-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
97 lines (81 loc) · 3.27 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
##############################################################################
# VPC Variables
##############################################################################
variable "region" {
description = "The region where VPC and services are deployed"
type = string
}
variable "prefix" {
description = "The prefix that you would like to prepend to your resources"
type = string
}
variable "vpc_name" {
description = "Name of the VPC where the Endpoint Gateways will be created. This value is used to dynamically generate VPE names."
type = string
}
variable "vpc_id" {
description = "ID of the VPC where the Endpoint Gateways will be created"
type = string
}
variable "subnet_zone_list" {
description = "List of subnets in the VPC where gateways and reserved IPs will be provisioned. This value is intended to use the `subnet_zone_list` output from the ICSE VPC Subnet Module (https://github.com/Cloud-Schematics/vpc-subnet-module) or from templates using that module for subnet creation."
type = list(
object({
name = string
id = string
zone = optional(string)
cidr = optional(string)
})
)
}
##############################################################################
##############################################################################
# VPE Variables
##############################################################################
variable "resource_group_id" {
description = "ID of the resource group where endpoint gateways will be provisioned"
type = string
default = null
}
variable "security_group_ids" {
description = "List of security group ids to attach to each endpoint gateway."
type = list(string)
default = null
}
variable "cloud_services" {
description = "List of cloud services to create an endpoint gateway."
type = list(string)
default = ["kms", "cloud-object-storage"]
validation {
error_message = "Currently the only supported services are Key Protect (`kms`), Cloud Object Storage (`cloud-object-storage`), Container Registry (`container-registry`), and Hyper Protect Crypto Services (`hs-crypto`). Any other VPE services must be added using `cloud_service_by_crn`."
condition = length(var.cloud_services) == 0 ? true : length([
for service in var.cloud_services :
service if !contains([
"kms",
"hs-crypto",
"cloud-object-storage",
"container-registry"
], service)
]) == 0
}
}
variable "cloud_service_by_crn" {
description = "List of cloud service CRNs. Each CRN will have a unique endpoint gateways created. For a list of supported services, see the docs [here](https://cloud.ibm.com/docs/vpc?topic=vpc-vpe-supported-services)."
type = list(
object({
name = string # service name
crn = string # service crn
})
)
default = []
}
variable "service_endpoints" {
description = "Service endpoints to use to create endpoint gateways. Can be `public`, or `private`."
type = string
default = "private"
validation {
error_message = "Service endpoints can only be `public` or `private`."
condition = contains(["public", "private"], var.service_endpoints)
}
}
##############################################################################