-
Notifications
You must be signed in to change notification settings - Fork 37
/
Copy pathvariables.tf
160 lines (136 loc) · 4.22 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
variable "name" {
description = "Name used for resources created within the module"
type = string
}
variable "vpc_id" {
description = "VPC ID to deploy the NAT instance into"
type = string
}
variable "subnet_id" {
description = "Subnet ID to deploy the NAT instance into"
type = string
}
variable "update_route_table" {
description = "Deprecated. Use update_route_tables instead"
type = bool
default = false
}
variable "update_route_tables" {
description = "Whether or not to update the route tables with the NAT instance"
type = bool
default = false
}
variable "route_table_id" {
description = "Deprecated. Use route_tables_ids instead"
type = string
default = null
}
variable "route_tables_ids" {
description = "Route tables to update. Only valid if update_route_tables is true"
type = map(string)
default = {}
}
variable "encryption" {
description = "Whether or not to encrypt the EBS volume"
type = bool
default = true
}
variable "kms_key_id" {
description = "Will use the provided KMS key ID to encrypt the EBS volume. Uses the default KMS key if none provided"
type = string
default = null
}
variable "ha_mode" {
description = "Whether or not high-availability mode should be enabled via autoscaling group"
type = bool
default = true
}
variable "instance_type" {
description = "Instance type to use for the NAT instance"
type = string
default = "t4g.micro"
}
variable "ami_id" {
description = "AMI to use for the NAT instance. Uses fck-nat latest AMI in the region if none provided"
type = string
default = null
}
variable "ebs_root_volume_size" {
description = "Size of the EBS root volume in GB"
type = number
default = 8
}
variable "eip_allocation_ids" {
description = "EIP allocation IDs to use for the NAT instance. Automatically assign a public IP if none is provided. Note: Currently only supports at most one EIP allocation."
type = list(string)
default = []
}
variable "attach_ssm_policy" {
description = "Whether to attach the minimum required IAM permissions to connect to the instance via SSM."
type = bool
default = true
}
variable "use_spot_instances" {
description = "Whether or not to use spot instances for running the NAT instance"
type = bool
default = false
}
variable "use_cloudwatch_agent" {
description = "Whether or not to enable CloudWatch agent for the NAT instance"
type = bool
default = false
}
variable "cloudwatch_agent_configuration" {
description = "CloudWatch configuration for the NAT instance"
type = object({
namespace = optional(string, "fck-nat"),
collection_interval = optional(number, 60),
endpoint_override = optional(string, "")
})
default = {
namespace = "fck-nat"
collection_interval = 60
endpoint_override = ""
}
}
variable "cloudwatch_agent_configuration_param_arn" {
description = "ARN of the SSM parameter containing the CloudWatch agent configuration. If none provided, creates one"
type = string
default = null
}
variable "use_default_security_group" {
description = "Whether or not to use the default security group for the NAT instance"
type = bool
default = true
}
variable "additional_security_group_ids" {
description = "A list of identifiers of security groups to be added for the NAT instance"
type = list(string)
default = []
}
variable "use_ssh" {
description = "Whether or not to enable SSH access to the NAT instance"
type = bool
default = false
}
variable "ssh_key_name" {
description = "Name of the SSH key to use for the NAT instance. SSH access will be enabled only if a key name is provided"
type = string
default = null
}
variable "ssh_cidr_blocks" {
description = "CIDR blocks to allow SSH access to the NAT instance from"
type = object({
ipv4 = optional(list(string), [])
ipv6 = optional(list(string), [])
})
default = {
ipv4 = [],
ipv6 = []
}
}
variable "tags" {
description = "Tags to apply to resources created within the module"
type = map(string)
default = {}
}