generated from terraform-ibm-modules/terraform-ibm-module-template
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathvariables.tf
104 lines (93 loc) · 2.68 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
##############################################################################
# Input Variables
##############################################################################
variable "name" {
type = string
description = "(Optional, String) The name of the zone"
default = null
}
variable "zone_description" {
type = string
description = "(Optional, String) The description of the zone"
default = null
}
variable "addresses" {
type = list(object({
type = optional(string)
value = optional(string)
ref = optional(object({
account_id = string
location = optional(string)
service_instance = optional(string)
service_name = optional(string)
service_type = optional(string)
}))
}))
description = "(List) The list of addresses in the zone"
default = []
}
variable "excluded_addresses" {
type = list(object({
type = optional(string)
value = optional(string)
}))
description = "(Optional, List) The list of excluded addresses in the zone"
default = []
}
##############################################################################
# Rule Related Input Variables
##############################################################################
variable "rule_description" {
type = string
description = "(Optional, String) The description of the rule"
default = null
}
variable "rule_contexts" {
type = list(object({
attributes = list(object({
name = string
value = string
}))
}))
description = "(List) The contexts the rule applies to"
default = [{
attributes = [{
name = "va"
value = "va"
}]
}]
}
variable "enforcement_mode" {
type = string
description = "(String) The rule enforcement mode"
default = "report" # As part of the best practices, mode should be in report only mode for 30 days before the rules is enabled.
}
variable "resources" {
type = list(object({
attributes = list(object({
name = string
value = string
operator = optional(string)
}))
tags = optional(list(object({ #These access tags should match to the target service access tags for the CBR rules to work
name = string
value = string
operator = optional(string)
})))
}))
description = "(Optional, List) The resources this rule apply to"
default = []
}
variable "operations" {
type = list(object({
api_types = list(object({
api_type_id = string
}))
}))
description = "(Optional, List) The operations this rule applies to"
default = [{
api_types = [{
api_type_id = "crn:v1:bluemix:public:context-based-restrictions::::api-type:"
}]
}]
}