packet mirroing policy. Can include 'tcp', 'udp', 'icmp', and 'esp'"
default = []
}
variable "cidr_ranges_filter" {
type = list(string)
description = "IP CIDR ranges that apply as a filter on the source (ingress) or destination (egress) IP in the IP header. Only IPv4 is supported."
default = []
}
variable "direction_filter" {
type = string
description = "Direction of traffic to mirror. Possible values are INGRESS, EGRESS, and BOTH."
default = "BOTH"
}
variable "create_service_networking_connection" {
type = bool
description = "Whether to create service networking connection and IP range."
default = true
}