-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathvariables.tf
155 lines (131 loc) · 4.17 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# Copyright (c) 2019, 2022 Oracle Corporation and/or affiliates. All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
# provider parameters
variable "tenancy_id" {
description = "tenancy id where to create the sources"
type = string
default = ""
}
# general oci parameters
variable "compartment_id" {
description = "compartment id where to create all resources"
type = string
}
variable "label_prefix" {
description = "a string that will be prepended to all resources"
type = string
default = "none"
}
variable "assign_dns" {
default = true
description = "Whether to assign DNS records to created instances"
type = bool
}
# network parameters
variable "availability_domain" {
description = "the AD to place the bastion host"
default = 1
type = number
}
variable "bastion_access" {
description = "A list of CIDR blocks to which ssh access to the bastion must be restricted to. *anywhere* is equivalent to 0.0.0.0/0 and allows ssh access from anywhere."
default = ["anywhere"]
type = list
}
variable "ig_route_id" {
description = "the route id to the internet gateway"
type = string
}
variable "netnum" {
description = "0-based index of the bastion subnet when the VCN's CIDR is masked with the corresponding newbit value."
default = 0
type = number
}
variable "newbits" {
description = "The difference between the VCN's netmask and the desired bastion subnet mask"
default = 14
type = number
}
variable "vcn_id" {
description = "The id of the VCN to use when creating the bastion resources."
type = string
}
# bastion host parameters
variable "bastion_image_id" {
description = "Provide a custom image id for the bastion host or leave as Autonomous."
default = "Autonomous"
type = string
}
variable "bastion_os_version" {
description = "In case Autonomous Linux is used, allow specification of Autonomous version"
default = "7.9"
type = string
}
variable "bastion_shape" {
description = "The shape of bastion instance."
default = {
shape = "VM.Standard.E4.Flex", ocpus = 1, memory = 4, boot_volume_size = 50
}
type = map(any)
}
variable "bastion_state" {
description = "The target state for the instance. Could be set to RUNNING or STOPPED. (Updatable)"
default = "RUNNING"
type = string
}
variable "bastion_timezone" {
description = "The preferred timezone for the bastion host."
default = "Australia/Sydney"
type = string
}
variable "bastion_type" {
description = "Whether to make the bastion host public or private."
default = "public"
type = string
}
variable "ssh_public_key" {
description = "the content of the ssh public key used to access the bastion. set this or the ssh_public_key_path"
default = ""
type = string
}
variable "ssh_public_key_path" {
description = "path to the ssh public key used to access the bastion. set this or the ssh_public_key"
default = ""
type = string
}
variable "upgrade_bastion" {
description = "Whether to upgrade the bastion host packages after provisioning. It's useful to set this to false during development/testing so the bastion is provisioned faster."
default = false
type = bool
}
# bastion notification
variable "enable_bastion_notification" {
description = "Whether to enable ONS notification for the bastion host."
default = false
type = bool
}
variable "bastion_notification_endpoint" {
description = "The subscription notification endpoint. Email address to be notified."
default = null
type = string
}
variable "bastion_notification_protocol" {
description = "The notification protocol used."
default = "EMAIL"
type = string
}
variable "bastion_notification_topic" {
description = "The name of the notification topic"
default = "bastion"
type = string
}
# tagging
variable "freeform_tags" {
description = "Freeform tags for bastion"
default = {
access = "public"
environment = "dev"
role = "bastion"
}
type = map(any)
}