-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathvariables.tf
198 lines (175 loc) · 7.55 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
variable "environment" {
type = string
description = "Environmenr name"
}
variable "namespace" {
description = "Namespace name"
type = string
}
variable "name" {
type = string
description = "VPC name"
}
variable "cidr_block" {
description = "The CIDR block for the VPC."
type = string
}
variable "instance_tenancy" {
description = "A tenancy option for instances launched into the VPC. Can be 'default' or 'dedicated'."
type = string
default = "default"
}
variable "enable_dns_support" {
description = "A boolean flag to enable/disable DNS support in the VPC."
type = bool
default = true
}
variable "enable_dns_hostnames" {
description = "A boolean flag to enable/disable DNS hostnames in the VPC."
type = bool
default = true
}
variable "assign_generated_ipv6_cidr_block" {
description = "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC."
type = bool
default = false
}
variable "ipv6_ipam_pool_id" {
description = "The IPv6 IPAM pool ID from which to allocate the CIDR."
type = string
default = null # Set to null if not using IPAM for IPv6 allocation
}
variable "ipv6_netmask_length" {
description = "The netmask length of the IPv6 CIDR block to allocate to the VPC."
type = number
default = null # Set to null if not using IPv6 CIDR block
}
variable "ipv4_ipam_pool_id" {
description = "The IPv4 IPAM pool ID from which to allocate the CIDR."
type = string
default = null # Set to null if not using IPAM for IPv4 allocation
}
variable "ipv4_netmask_length" {
description = "The netmask length of the IPv4 CIDR block to allocate to the VPC."
type = number
default = null # Set to null if not using IPv4 IPAM
}
variable "enable_network_address_usage_metrics" {
description = "Enable or disable network address usage metrics."
type = bool
default = false # Set the default value, can be overridden
}
variable "ipv6_cidr_block" {
description = "The IPv6 CIDR block to associate with your VPC."
type = string
default = null # Set as null by default, can be overridden
}
variable "ipv6_cidr_block_network_border_group" {
description = "The network border group of the IPv6 CIDR block."
type = string
default = null # Set as null by default, can be overridden
}
variable "create_internet_geteway" {
type = bool
description = "(optional) Whether to create internet gateway"
default = true
}
variable "internet_geteway_name" {
type = string
description = "(optional) If the Internet Gateway name is not provided, it will be automatically derived."
default = null
}
# Variable to define a map of subnets with their attributes
variable "subnet_map" {
type = map(object({
name = string
cidr_block = string
availability_zone = string
enable_resource_name_dns_a_record_on_launch = optional(bool, false)
enable_resource_name_dns_aaaa_record_on_launch = optional(bool, false)
map_public_ip_on_launch = optional(bool, false)
ipv6_native = optional(bool, false)
assign_ipv6_address_on_creation = optional(bool, false)
ipv6_cidr_block = optional(string, null)
enable_dns64 = optional(bool, false)
nat_gateway_name = optional(string, null)
create_nat_gateway = optional(bool, true)
attach_nat_gateway = optional(bool, false)
attach_internet_gateway = optional(bool, false)
additional_routes = optional(list(object({
type = optional(string, "transit-gateway") // possible values : network-interface ,transit-gateway, vpc-endpoint, vpc-peering-connection
id = string
destination_cidr_block = optional(string, null)
destination_ipv6_cidr_block = optional(string, null)
}
)), [])
}))
default = null
description = <<-EOT
A map defining the configuration of subnets, their attributes, and associated resources.
Each subnet configuration can include the following details:
- **name**: Name of the subnet.
- **cidr_block**: CIDR block for the subnet.
- **availability_zone**: The availability zone where the subnet is located.
- **enable_resource_name_dns_a_record_on_launch**: Enable or disable DNS A records for EC2 instances launched in this subnet (default: false).
- **enable_resource_name_dns_aaaa_record_on_launch**: Enable or disable DNS AAAA records for EC2 instances launched in this subnet (default: false).
- **map_public_ip_on_launch**: Specify whether to auto-assign a public IP for instances in this subnet (default: false).
- **ipv6_native**: Enable or disable native IPv6 support for the subnet (default: false).
- **assign_ipv6_address_on_creation**: Whether to automatically assign an IPv6 address to instances launched in the subnet (default: false).
- **ipv6_cidr_block**: The IPv6 CIDR block associated with the subnet (optional).
- **enable_dns64**: Enable or disable DNS64 in the subnet (default: false).
- **nat_gateway_name**: Name of the NAT Gateway attached to the subnet (optional).
- **create_nat_gateway**: Specify whether to create a NAT Gateway for the subnet (default: true).
- **attach_nat_gateway**: Specify whether to attach an existing NAT Gateway to the subnet (default: false).
- **attach_internet_gateway**: Specify whether to attach an Internet Gateway to the subnet (default: false).
- **additional_routes**: List of additional routes to be added to the subnet route table, typically to route traffic to other services like Transit Gateway. Each route includes:
- **type**: Type of resource (default: "transit-gateway").
- **id**: The ID of the route target (e.g., a Transit Gateway ID).
- **cidr_block**: The destination CIDR block for the route.
- **destination_ipv6_cidr_block**: The destination IPV6 CIDR block for the route.
EOT
}
variable "vpc_endpoint_data" {
type = list(object({
service = string
route_table_filter = optional(string, "private") // possible values 'private' and 'public'
policy_doc = optional(string, null)
private_dns_enabled = optional(bool, false)
security_group_ids = optional(list(string), [])
}))
description = "(optional) List of VPC endpoints to be created"
default = []
}
variable "availability_zones" {
type = list(string)
description = "(optional) List of availability zones , if subnet map is null , subnet map autimatically derived"
default = []
}
variable "tags" {
type = map(string)
description = "(optional) Tags for VPC resources"
default = {}
}
variable "kms_config" {
type = object({
deletion_window_in_days = number
enable_key_rotation = bool
})
default = {
deletion_window_in_days = 30
enable_key_rotation = true
}
}
variable "vpc_flow_log_config" {
description = "If `s3_bucket_arn` is null, only CloudWatch logging is enabled by default. If `s3_bucket_arn` is provided, S3 logging is enabled."
type = object({
enable = bool
retention_in_days = number
s3_bucket_arn = string
})
default = {
enable = true
retention_in_days = 7
s3_bucket_arn = null
}
}