-
Notifications
You must be signed in to change notification settings - Fork 305
/
Copy pathvariables.tf
470 lines (402 loc) · 18.4 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
variable "resource_group_name" {
type = string
description = "The name of the resource group in which the resources will be created."
}
variable "vnet_subnet_id" {
type = string
description = "The subnet id of the virtual network where the virtual machines will reside."
}
variable "admin_password" {
type = string
default = ""
description = "The admin password to be used on the VMSS that will be deployed. The password must meet the complexity requirements of Azure."
}
variable "admin_username" {
type = string
default = "azureuser"
description = "The admin username of the VM that will be deployed."
}
variable "allocation_method" {
type = string
default = "Dynamic"
description = "Defines how an IP address is assigned. Options are Static or Dynamic."
}
# We keep default value as `2`, not `3` as the official since this module used to hard code this argument to `2`.
variable "as_platform_fault_domain_count" {
type = number
default = 2
description = "(Optional) Specifies the number of fault domains that are used. Defaults to `2`. Changing this forces a new resource to be created."
}
# We keep default value as `2`, not `5` as the official since this module used to hard code this argument to `2`.
variable "as_platform_update_domain_count" {
type = number
default = 2
description = "(Optional) Specifies the number of update domains that are used. Defaults to `2`. Changing this forces a new resource to be created."
}
variable "availability_set_enabled" {
type = bool
default = true
description = "(Optional) Enable or Disable availability set. Default is `true` (enabled)."
nullable = false
}
variable "boot_diagnostics" {
type = bool
default = false
description = "(Optional) Enable or Disable boot diagnostics."
}
variable "boot_diagnostics_sa_type" {
type = string
default = "Standard_LRS"
description = "(Optional) Storage account type for boot diagnostics."
}
variable "custom_data" {
type = string
default = ""
description = "The custom data to supply to the machine. This can be used as a cloud-init for Linux systems."
}
variable "data_disk_size_gb" {
type = number
default = 30
description = "Storage data disk size size."
}
variable "data_sa_type" {
type = string
default = "Standard_LRS"
description = "Data Disk Storage Account type."
}
variable "delete_data_disks_on_termination" {
type = bool
default = false
description = "Delete data disks when machine is terminated."
}
variable "delete_os_disk_on_termination" {
type = bool
default = false
description = "Delete OS disk when machine is terminated."
}
variable "enable_accelerated_networking" {
type = bool
default = false
description = "(Optional) Enable accelerated networking on Network interface."
}
variable "enable_ip_forwarding" {
type = bool
default = false
description = "(Optional) Should IP Forwarding be enabled? Defaults to `false`."
}
variable "enable_ssh_key" {
type = bool
default = true
description = "(Optional) Enable ssh key authentication in Linux virtual Machine."
}
# Why use object as type? We use this variable in `count` expression, if we use a newly created `azurerm_storage_account.primary_blob_endpoint` as uri directly, then Terraform would complain that it cannot determine the value of `count` during the plan phase, so we wrap the `uri` with an object.
variable "external_boot_diagnostics_storage" {
type = object({
uri = string
})
default = null
description = "(Optional) The Storage Account's Blob Endpoint which should hold the virtual machine's diagnostic files. Set this argument would disable the creation of `azurerm_storage_account` resource."
validation {
condition = var.external_boot_diagnostics_storage == null ? true : var.external_boot_diagnostics_storage.uri != null
error_message = "`var.external_boot_diagnostics_storage.uri` cannot be `null`"
}
}
variable "extra_disks" {
type = list(object({
name = string
size = number
}))
default = []
description = "(Optional) List of extra data disks attached to each virtual machine."
}
variable "extra_ssh_keys" {
type = list(string)
default = []
description = "Same as ssh_key, but allows for setting multiple public keys. Set your first key in ssh_key, and the extras here."
}
variable "identity_ids" {
type = list(string)
default = []
description = "Specifies a list of user managed identity ids to be assigned to the VM."
}
variable "identity_type" {
type = string
default = ""
description = "The Managed Service Identity Type of this Virtual Machine."
}
variable "is_marketplace_image" {
type = bool
default = false
description = "Boolean flag to notify when the image comes from the marketplace."
nullable = false
}
variable "is_windows_image" {
type = bool
default = false
description = "Boolean flag to notify when the custom image is windows based."
}
variable "license_type" {
type = string
default = null
description = "Specifies the BYOL Type for this Virtual Machine. This is only applicable to Windows Virtual Machines. Possible values are Windows_Client and Windows_Server"
}
variable "location" {
type = string
default = null
description = "(Optional) The location in which the resources will be created."
}
variable "managed_data_disk_encryption_set_id" {
type = string
default = null
description = "(Optional) The disk encryption set ID for the managed data disk attached using the azurerm_virtual_machine_data_disk_attachment resource."
}
variable "name_template_availability_set" {
type = string
default = "$${vm_hostname}-avset"
description = "The name template for the availability set. The following replacements are automatically made: `$${vm_hostname}` => `var.vm_hostname`. All other text can be set as desired."
