-
Notifications
You must be signed in to change notification settings - Fork 2
/
variables.tf
55 lines (48 loc) · 2.29 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# ----------------------------------------------------------------------------------------------------------------------
# REQUIRED PARAMETERS
# ----------------------------------------------------------------------------------------------------------------------
variable "name_suffix" {
description = "An arbitrary suffix that will be added to the end of the resource name(s). For example: an environment name, a business-case name, a numeric id, etc."
type = string
validation {
condition = length(var.name_suffix) <= 14
error_message = "A max of 14 character(s) are allowed."
}
}
# ----------------------------------------------------------------------------------------------------------------------
# OPTIONAL PARAMETERS
# ----------------------------------------------------------------------------------------------------------------------
variable "key_ring_name" {
description = "A name for the KMS Key Ring."
type = string
default = "set-1"
}
variable "kms_location" {
description = "The location for the KMS Key Ring. A full list of valid locations can be found by running 'gcloud kms locations list' from the terminal. Defaults to the google provider's region if nothing is specified here."
type = string
default = ""
}
variable "symmetric_keys" {
description = "A list of objects defining properties of symmetric encryption-decryption keys. Specify \"rotation_period\" in number of seconds including the trailing 's'. For example \"7776000s\" = \"90 days\"."
type = list(object({
key_name = string
rotation_period = string
}))
default = []
}
variable "asymmetric_keys" {
description = "A list of objects defining properties of asymmetric encryption-decryption keys. Recommended \"algorithm\" = \"RSA_DECRYPT_OAEP_3072_SHA256\" - see https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations."
type = list(object({
key_name = string
algorithm = string
}))
default = []
}
variable "signature_keys" {
description = "A list of objects defining properties of asymmetric signature keys. Recommended \"algorithm\" = \"EC_SIGN_P256_SHA256\" - see https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations."
type = list(object({
key_name = string
algorithm = string
}))
default = []
}