professional-service-best-practices/terraform-modules
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
terraform-modules/example/variables.tf

313 lines
8.9 KiB
HCL
Raw Blame History

variable "region" {
description = "Provider region for STACKIT Cloud"
type = string
default = "eu01"
}
variable "service_account_token" {
description = "Service account token for authentication"
sensitive = true
type = string
default = null
}
# -----------------------------------------------------------------------------#
# SNA & Projects
# -----------------------------------------------------------------------------#
variable "organization_id" {
description = "STACKIT organization container ID"
type = string
}
variable "service_account_key_path" {
description = "Path to service account JSON key"
type = string
default = "/Users/schlenz/.stackit/sa.json"
}
variable "default_region" {
description = "Default region fallback for created resources"
type = string
default = "eu01"
}
variable "SNA_name" {
description = "Name of the Service Network Area to create"
type = string
}
variable "SNA_network_ranges" {
description = "CIDR list for the Service Network Area"
type = list(object({ prefix = string }))
}
variable "SNA_transfer_network" {
description = "Transfer network CIDR for the SNA"
type = string
}
variable "Projects_map" {
description = "Map of STACKIT projects to create"
type = map(object({
name = string
owner_email = string
}))
}
variable "labels" {
description = "Default labels to apply where supported"
type = map(string)
default = {}
}
variable "security_groups" {
description = "Map of security group definitions"
type = map(object({
name = optional(string)
project_key = string
description = optional(string)
rules = list(object({
direction = string
description = optional(string)
ether_type = optional(string)
icmp_parameters = optional(object({
type = optional(number)
code = optional(number)
}))
ip_range = optional(string)
port_range = optional(object({
min = number
max = number
}))
protocol = optional(object({
name = optional(string)
number = optional(number)
}))
remote_security_group_id = optional(string)
}))
}))
}
variable "postgres_instances" {
description = "Map of PostgreSQL instances to create"
type = map(object({
name = string
project_key = string
version = number
flavor = object({ cpu = number, ram = number })
storage = object({ class = string, size = number })
replicas = number
acl = list(string)
backup_schedule = string
users = list(object({
username = string
roles = set(string)
}))
databases = list(object({
name = string
owner = string
}))
}))
}
variable "networks" {
description = "Map of network definitions per project"
type = map(object({
name = string
project_key = string
# IPv4
ipv4_gateway = optional(string)
ipv4_nameservers = optional(list(string))
ipv4_prefix = optional(string)
ipv4_prefix_length = optional(number)
# IPv6
ipv6_gateway = optional(string)
ipv6_nameservers = optional(list(string))
ipv6_prefix = optional(string)
ipv6_prefix_length = optional(number)
# Flags & labels
labels = optional(map(string))
no_ipv4_gateway = optional(bool)
no_ipv6_gateway = optional(bool)
routed = optional(bool)
# NICs
nics = optional(map(object({
nic_ipv4 = optional(string)
nic_name = string
nic_allowed_addresses = optional(list(string))
nic_labels = optional(map(string))
nic_security = optional(bool)
nic_security_group_ids = optional(list(string))
nic_security_group_names = optional(list(string))
})))
}))
default = {}
}
# -----------------------------------------------------------------------------#
# SKE Clusters
# -----------------------------------------------------------------------------#
variable "ske_clusters" {
description = "Map of SKE cluster definitions"
type = map(object({
name = string
project_key = string
kubernetes_version_min = optional(string)
hibernations = optional(list(object({
start = string
end = string
timezone = optional(string)
})))
maintenance = optional(object({
enable_kubernetes_version_updates = bool
enable_machine_image_version_updates = bool
start = string
end = string
}))
extensions = optional(object({
acl = optional(object({
enabled = bool
allowed_cidrs = list(string)
}))
argus = optional(object({
enabled = bool
argus_instance_id = string
}))
}))
node_pools = list(object({
name = string
machine_type = string
availability_zones = list(string)
minimum = number
maximum = number
allow_system_components = optional(bool)
cri = optional(string)
labels = optional(map(string))
max_surge = optional(number)
max_unavailable = optional(number)
os_name = optional(string)
os_version_min = optional(string)
volume_size = optional(number)
volume_type = optional(string)
taints = optional(list(object({
effect = string
key = string
value = optional(string)
})))
}))
}))
default = {}
}
variable "observability_instances" {
description = "Map of Observability instances to create"
type = map(object({
name = string
project_key = string
plan_name = string
# Instance settings
acl = optional(list(string))
metrics_retention_days = optional(number)
metrics_retention_days_5m_downsampling = optional(number)
metrics_retention_days_1h_downsampling = optional(number)
alert_config = optional(any)
parameters = optional(map(string))
# Credentials
create_credentials = optional(bool, true)
credentials_count = optional(number, 1)
# Alert-groups
alertgroups = optional(map(object({
name = string
interval = optional(string)
rules = list(object({
alert = string
expression = string
for = optional(string)
labels = optional(map(string))
annotations = optional(map(string))
}))
})), {})
# Log-alert-groups
logalertgroups = optional(map(object({
name = string
interval = optional(string)
rules = list(object({
alert = string
expression = string
for = optional(string)
labels = optional(map(string))
annotations = optional(map(string))
}))
})), {})
# Scrape-configs
scrapeconfigs = optional(map(object({
name = string
metrics_path = string
targets = list(object({
urls = list(string)
labels = optional(map(string))
}))
basic_auth = optional(object({
username = string
password = string
}))
saml2 = optional(object({
enable_url_parameters = optional(bool)
}))
sample_limit = optional(number)
scheme = optional(string)
scrape_interval = optional(string)
scrape_timeout = optional(string)
})), {})
}))
default = {}
validation {
condition = alltrue([
for k, v in var.observability_instances :
contains([
"Observability-Medium-EU01",
"Observability-Monitoring-XL-EU01",
"Observability-Large-EU01",
"Observability-Monitoring-Basic-EU01",
"Observability-Monitoring-Large-EU01",
"Observability-Basic-EU01",
"Observability-Monitoring-Medium-EU01",
"Observability-Monitoring-XXL-EU01",
"Observability-Metrics-Endpoint-100k-EU01",
"Observability-Frontend-Starter-EU01",
"Observability-Monitoring-Starter-EU01",
"Observability-Starter-EU01",
], v.plan_name)
])
error_message = <<-EOM
One or more observability_instances specify an invalid plan_name.
See the provider error output for supported plans. Allowed:
Observability-Medium-EU01
Observability-Monitoring-XL-EU01
Observability-Large-EU01
Observability-Monitoring-Basic-EU01
Observability-Monitoring-Large-EU01
Observability-Basic-EU01
Observability-Monitoring-Medium-EU01
Observability-Monitoring-XXL-EU01
Observability-Metrics-Endpoint-100k-EU01
Observability-Frontend-Starter-EU01
Observability-Monitoring-Starter-EU01
Observability-Starter-EU01
EOM
}
}
Reference in a new issue View git blame Copy permalink