-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathvariables.tf
161 lines (138 loc) · 4.23 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
variable "prefix" {
description = "The prefix name of customer to be displayed in AWS console and resource"
type = string
}
variable "environment" {
description = "Environment Variable used as a prefix"
type = string
}
variable "tags" {
description = "Tags to add more; default tags contian {terraform=true, environment=var.environment}"
type = map(string)
default = {}
}
variable "instance_type" {
description = "(Optional) The instance type to use for the instance. Updates to this field will trigger a stop/start of the EC2 instance."
type = string
default = "t2.medium"
}
variable "security_group_ingress_rules" {
description = "Map of ingress and any specific/overriding attributes to be created"
type = any
default = {
allow_to_connect_vpn = {
port = "12383"
cidr_blocks = ["0.0.0.0/0"]
protocol = "udp"
}
}
}
variable "is_create_security_group" {
description = "Flag to toggle security group creation"
type = bool
default = true
}
variable "vpc_id" {
description = "The ID of the VPC"
type = string
}
variable "public_subnet_ids" {
description = "The List of the subnet ID to deploy Public Loadbalancer relate to VPC"
type = list(string)
}
variable "private_subnet_ids" {
description = "The List of the private subnet ID to deploy instance and private lb for vpn relate to VPC"
type = list(string)
}
variable "key_name" {
description = "Key name of the Key Pair to use for the vpn instance; which can be managed using"
type = string
default = null
}
variable "additional_sg_attacment_ids" {
description = "(Optional) The ID of the security group."
type = list(string)
default = []
}
variable "ami" {
type = string
description = "(Optional) AMI to use for the instance. Required unless launch_template is specified and the Launch Template specifes an AMI. If an AMI is specified in the Launch Template, setting ami will override the AMI specified in the Launch Template"
default = ""
}
variable "public_rule" {
description = "public rule for run connect vpn"
type = list(object({
port = number
protocol = string
health_check_port = number
health_check_protocol = string
}))
default = [
{
port = 12383
protocol = "UDP"
health_check_port = 443
health_check_protocol = "TCP"
}
]
}
variable "private_rule" {
description = "private rule for run connect vpn"
type = list(object({
port = number
protocol = string
health_check_port = number
health_check_protocol = string
}))
default = []
}
variable "is_create_route53_reccord" {
description = "if true will create route53 reccord for vpn, vpn console"
type = bool
default = false
}
variable "public_lb_vpn_domain" {
description = "domain of vpn output will be <var.vpn_domain>.<var.route53_zone_name>"
type = string
default = "vpn"
}
variable "private_lb_vpn_domain" {
description = "domain of vpn console output will be <var.vpn_domain>.<var.route53_zone_name>"
type = string
default = "vpn-console"
}
variable "route53_zone_name" {
description = "This is the name of the hosted zone"
type = string
default = ""
}
variable "is_enabled_https_public" {
description = "if true will enable https to public loadbalancer else enable to private loadbalancer"
type = bool
default = true
}
variable "custom_https_allow_cidr" {
description = "cidr block for config pritunl vpn"
type = list(string)
default = null
}
variable "enabled_backup" {
type = bool
description = "Enable Backup EFS"
default = true
}
variable "efs_backup_policy_enabled" {
type = bool
description = "If `true`, it will turn on automatic backups."
default = true
}
variable "enable_ec2_monitoring" {
description = "Enables/disables detailed monitoring"
type = bool
default = false
}
variable "is_create_private_lb" {
description = "if true this module will not create private lb for cost optimization"
type = bool
default = true
}