-
Notifications
You must be signed in to change notification settings - Fork 10
/
variables.tf
376 lines (317 loc) · 11.3 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
variable "allocated_storage" {
type = number
default = null
description = "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster. (Required for Multi-AZ DB cluster)"
}
variable "allow_major_version_upgrade" {
type = bool
default = false
description = "Enable to allow major engine version upgrades when changing engine versions"
}
variable "apply_immediately" {
type = bool
default = true
description = "Specifies whether any cluster modifications are applied immediately"
}
variable "auto_minor_version_upgrade" {
type = bool
default = true
description = "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window`"
}
variable "auto_pause" {
type = bool
default = true
description = "Whether to enable automatic pause"
}
variable "backtrack_window" {
type = number
default = 0
description = "The target backtrack window, in seconds. Only available for `mysql` engines. Must be between 0 (disabled) and 259200 (72 hours)"
validation {
condition = var.backtrack_window >= 0 && var.backtrack_window <= 259200
error_message = "Value must be between \"0\" and \"259200\" (72 hours)"
}
}
variable "backup_retention_period" {
type = number
default = 7
description = "Number of days to retain backups for"
}
variable "ca_cert_identifier" {
type = string
default = "rds-ca-rsa2048-g1"
description = "Identifier of the CA certificate for the DB instance"
validation {
condition = var.ca_cert_identifier != null ? contains(["rds-ca-2019", "rds-ca-rsa2048-g1", "rds-ca-rsa4096-g1", "rds-ca-ecc384-g1"], var.ca_cert_identifier) : true
error_message = "Allowed values for ca_cert_identifier are \"rds-ca-2019\", \"rds-ca-rsa2048-g1\", \"rds-ca-rsa4096-g1\", \"rds-ca-ecc384-g1\"."
}
}
variable "cluster_family" {
type = string
default = null
description = "The family of the DB cluster parameter group"
}
variable "cluster_parameters" {
type = list(object({
apply_method = optional(string, "immediate")
name = string
value = string
}))
default = [{
name = "character_set_server",
value = "utf8",
apply_method = "pending-reboot"
}, {
name = "character_set_client",
value = "utf8",
apply_method = "pending-reboot"
}, {
name = "require_secure_transport",
value = "ON",
apply_method = "immediate"
}]
description = "A list of cluster DB parameters to apply"
}
variable "database" {
type = string
default = null
description = "The name of the first database to be created when the cluster is created"
}
variable "database_parameters" {
type = list(object({
apply_method = optional(string, "immediate")
name = string
value = string
}))
default = null
description = "A list of instance DB parameters to apply"
}
variable "db_cluster_instance_class" {
type = string
default = null
description = "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster. Only set this variable if you are deploying a Multi-AZ DB cluster. (Required for Multi-AZ DB cluster)"
}
variable "deletion_protection" {
type = bool
default = true
description = "A boolean indicating if the DB instance should have deletion protection enable"
}
variable "enable_cloudwatch_logs_exports" {
type = bool
default = true
description = "Set to false to disable logging to cloudwatch"
}
variable "enabled_cloudwatch_logs_exports" {
type = list(string)
default = null
description = "List of log types to export to cloudwatch, by default all supported types are exported"
}
variable "enable_http_endpoint" {
type = bool
default = false
description = "Enable Aurora Serverless HTTP endpoint (Data API)"
}
variable "endpoints" {
type = map(object({
excluded_members = optional(list(string), [])
static_members = optional(list(string), [])
type = string
}))
default = {}
description = "A map of additional cluster endpoints to be created"
}
variable "engine" {
type = string
description = "The engine type of the Aurora cluster"
validation {
condition = contains(["mysql", "postgresql"], var.engine)
error_message = "Allowed values for engine are \"mysql\", \"postgresql\""
}
}
variable "engine_mode" {
type = string
default = "provisioned"
description = "The engine mode of the Aurora cluster"
validation {
condition = contains(["provisioned", "serverless", "parallelquery", "global", "multimaster", "serverlessv2"], var.engine_mode)
error_message = "Allowed values for engine_mode are \"provisioned\", \"serverless\", \"parallelquery\", \"global\", \"multimaster\" or \"serverlessv2\"."
}
}
variable "engine_version" {
type = string
default = null
description = "The engine version of the Aurora cluster"
}
variable "final_snapshot_identifier" {
type = string
default = null
description = "Identifier of the final snapshot to create before deleting the cluster"
}
variable "iam_database_authentication_enabled" {
type = bool
default = true
description = "Specify if mapping AWS IAM accounts to database accounts is enabled."
