/
variables.tf
133 lines (115 loc) · 3.26 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
# create a variable for the region
variable "aws_region" {
description = "The AWS region to deploy to"
default = "us-east-1"
type = string
}
# create a variable for the application name
variable "application" {
description = "The name of the application"
default = "co-boomi-atom"
type = string
}
variable "atom_name" {
description = "The name of the atom"
default = "coforma-atom-1"
type = string
}
# create a variable for the environment
variable "environment" {
description = "The environment to deploy to"
default = "prod"
type = string
}
# create a variable for the owner
variable "owner" {
description = "The owner of the application"
default = "devsecops"
type = string
}
# Container variables
variable "container_port" {
description = "The port of the container"
default = 9090
type = number
}
variable "atom_version" {
description = "The version of the atom"
default = "4.3.5"
type = string
}
# Container secrets
variable "boomi_username" {
description = "The username for the boomi platform"
sensitive = true
type = string
}
variable "boomi_auth_token" {
description = "The auth token for the boomi platform"
sensitive = true
type = string
}
variable "boomi_account_id" {
description = "The account ID for the boomi platform"
sensitive = true
type = string
}
variable "boomi_environment_id" {
description = "The environment ID of the atom is to be attached"
sensitive = true
default = ""
type = string
}
# Network variables
variable "vpc_cidr" {
description = "The CIDR block for the VPC"
default = "10.1.0.0/24"
}
variable "private_subnet_cidrs" {
type = list(string)
description = "The CIDR block for the subnet"
default = ["10.1.0.0/27", "10.1.0.32/27"]
}
variable "public_subnet_cidrs" {
type = list(string)
description = "The CIDR block for the subnet"
default = ["10.1.0.64/27", "10.1.0.96/27"]
}
# Extra security group egress rules
variable "atom_security_group_egress" {
type = list(object({
from_port = number
to_port = number
description = string
protocol = string
cidr_blocks = list(string)
}))
description = "Atom security group egress rules"
default = [
{
from_port = 31001
to_port = 31001
description = "Unanet traffic"
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
]
}
variable "retention_in_days" {
description = "The number of days to retain logs"
default = 7
type = number
}
data "aws_availability_zones" "available" {
state = "available"
}
locals {
azs = slice(data.aws_availability_zones.available.names, 0, 3)
container_name = "${var.application}-ct"
function_name = "${var.application}-secret-install-lambda"
secret_prefix = "/${var.application}/${var.environment}"
token_secret_name = "${local.secret_prefix}/boomi-install-token"
# Create subnet names from CIDR blocks variable
private_subnet_names = [for i in range(length(var.private_subnet_cidrs)) : "${var.application}-private-subnet-${i}"]
public_subnet_names = [for i in range(length(var.public_subnet_cidrs)) : "${var.application}-public-subnet-${i}"]
}