-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
164 lines (129 loc) · 4.64 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
# variables.tf
# # # # # # # # # # Task_1 code start # # # # # # # # # #
variable "aws_region" {
description = "Default AWS region for resource deployment"
type = string
default = "eu-central-1"
}
variable "aws_account_id" {
description = "AWS Account ID. It is stored in GitHub Secrets and taken later from environmental variables"
type = string
}
variable "terraform_state_s3_bucket_name" {
description = "The Name of the S3 bucket for storing Terraform state"
type = string
default = "amyslivets.terraform-state-s3-bucket"
}
variable "terraform_state_lock_table_name" {
description = "The Name of the DynamoDB table for storing Terraform locking state"
type = string
default = "amyslivets.terraform-state-lock-table"
}
variable "terraform_environment" {
description = "The environment (e.g., dev, prod)"
type = string
default = "dev"
}
variable "terraform_github_actions_role_name" {
description = "IAM role used by GitHub Actions"
type = string
default = "GithubActionsRole"
}
variable "terraform_github_actions_IODC_provider_name" {
description = "The Name of the GitHub Actions IODC provider"
type = string
default = "GitHub Actions OIDC Provider"
}
variable "required_iam_policies" {
description = "The List of Required IAM Policies"
type = list(string)
default = [
"arn:aws:iam::aws:policy/AmazonEC2FullAccess",
"arn:aws:iam::aws:policy/AmazonRoute53FullAccess",
"arn:aws:iam::aws:policy/AmazonS3FullAccess",
"arn:aws:iam::aws:policy/IAMFullAccess",
"arn:aws:iam::aws:policy/AmazonVPCFullAccess",
"arn:aws:iam::aws:policy/AmazonSQSFullAccess",
"arn:aws:iam::aws:policy/AmazonEventBridgeFullAccess"
]
}
variable "terraform_dynamodb_access_policy_name" {
description = "The Name of the custom DynamoDB access policy"
type = string
default = "DynamoDBTerraformServiceRolePolicy"
}
variable "terraform_dynamodb_access_policy_name_description" {
description = "The Description of the custom DynamoDB access policy "
type = string
default = "Custom Service Role policy for Terraform to access DynamoDB for state locking"
}
variable "terraform_dynamodb_access_allowed_actions" {
description = "The List of allowed actions for Terraform in the custom DynamoDB access policy"
type = list(string)
default = [
"dynamodb:PutItem",
"dynamodb:GetItem",
"dynamodb:DeleteItem",
"dynamodb:DescribeTable",
"dynamodb:DescribeContinuousBackups",
"dynamodb:DescribeTimeToLive",
"dynamodb:ListTagsOfResource"
]
}
# # # # # # # # # # Task_1 code end # # # # # # # # # #
# # # # # # # # # # Task_2 code start # # # # # # # # # #
variable "vpc_cidr" {
description = "CIDR block for the VPC"
default = "10.0.0.0/22"
}
variable "public_subnets" {
description = "List of CIDR blocks for public subnets"
default = ["10.0.0.0/24", "10.0.1.0/24"]
}
variable "private_subnets" {
description = "List of CIDR blocks for private subnets"
default = ["10.0.2.0/24", "10.0.3.0/24"]
}
variable "availability_zones" {
description = "Availability zones"
default = ["eu-central-1a", "eu-central-1b"]
}
variable "ssh_source_ip" {
description = "IP address of the device allowed to connect to the Bastion Host"
default = ["0.0.0.0/0"] # Replace with your IP
}
variable "ec2_ami_amazon_linux" {
description = "Amazon Linux 2 AMI (HVM) - Kernel 5.10, SSD Volume Type 64-bit (x86)"
default = "ami-0e6a13e7a5b66ff4d"
}
variable "ec2_ami_ubuntu" {
description = "Ubuntu Server 24.04 LTS (HVM), SSD Volume Type 64-bit (x86)"
default = "ami-0084a47cc718c111a"
}
# # # # # # # # # # Task_2 code end # # # # # # # # # #
# # # # # # # # # # Task_3 code start # # # # # # # # # #
variable "k3s_token" {
description = "K3S_TOKEN. It is stored in GitHub Secrets and taken later from environmental variables"
type = string
}
variable "private_key_file" {
description = "The name of the file where the private key will be stored"
default = "aws.pem"
}
variable "ec2_instance_bastion" {
description = "Instance type for deploying Bastion on AWS"
default = "t2.micro"
}
variable "ec2_instance_k3s" {
description = "Instance type for deploying k3s on AWS"
default = "t3.medium"
}
variable "ec2_ami_k3s" {
description = "SUSE Linux Enterprise Server 15 SP6 (HVM), SSD Volume Type (64-bit (x86))"
default = "ami-0a30b5c74f844a814"
}
variable "server_node_fixed_private_ip" {
description = "Server Node fixed private IP. Hardcoded for easier debugging"
default = "10.0.2.10"
}
# # # # # # # # # # Task_3 code end # # # # # # # # # #