-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
158 lines (140 loc) · 5.02 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
variable "access_logs" {
description = "Map containing access logging configuration for load balancer."
type = object({
bucket = string
prefix = string
enabled = bool
})
default = null
}
variable "access_logs_bucket_id" {
type = string
default = ""
description = "The S3 bucket name to store the logs in"
}
variable "access_logs_enabled" {
type = bool
default = true
description = "A boolean flag to enable/disable access_logs"
}
variable "access_logs_prefix" {
type = string
default = ""
description = "The S3 log bucket prefix"
}
variable "aws_account_id_monitoring" {
type = string
description = "AWS account id for monitoring account where the s3 bucket will be"
default = null
}
variable "glue_database_name" {
type = string
description = "Set which database name for glue tables should be used, uses {module.this.organizational_unit}_alb_logs by default"
default = null
}
variable "enable_xff_client_port" {
description = "Indicates whether the X-Forwarded-For header should preserve the source port that the client used to connect to the load balancer in application load balancers."
type = bool
default = false
}
variable "extra_ssl_certs" {
description = "A list of maps describing any extra SSL certificates to apply to the HTTPS listeners. Required key/values: certificate_arn, https_listener_index (the index of the listener within https_listeners which the cert applies toward)."
type = list(map(string))
default = []
}
variable "http_tcp_listener_rules" {
description = "A list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, http_tcp_listener_index (default to http_tcp_listeners[count.index])"
type = any
default = []
}
variable "http_tcp_listeners" {
description = "A list of maps describing the HTTP listeners or TCP ports for this ALB. Required key/values: port, protocol. Optional key/values: target_group_index (defaults to http_tcp_listeners[count.index])"
type = any
default = [
{
port = 80
protocol = "HTTP"
action_type = "fixed-response"
fixed_response = {
content_type = "text/plain"
message_body = "Fixed message"
status_code = "404"
}
}
]
}
variable "https_listener_rules" {
description = "A list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, https_listener_index (default to https_listeners[count.index])"
type = any
default = []
}
variable "https_listeners" {
description = "A list of maps describing the HTTPS listeners for this ALB. Required key/values: port, certificate_arn. Optional key/values: ssl_policy (defaults to ELBSecurityPolicy-2016-08), target_group_index (defaults to https_listeners[count.index])"
type = any
default = []
}
variable "idle_timeout" {
description = "The time in seconds that the connection is allowed to be idle."
type = number
default = 60
}
variable "ip_address_type" {
description = "The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 and dualstack."
type = string
default = "dualstack"
}
variable "label_orders" {
type = object({
ec2 = optional(list(string)),
glue = optional(list(string), ["namespace", "environment", "name"]),
})
default = {}
description = "Overrides the `labels_order` for the different labels to modify ID elements appear in the `id`"
}
variable "load_balancer_type" {
description = "The type of load balancer to create. Possible values are application or network."
type = string
default = "application"
}
variable "security_group_rules" {
description = "Security group rules to add to the security group created"
type = any
default = {
ingress_all_http = {
type = "ingress"
from_port = 80
to_port = 80
protocol = "tcp"
description = "HTTP web traffic"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
ingress_all_https = {
type = "ingress"
from_port = 443
to_port = 443
protocol = "tcp"
description = "HTTPS web traffic"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
egress_all = {
type = "egress"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
}
}
variable "subnets" {
description = "A list of subnets to associate with the load balancer. e.g. ['subnet-1a2b3c4d','subnet-1a2b3c4e','subnet-1a2b3c4f']"
type = list(string)
default = null
}
variable "vpc_id" {
description = "VPC id where the load balancer and other resources will be deployed."
type = string
default = null
}