-
Notifications
You must be signed in to change notification settings - Fork 1
/
variables.tf
93 lines (78 loc) · 2.34 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
variable "function_zip_file" {
type = string
description = "Location for certonid serverless archive."
validation {
condition = length(var.function_zip_file) > 0
error_message = "The `function_zip_file` value must be provided."
}
}
variable "function_name" {
type = string
description = "AWS lambda function name."
default = "CertonidCertificateGenerator"
}
variable "function_handler" {
type = string
description = "AWS lambda function handler."
default = "serverless"
}
variable "function_iam_role_name" {
type = string
description = "AWS lambda function IAM role."
default = "certonid-lambda-role"
}
variable "function_iam_general_policy_name" {
type = string
description = "AWS lambda function general IAM policy."
default = "certonid-lambda-policy"
}
variable "function_iam_kms_policy_name" {
type = string
description = "AWS lambda function KMS IAM policy."
default = "certonid-lambda-kms-policy"
}
variable "symmetric_encryption_key" {
type = string
description = "Key, which is used as CERTONID_SYMMETRIC_KEY for certonid."
default = ""
}
variable "is_kmsauth_enabled" {
type = bool
description = "Add kmsauth for additional security."
default = false
}
variable "kmsauth_service_id" {
type = string
description = "Kmsauth service ID."
default = "certonid"
}
variable "kmsauth_aws_additional_conditions" {
type = string
description = "Kmsauth AWS additional conditions."
default = ""
}
variable "function_iam_kmsauth_policy_name" {
type = string
description = "AWS kmsauth lambda function IAM policy."
default = "certonid-kmsauth-lambda-policy"
}
variable "is_group_for_clients_exists" {
type = bool
description = "Is IAM group already created."
default = false
}
variable "clients_iam_group_name" {
type = string
description = "AWS lambda clients IAM group."
default = "certonid-clients-role"
}
variable "clients_iam_policy_name" {
type = string
description = "AWS lambda function IAM role."
default = "certonid-clients-policy"
}
variable "clients_names" {
type = set(string)
description = "AWS clients, which attached to `clients_iam_group_name` IAM role to access certonid serverless function."
default = []
}