variable "region" { description = "Provider region for STACKIT Cloud" type = string default = "eu01" } variable "service_account_token" { description = "Service account token for authentication" sensitive = true type = string default = null } # -----------------------------------------------------------------------------# # SNA & Projects # -----------------------------------------------------------------------------# variable "organization_id" { description = "STACKIT organization container ID" type = string } variable "service_account_key_path" { description = "Path to service account JSON key" type = string default = "/Users/schlenz/.stackit/sa.json" } variable "default_region" { description = "Default region fallback for created resources" type = string default = "eu01" } variable "SNA_name" { description = "Name of the Service Network Area to create" type = string } variable "SNA_network_ranges" { description = "CIDR list for the Service Network Area" type = list(object({ prefix = string })) } variable "SNA_transfer_network" { description = "Transfer network CIDR for the SNA" type = string } variable "Projects_map" { description = "Map of STACKIT projects to create" type = map(object({ name = string owner_email = string })) } variable "labels" { description = "Default labels to apply where supported" type = map(string) default = {} } # -----------------------------------------------------------------------------# # Security Groups # -----------------------------------------------------------------------------# variable "security_groups" { description = "Map of security group definitions" type = map(object({ name = optional(string) project_key = string description = optional(string) rules = list(object({ direction = string description = optional(string) ether_type = optional(string) icmp_parameters = optional(object({ type = optional(number) code = optional(number) })) ip_range = optional(string) port_range = optional(object({ min = number max = number })) protocol = optional(object({ name = optional(string) number = optional(number) })) remote_security_group_id = optional(string) })) })) } # -----------------------------------------------------------------------------# # PostgreSQL # -----------------------------------------------------------------------------# variable "postgres_instances" { description = "Map of PostgreSQL instances to create" type = map(object({ name = string project_key = string version = number flavor = object({ cpu = number, ram = number }) storage = object({ class = string, size = number }) replicas = number acl = list(string) backup_schedule = string users = list(object({ username = string roles = set(string) })) databases = list(object({ name = string owner = string })) })) } # -----------------------------------------------------------------------------# # Networks # -----------------------------------------------------------------------------# variable "networks" { description = "Map of network definitions per project" type = map(object({ name = string project_key = string # IPv4 ipv4_gateway = optional(string) ipv4_nameservers = optional(list(string)) ipv4_prefix = optional(string) ipv4_prefix_length = optional(number) # IPv6 ipv6_gateway = optional(string) ipv6_nameservers = optional(list(string)) ipv6_prefix = optional(string) ipv6_prefix_length = optional(number) # Flags & labels labels = optional(map(string)) no_ipv4_gateway = optional(bool) no_ipv6_gateway = optional(bool) routed = optional(bool) # NICs nics = optional(map(object({ nic_ipv4 = optional(string) nic_name = string nic_allowed_addresses = optional(list(string)) nic_labels = optional(map(string)) nic_security = optional(bool) nic_security_group_ids = optional(list(string)) nic_security_group_names = optional(list(string)) }))) })) default = {} } # -----------------------------------------------------------------------------# # SKE Clusters # -----------------------------------------------------------------------------# variable "ske_clusters" { description = "Map of SKE cluster definitions" type = map(object({ name = string project_key = string kubernetes_version_min = optional(string) hibernations = optional(list(object({ start = string end = string timezone = optional(string) }))) maintenance = optional(object({ enable_kubernetes_version_updates = bool enable_machine_image_version_updates = bool start = string end = string })) extensions = optional(object({ acl = optional(object({ enabled = bool allowed_cidrs = list(string) })) argus = optional(object({ enabled = bool argus_instance_id = string })) })) node_pools = list(object({ name = string machine_type = string availability_zones = list(string) minimum = number maximum = number allow_system_components = optional(bool) cri = optional(string) labels = optional(map(string)) max_surge = optional(number) max_unavailable = optional(number) os_name = optional(string) os_version_min = optional(string) volume_size = optional(number) volume_type = optional(string) taints = optional(list(object({ effect = string key = string value = optional(string) }))) })) })) default = {} } # -----------------------------------------------------------------------------# # Observability # -----------------------------------------------------------------------------# variable "observability_instances" { description = "Map of Observability instances to create" type = map(object({ name = string project_key = string plan_name = string # Instance settings acl = optional(list(string)) metrics_retention_days = optional(number) metrics_retention_days_5m_downsampling = optional(number) metrics_retention_days_1h_downsampling = optional(number) alert_config = optional(any) parameters = optional(map(string)) # Credentials create_credentials = optional(bool, true) credentials_count = optional(number, 1) # Alert-groups alertgroups = optional(map(object({ name = string interval = optional(string) rules = list(object({ alert = string expression = string for = optional(string) labels = optional(map(string)) annotations = optional(map(string)) })) })), {}) # Log-alert-groups logalertgroups = optional(map(object({ name = string interval = optional(string) rules = list(object({ alert = string expression = string for = optional(string) labels = optional(map(string)) annotations = optional(map(string)) })) })), {}) # Scrape-configs scrapeconfigs = optional(map(object({ name = string metrics_path = string targets = list(object({ urls = list(string) labels = optional(map(string)) })) basic_auth = optional(object({ username = string password = string })) saml2 = optional(object({ enable_url_parameters = optional(bool) })) sample_limit = optional(number) scheme = optional(string) scrape_interval = optional(string) scrape_timeout = optional(string) })), {}) })) default = {} validation { condition = alltrue([ for k, v in var.observability_instances : contains([ "Observability-Medium-EU01", "Observability-Monitoring-XL-EU01", "Observability-Large-EU01", "Observability-Monitoring-Basic-EU01", "Observability-Monitoring-Large-EU01", "Observability-Basic-EU01", "Observability-Monitoring-Medium-EU01", "Observability-Monitoring-XXL-EU01", "Observability-Metrics-Endpoint-100k-EU01", "Observability-Frontend-Starter-EU01", "Observability-Monitoring-Starter-EU01", "Observability-Starter-EU01", ], v.plan_name) ]) error_message = <<-EOM One or more observability_instances specify an invalid plan_name. See the provider error output for supported plans. Allowed: Observability-Medium-EU01 Observability-Monitoring-XL-EU01 Observability-Large-EU01 Observability-Monitoring-Basic-EU01 Observability-Monitoring-Large-EU01 Observability-Basic-EU01 Observability-Monitoring-Medium-EU01 Observability-Monitoring-XXL-EU01 Observability-Metrics-Endpoint-100k-EU01 Observability-Frontend-Starter-EU01 Observability-Monitoring-Starter-EU01 Observability-Starter-EU01 EOM } }