forked from schammah/terraform-aws-cloudfront
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
190 lines (158 loc) · 5.47 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
variable create_cf {
description = "Set to false to prevent the module from creating any resources"
type = bool
default = true
}
variable acm_certificate_arn {
description = "The ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. The ACM certificate must be in US-EAST-1."
type = string
default = null
}
variable additional_tags {
description = "A mapping of additional tags to attach"
type = map(string)
default = {}
}
variable alias {
description = "Aliases, or CNAMES, for the distribution"
type = list
default = []
}
variable cloudfront_default_certificate {
description = "This variable is not required anymore, being auto generated, left here for compability purposes"
type = bool
default = true
}
variable comment {
description = "Any comment about the CloudFront Distribution"
type = string
default = ""
}
variable default_root_object {
description = "The object that you want CloudFront to return (for example, index.html) when an end user requests the root URL"
type = string
default = null
}
variable dynamic_custom_error_response {
description = "Custom error response to be used in dynamic block"
type = any
default = []
}
variable dynamic_custom_origin_config {
description = "Configuration for the custom origin config to be used in dynamic block"
type = any
default = []
}
variable dynamic_default_cache_behavior {
description = "Default Cache Behviors to be used in dynamic block"
type = any
}
variable dynamic_ordered_cache_behavior {
description = "Ordered Cache Behaviors to be used in dynamic block"
type = any
default = []
}
variable dynamic_origin_group {
description = "Origin Group to be used in dynamic block"
type = any
default = []
}
variable dynamic_logging_config {
description = <<EOF
This is the logging configuration for the Cloudfront Distribution. It is not required.
If you choose to use this configuration, be sure you have the correct IAM and Bucket ACL
rules. Your tfvars file should follow this syntax:
logging_config = [{
bucket = "<your-bucket>"
include_cookies = <true or false>
prefix = "<your-bucket-prefix>"
}]
EOF
type = any
default = []
}
variable dynamic_s3_origin_config {
description = "Configuration for the s3 origin config to be used in dynamic block"
type = list(map(string))
default = []
}
variable enable {
description = "Whether the distribution is enabled to accept end user requests for content"
type = bool
default = true
}
variable enable_ipv6 {
description = "Whether the IPv6 is enabled for the distribution"
type = bool
default = true
}
variable http_version {
description = "The maximum HTTP version to support on the distribution. Allowed values are http1.1 and http2"
type = string
default = "http2"
}
variable iam_certificate_id {
description = "Specifies IAM certificate id for CloudFront distribution"
type = string
default = null
}
variable minimum_protocol_version {
description = <<EOF
The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections.
One of SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016,TLSv1.2_2018 or TLSv1.2_2019. Default: TLSv1.
NOTE: If you are using a custom certificate (specified with acm_certificate_arn or iam_certificate_id),
and have specified sni-only in ssl_support_method, TLSv1 or later must be specified.
If you have specified vip in ssl_support_method, only SSLv3 or TLSv1 can be specified.
If you have specified cloudfront_default_certificate, TLSv1 must be specified.
EOF
type = string
default = "TLSv1"
}
variable price {
description = "The price class of the CloudFront Distribution. Valid types are PriceClass_All, PriceClass_100, PriceClass_200"
type = string
default = "PriceClass_100"
}
variable region {
description = "Target AWS region"
type = string
default = "us-east-1"
}
variable restriction_location {
description = "The ISO 3166-1-alpha-2 codes for which you want CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist)"
type = list
default = []
}
variable restriction_type {
description = "The restriction type of your CloudFront distribution geolocation restriction. Options include none, whitelist, blacklist"
type = string
default = "none"
}
variable retain_on_delete {
description = "Disables the distribution instead of deleting it when destroying the resource through Terraform. If this is set, the distribution needs to be deleted manually afterwards."
type = bool
default = false
}
variable ssl_support_method {
description = "This variable is not required anymore, being auto generated, left here for compability purposes"
type = string
default = "sni-only"
}
variable tag_name {
description = "The tagged name"
type = string
default = ""
}
variable wait_for_deployment {
description = "If enabled, the resource will wait for the distribution status to change from InProgress to Deployed. Setting this tofalse will skip the process."
type = bool
default = true
}
variable webacl {
description = "The WAF Web ACL"
type = string
default = ""
}
// variable origin_group_member {
// type = any
// }