-
Notifications
You must be signed in to change notification settings - Fork 4
/
variables.tf
154 lines (135 loc) · 4.45 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
variable "name_prefix" {
description = "Name to be used on all the resources as identifier."
type = string
default = "runtask-tf-plan-analyzer"
}
variable "tags" {
description = "Map of tags to apply to resources deployed by this solution."
type = map(any)
default = null
}
variable "hcp_tf_org" {
description = "HCP Terraform Organization name"
type = string
}
variable "runtask_stages" {
description = "List of all supported run task stages"
type = list(string)
default = ["pre_plan", "post_plan", "pre_apply"]
}
variable "workspace_prefix" {
description = "HCP Terraform workspace name prefix that allowed to run this run task"
type = string
default = ""
}
variable "run_task_iam_roles" {
description = "List of IAM roles to be attached to the Lambda function"
type = list(string)
default = null
}
variable "event_source" {
description = "EventBridge source name"
type = string
default = "app.terraform.io"
}
variable "event_bus_name" {
description = "EventBridge event bus name"
type = string
default = "default"
}
variable "cloudwatch_log_group_name" {
description = "RunTask CloudWatch log group name"
type = string
default = "/hashicorp/terraform/runtask/"
}
variable "cloudwatch_log_group_retention" {
description = "Lambda CloudWatch log group retention period"
type = string
default = "365"
validation {
condition = contains(["1", "3", "5", "7", "14", "30", "60", "90", "120", "150", "180", "365", "400", "545", "731", "1827", "3653", "0"], var.cloudwatch_log_group_retention)
error_message = "Valid values for var: cloudwatch_log_group_retention are (1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653, and 0)."
}
}
variable "aws_region" {
description = "The region from which this module will be executed."
type = string
validation {
condition = can(regex("(us(-gov)?|ap|ca|cn|eu|sa)-(central|(north|south)?(east|west)?)-\\d", var.aws_region))
error_message = "Variable var: region is not valid."
}
}
variable "recovery_window" {
description = "Number of days that AWS Secrets Manager waits before it can delete the secret"
type = number
default = 0
validation {
condition = (var.recovery_window >= 0 && var.recovery_window <= 30)
error_message = "Variable var: recovery_window must be between 0 and 30"
}
}
variable "lambda_reserved_concurrency" {
description = "Maximum Lambda reserved concurrency, make sure your AWS quota is sufficient"
type = number
default = 10
}
variable "lambda_default_timeout" {
description = "Lambda default timeout in seconds"
type = number
default = 120
}
variable "lambda_architecture" {
description = "Lambda architecture (arm64 or x86_64)"
type = string
default = "x86_64"
validation {
condition = contains(["arm64", "x86_64"], var.lambda_architecture)
error_message = "Valid values for var: lambda_architecture are arm64 or x86_64"
}
}
variable "lambda_python_runtime" {
description = "Lambda Python runtime"
type = string
default = "python3.11"
validation {
condition = contains(["python3.11", "python3.10", "python3.9"], var.lambda_python_runtime)
error_message = "Valid values for var: lambda_python_runtime are python3.11, python3.10, python3.9"
}
}
variable "deploy_waf" {
description = "Set to true to deploy CloudFront and WAF in front of the Lambda function URL"
type = string
default = false
validation {
condition = contains(["true", "false"], var.deploy_waf)
error_message = "Valid values for var: deploy_waf are true, false"
}
}
variable "waf_rate_limit" {
description = "Rate limit for request coming to WAF"
type = number
default = 100
}
variable "waf_managed_rule_set" {
description = "List of AWS Managed rules to use inside the WAF ACL"
type = list(map(string))
default = [
{
name = "AWSManagedRulesCommonRuleSet"
priority = 10
vendor_name = "AWS"
metric_suffix = "common"
},
{
name = "AWSManagedRulesKnownBadInputsRuleSet"
priority = 20
vendor_name = "AWS"
metric_suffix = "bad_input"
}
]
}
variable "bedrock_llm_model" {
description = "Bedrock LLM model to use"
type = string
default = "anthropic.claude-3-sonnet-20240229-v1:0"
}