}
variable "name_template_data_disk" {
type = string
default = "$${vm_hostname}-datadisk-$${host_number}-$${data_disk_number}"
description = "The name template for the data disks. The following replacements are automatically made: `$${vm_hostname}` => `var.vm_hostname`, `$${host_number}` => 'host index', `$${data_disk_number}` => 'data disk index'. All other text can be set as desired."
}
variable "name_template_extra_disk" {
type = string
default = "$${vm_hostname}-extradisk-$${host_number}-$${extra_disk_name}"
description = "The name template for the extra disks. The following replacements are automatically made: `$${vm_hostname}` => `var.vm_hostname`, `$${host_number}` => 'host index', `$${extra_disk_name}` => 'name of extra disk'. All other text can be set as desired."
}
variable "name_template_network_interface" {
type = string
default = "$${vm_hostname}-nic-$${host_number}"
description = "The name template for the network interface. The following replacements are automatically made: `$${vm_hostname}` => `var.vm_hostname`, `$${host_number}` => 'host index'. All other text can be set as desired."
}
variable "name_template_network_security_group" {
type = string
default = "$${vm_hostname}-nsg"
description = "The name template for the network security group. The following replacements are automatically made: `$${vm_hostname}` => `var.vm_hostname`. All other text can be set as desired."
}
variable "name_template_public_ip" {
type = string
default = "$${vm_hostname}-pip-$${ip_number}"
description = "The name template for the public ip. The following replacements are automatically made: `$${vm_hostname}` => `var.vm_hostname`, `$${ip_number}` => 'public ip index'. All other text can be set as desired."
}
variable "name_template_vm_linux" {
type = string
default = "$${vm_hostname}-vmLinux-$${host_number}"
description = "The name template for the Linux virtual machine. The following replacements are automatically made: `$${vm_hostname}` => `var.vm_hostname`, `$${host_number}` => 'host index'. All other text can be set as desired."
}
variable "name_template_vm_linux_os_disk" {
type = string
default = "osdisk-$${vm_hostname}-$${host_number}"
description = "The name template for the Linux VM OS disk. The following replacements are automatically made: `$${vm_hostname}` => `var.vm_hostname`, `$${host_number}` => 'host index'. All other text can be set as desired."
}
variable "name_template_vm_windows" {
type = string
default = "$${vm_hostname}-vmWindows-$${host_number}"
description = "The name template for the Windows virtual machine. The following replacements are automatically made: `$${vm_hostname}` => `var.vm_hostname`, `$${host_number}` => 'host index'. All other text can be set as desired."
}
variable "name_template_vm_windows_os_disk" {
type = string
default = "$${vm_hostname}-osdisk-$${host_number}"
description = "The name template for the Windows VM OS disk. The following replacements are automatically made: `$${vm_hostname}` => `var.vm_hostname`, `$${host_number}` => 'host index'. All other text can be set as desired."
}
variable "nb_data_disk" {
type = number
default = 0
description = "(Optional) Number of the data disks attached to each virtual machine."
}
variable "nb_instances" {
type = number
default = 1
description = "Specify the number of vm instances."
}
variable "nb_public_ip" {
type = number
default = 1
description = "Number of public IPs to assign corresponding to one IP per vm. Set to 0 to not assign any public IP addresses."
}
variable "nested_data_disks" {
type = bool
default = true
description = "(Optional) When `true`, use nested data disks directly attached to the VM. When `false`, use azurerm_virtual_machine_data_disk_attachment resource to attach the data disks after the VM is created. Default is `true`."
nullable = false
}
variable "network_security_group" {
type = object({
id = string
})
default = null
description = "The network security group we'd like to bind with virtual machine. Set this variable will disable the creation of `azurerm_network_security_group` and `azurerm_network_security_rule` resources."
validation {
condition = var.network_security_group == null ? true : var.network_security_group.id != null
error_message = "When `var.network_security_group` is not `null`, `var.network_security_group.id` is required."
}
}
variable "os_profile_secrets" {
type = list(map(string))
default = []
description = "Specifies a list of certificates to be installed on the VM, each list item is a map with the keys source_vault_id, certificate_url and certificate_store."
}
variable "public_ip_dns" {
type = list(string)
default = [null]
description = "Optional globally unique per datacenter region domain name label to apply to each public ip address. e.g. thisvar.varlocation.cloudapp.azure.com where you specify only thisvar here. This is an array of names which will pair up sequentially to the number of public ips defined in var.nb_public_ip. One name or empty string is required for every public ip. If no public ip is desired, then set this to an array with a single empty string."
}
variable "public_ip_sku" {
type = string
default = "Basic"
description = "Defines the SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic."
}
variable "remote_port" {
type = string
default = ""
description = "Remote tcp port to be used for access to the vms created via the nsg applied to the nics."
}
variable "source_address_prefixes" {
type = list(string)
default = ["0.0.0.0/0"]
description = "(Optional) List of source address prefixes allowed to access var.remote_port."
}
variable "ssh_key" {
type = string
default = "~/.ssh/id_rsa.pub"
description = "Path to the public key to be used for ssh access to the VM. Only used with non-Windows vms and can be left as-is even if using Windows vms. If specifying a path to a certification on a Windows machine to provision a linux vm use the / in the path versus backslash.e.g. c : /home/id_rsa.pub."
