-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathvariables.tf
85 lines (76 loc) · 3.42 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
variable "transit_gateway_name" {
description = "Name of the transit gateway to create. It can be null if existing_transit_gateway_name is not null"
type = string
default = null
}
variable "region" {
description = "The IBM Cloud region where all resources are provisioned. It can be null if existing_transit_gateway_name is not null"
type = string
default = null
}
variable "global_routing" {
description = "Gateways with global routing (true) to connect to the networks outside their associated region"
type = bool
default = false
}
variable "resource_group_id" {
description = "Resource group ID where the transit gateway to be created."
type = string
default = null
}
variable "existing_transit_gateway_name" {
description = "Name of an existing transit gateway to connect VPCs. If null a new Transit Gateway will be created (transit_gateway_name and region required)"
type = string
default = null
}
variable "resource_tags" {
type = list(string)
description = "List of tags"
default = null
}
variable "vpc_connections" {
type = list(object({
vpc_crn = string
default_prefix_filter = optional(string)
}))
description = "The list of VPC instance connections with their associated default prefix filter. Customise the default filter setting for each VPC connections to `permit` or `deny` specifiv IP ranges. `permit` makes it to accept all prefixes after processing all the entries in the prefix filters list. `deny` makes it to deny all prefixes after processing all the entries in the prefix filters list. By default it is set to `permit`. Refer to https://cloud.ibm.com/docs/transit-gateway?topic=transit-gateway-adding-prefix-filters&interface=ui for more details."
validation {
condition = alltrue([for default_filter in var.vpc_connections : default_filter.default_prefix_filter == "permit" || default_filter.default_prefix_filter == "deny" || default_filter.default_prefix_filter == null])
error_message = "Valid values to set default prefix filter is `permit` or `deny`. By default it is set to `permit`"
}
}
variable "classic_connections_count" {
type = number
description = "Number of classic connections to add."
}
variable "delete_timeout" {
type = string
description = "Deleting timeout value of the ibm_tg_gateway"
default = "45m"
}
variable "add_prefix_filters" {
description = "Map of VPC CRN to optionally add prefix filter to set an ordered list of filters that determine the routes that transit gateway should accept or deny. Connections are denied or permitted based on the order of the filters passed. See https://cloud.ibm.com/docs/transit-gateway?topic=transit-gateway-adding-prefix-filters&interface=ui"
type = list(object({
action = string
prefix = string
le = optional(number)
ge = optional(number)
before = optional(string)
connection = string
}))
validation {
condition = alltrue([
for filter in var.add_prefix_filters :
filter.le >= 0 && filter.le <= 32 && filter.ge >= 0 && filter.ge <= 32
])
error_message = "Both 'le' and 'ge' must be between 0 and 32."
}
validation {
condition = alltrue([
for filter in var.add_prefix_filters :
filter.action == "permit" || filter.action == "deny"
])
error_message = "Valid values for 'action' are 'permit' or 'deny'."
}
default = []
}