96 lines
2.5 KiB
HCL
96 lines
2.5 KiB
HCL
/**
|
|
* Copyright © 2014-2022 HashiCorp, Inc.
|
|
*
|
|
* This Source Code is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this project, you can obtain one at http://mozilla.org/MPL/2.0/.
|
|
*
|
|
*/
|
|
|
|
variable "aws_region" {
|
|
description = "AWS region to deploy resources into"
|
|
type = string
|
|
default = "eu-north-1"
|
|
}
|
|
|
|
variable "azs" {
|
|
description = "availability zones to use in AWS region"
|
|
type = list(string)
|
|
}
|
|
|
|
variable "shared_san" {
|
|
description = "This is a shared server name that the certs for all Vault nodes contain. This is the same value you will supply as input to the Vault installation module for the leader_tls_servername variable."
|
|
type = string
|
|
default = "vault.great-hyperlobic-omnicognate-neutron-wrangler.space"
|
|
}
|
|
|
|
variable "tags" {
|
|
description = "Tags for VPC resources"
|
|
type = map(string)
|
|
default = {}
|
|
}
|
|
|
|
variable "resource_name_prefix" {
|
|
description = "Resource name prefix used for tagging and naming AWS resources"
|
|
type = string
|
|
default = "prod"
|
|
}
|
|
|
|
# === Bastion ===
|
|
|
|
variable "bastion_bucket_name" {
|
|
description = "Bucket name where the bastion will store the logs"
|
|
type = string
|
|
default = "omnicognate-vault-bastion-access-logs"
|
|
}
|
|
|
|
variable "create_dns_record" {
|
|
description = "True or false?"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "hosted_zone_id" {
|
|
description = "Name of the hosted zone where we'll register the bastion DNS name"
|
|
type = string
|
|
default = "vault.great-hyperlobic-omnicognate-neutron-wrangler.space"
|
|
}
|
|
|
|
|
|
variable "bastion_record_name" {
|
|
description = ""
|
|
type = string
|
|
default = "vault.vault.great-hyperlobic-omnicognate-neutron-wrangler.space"
|
|
}
|
|
|
|
|
|
|
|
variable "common_tags" {
|
|
type = map(string)
|
|
description = "(Optional) Map of common tags for all taggable AWS resources."
|
|
default = {
|
|
"project" = "vault"
|
|
}
|
|
}
|
|
|
|
variable "use_latest_ami" {
|
|
description = "Use the latest AMI for bastion?"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "user_supplied_ami_id" {
|
|
description = "User-provided AMI ID to use with bastion."
|
|
type = string
|
|
default = "ami-0506d6d51f1916a96"
|
|
}
|
|
|
|
variable "bastion_instance_type" {
|
|
description = "The instance type to use for the bastion"
|
|
type = string
|
|
default = "t3.micro"
|
|
}
|
|
|
|
variable "key_name" {
|
|
description = "(Optional) key pair to use for SSH access to instance"
|
|
type = string
|
|
default = "Vault"
|
|
} |