}
variable "ssh_key_values" {
type = list(string)
default = []
description = "List of Public SSH Keys values to be used for ssh access to the VMs."
}
variable "storage_account_type" {
type = string
default = "Premium_LRS"
description = "Defines the type of storage account to be created. Valid options are Standard_LRS, Standard_ZRS, Standard_GRS, Standard_RAGRS, Premium_LRS."
}
variable "storage_os_disk_size_gb" {
type = number
default = null
description = "(Optional) Specifies the size of the data disk in gigabytes."
}
variable "tags" {
type = map(string)
default = {
source = "terraform"
}
description = "A map of the tags to use on the resources that are deployed with this module."
}
# tflint-ignore: terraform_unused_declarations
variable "tracing_tags_enabled" {
type = bool
default = false
description = "Whether enable tracing tags that generated by BridgeCrew Yor."
nullable = false
}
# tflint-ignore: terraform_unused_declarations
variable "tracing_tags_prefix" {
type = string
default = "avm_"
description = "Default prefix for generated tracing tags"
nullable = false
}
variable "vm_extension" {
type = object({
name = string
publisher = string
type = string
type_handler_version = string
auto_upgrade_minor_version = optional(bool)
automatic_upgrade_enabled = optional(bool)
failure_suppression_enabled = optional(bool, false)
settings = optional(string)
protected_settings = optional(string)
protected_settings_from_key_vault = optional(object({
secret_url = string
source_vault_id = string
}))
})
default = null
description = "(Deprecated) This variable has been superseded by the `vm_extensions`. Argument to create `azurerm_virtual_machine_extension` resource, the argument descriptions could be found at [the document](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension)."
sensitive = true # Because `protected_settings` is sensitive
}
variable "vm_extensions" {
type = set(object({
name = string
publisher = string
type = string
type_handler_version = string
auto_upgrade_minor_version = optional(bool)
automatic_upgrade_enabled = optional(bool)
failure_suppression_enabled = optional(bool, false)
settings = optional(string)
protected_settings = optional(string)
protected_settings_from_key_vault = optional(object({
secret_url = string
source_vault_id = string
}))
}))
# tflint-ignore: terraform_sensitive_variable_no_default
default = []
description = "Argument to create `azurerm_virtual_machine_extension` resource, the argument descriptions could be found at [the document](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension)."
nullable = false
sensitive = true # Because `protected_settings` is sensitive
validation {
condition = length(var.vm_extensions) == length(distinct([
for e in var.vm_extensions : e.type
]))
error_message = "`type` in `vm_extensions` must be unique."
}
}
variable "vm_hostname" {
type = string
default = "myvm"
description = "local name of the Virtual Machine."
}
variable "vm_os_id" {
type = string
default = ""
description = "The resource ID of the image that you want to deploy if you are using a custom image.Note, need to provide is_windows_image = true for windows custom images."
}
variable "vm_os_offer" {
type = string
default = ""
description = "The name of the offer of the image that you want to deploy. This is ignored when vm_os_id or vm_os_simple are provided."
}
variable "vm_os_publisher" {
type = string
default = ""
description = "The name of the publisher of the image that you want to deploy. This is ignored when vm_os_id or vm_os_simple are provided."
}
variable "vm_os_simple" {
type = string
default = ""
description = "Specify UbuntuServer, WindowsServer, RHEL, openSUSE-Leap, CentOS, Debian, CoreOS and SLES to get the latest image version of the specified os. Do not provide this value if a custom value is used for vm_os_publisher, vm_os_offer, and vm_os_sku."
}
variable "vm_os_sku" {
type = string
default = ""
description = "The sku of the image that you want to deploy. This is ignored when vm_os_id or vm_os_simple are provided."
}
variable "vm_os_version" {
type = string
default = "latest"
description = "The version of the image that you want to deploy. This is ignored when vm_os_id or vm_os_simple are provided."
}
variable "vm_size" {
type = string
default = "Standard_D2s_v3"
description = "Specifies the size of the virtual machine."
}
# Why we use `zone` not `zones` as `azurerm_virtual_machine.zones`?
# `azurerm_virtual_machine.zones` is [a list of single Az](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine#zones), the maximum length is `1`
# so we can only pass one zone per vm instance.
# Why don't we use [`element`](https://developer.hashicorp.com/terraform/language/functions/element) function?
# The `element` function act as mod operator, it will iterate the vm instances, meanwhile
# we must keep the vm and public ip in the same zone.
# The vm's count is controlled by `var.nb_instances` and public ips' count is controled by `var.nb_public_ip`,
# it would be hard for us to keep the vm and public ip in the same zone once `var.nb_instances` doesn't equal to `var.nb_public_ip`
# So, we decide that one module instance supports one zone only to avoid this dilemma.
variable "zone" {
type = string
default = null
description = "(Optional) The Availability Zone which the Virtual Machine should be allocated in, only one zone would be accepted. If set then this module won't create `azurerm_availability_set` resource. Changing this forces a new resource to be created."
}