forked from apparentlymart/terraform-aws-tf-registry
-
Notifications
You must be signed in to change notification settings - Fork 1
/
variables.tf
106 lines (92 loc) · 2.82 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
variable "name_prefix" {
type = string
default = "terraform-registry"
description = "A name to use as the prefix for the created API Gateway REST API, DynamoDB tables, etc"
}
variable "friendly_hostname" {
description = "Configures a \"friendly hostname\" that will be used to reference objects in this registry. If this is set, the given hostname and certificate will be registered against the created API. Can be left unset if the service discovery information will be separately published at the friendly hostname, using the \"services\" output value."
type = object({
host = string
acm_certificate_arn = string
})
default = null
}
variable "api_type" {
description = "Sets API type if you want a private API without a custom domain name, defaults to EDGE for public access"
default = ["EDGE"]
type = list(string)
}
variable "api_access_policy" {
description = "If using a Private API requires you to have an access policy configured and accepts a string, but must be valid json. Defaults to Null"
type = string
default = null
}
variable "domain_security_policy" {
description = "Sets the TLS version to desired state, defaults to 1.2"
type = string
default = "TLS_1_2"
}
variable "vpc_endpoint_ids" {
description = "Sets the VPC endpoint ID for a private API, defaults to null"
type = list(string)
default = null
}
variable "tags" {
type = map(string)
description = "Resource tags"
default = {}
}
variable "storage" {
type = object({
dynamodb = object({
name = optional(string, null)
billing_mode = optional(string, "PAY_PER_REQUEST")
read = optional(number, 1)
write = optional(number, 1)
})
bucket = object({
name = optional(string, null)
})
})
default = {
dynamodb = {
name = null
billing_mode = "PAY_PER_REQUEST"
read = 1
write = 1
}
bucket = {
name = null
}
}
}
variable "secret_key_name" {
type = string
description = "Optional AWS Secret name to store JWT secret"
default = null
}
variable "kms_key_id" {
type = string
description = "Optional custom kms key id (default aws/secretsmanager)"
default = null
}
variable "s3_public_access" {
description = "Bucket Public Access Block"
type = object({
block_public_acls = bool,
ignore_public_acls = bool,
block_public_policy = bool,
restrict_public_buckets = bool
})
default = {
block_public_acls : true
ignore_public_acls : true
block_public_policy : true
restrict_public_buckets : true
}
}
variable "dynamodb_enable_point_in_time_recovery" {
type = bool
default = true
description = "Enable DynamoDB point in time recovery"
}