}
variable "iam_roles" {
type = list(string)
default = null
description = "A list of IAM Role ARNs to associate with the cluster"
}
variable "instance_class" {
type = string
default = null
description = "The class of RDS instances to attach to the cluster instances (not used when `engine_mode` set to `serverless`)"
}
variable "instance_config" {
type = map(object({
instance_class = optional(string, null)
promotion_tier = optional(number, null)
}))
default = null
description = "Map of instance specific settings that override values set elsewhere in the module, map keys should match instance number"
}
variable "instance_count" {
type = number
default = 2
description = "The number of RDS instances to attach (not used when `engine_mode` set to `serverless`)"
}
variable "iops" {
type = number
default = null
description = "The amount of Provisioned IOPS to be initially allocated for each DB instance. (Required for Multi-AZ DB cluster)"
}
variable "kms_key_id" {
type = string
default = null
description = "ID of KMS key to encrypt storage and performance insights data"
}
variable "manage_master_user" {
type = bool
default = true
description = "Set to false to provide a custom password using `master_password`"
}
variable "master_password" {
type = string
default = null
description = "Password for the master DB user, must set `manage_master_user` to false if specifying a custom password"
}
variable "master_user_secret_kms_key_id" {
type = string
default = null
description = "ID of KMS key to encrypt the master user Secrets Manager secret"
}
variable "master_username" {
type = string
default = null
description = "Username for the master DB user"
}
variable "max_capacity" {
type = string
default = 8
description = "The maximum capacity of the serverless cluster"
}
variable "min_capacity" {
type = string
default = 1
description = "The minimum capacity of the serverless cluster"
}
variable "monitoring_interval" {
type = string
default = null
description = "The interval (seconds) for collecting enhanced monitoring metrics"
}
variable "name" {
type = string
description = "The name for the Aurora Cluster"
}
variable "parameter_group_name" {
type = string
default = null
description = "The name for the DB / RDS cluster parameter groups"
}
variable "performance_insights" {
type = bool
default = true
description = "Specifies whether Performance Insights is enabled or not"
}
variable "performance_insights_retention_period" {
type = number
default = 7
description = "Amount of time in days to retain Performance Insights data, must be `7`, `731` (2 years) or a multiple of `31`"
validation {
condition = var.performance_insights_retention_period == 7 || var.performance_insights_retention_period == 731 || var.performance_insights_retention_period % 31 == 0
error_message = "Value must be \"7\", \"731\" (2 years) or a multiple of \"31\""
}
}
variable "permissions_boundary" {
type = string
default = null
description = "The ARN of the policy that is used to set the permissions boundary for the role"
}
variable "preferred_backup_window" {
type = string
default = null
description = "The daily time range during which automated backups are created, in UTC e.g. 04:00-09:00"
}
variable "preferred_maintenance_window" {
type = string
default = null
description = "The weekly time range during which system maintenance can occur, in UTC e.g. wed:04:00-wed:04:30"
}
variable "publicly_accessible" {
type = string
default = false
description = "Control if instances in cluster are publicly accessible"
}
variable "security_group_ingress_rules" {
type = list(object({
cidr_ipv4 = optional(string)
cidr_ipv6 = optional(string)
description = string
prefix_list_id = optional(string)
referenced_security_group_id = optional(string)
}))
default = []
description = "Security Group ingress rules"
validation {
condition = alltrue([for o in var.security_group_ingress_rules : (o.cidr_ipv4 != null || o.cidr_ipv6 != null || o.prefix_list_id != null || o.referenced_security_group_id != null)])
error_message = "One of \"cidr_ipv4\", \"cidr_ipv6\", \"prefix_list_id\", or \"referenced_security_group_id\" must be provided in order to allow ingress connectivity"
}
}
variable "snapshot_identifier" {
type = string
default = null
description = "Database snapshot identifier to create the database from"
}
variable "storage_encrypted" {
type = bool
default = true
description = "Specifies whether the DB cluster is encrypted"
}
variable "storage_type" {
type = string
default = null
description = "Specifies the storage type to be associated with the DB cluster. (Required for Multi-AZ DB cluster)`"
validation {
condition = var.storage_type != null ? contains(["io1", "aurora-iopt1", ""], var.storage_type) : true
error_message = "Allowed values for storage_type are \"io1\", \"aurora-iopt1\"."
}
}
variable "subnet_ids" {
type = list(string)
description = "List of subnet IDs to deploy Aurora in"
}
variable "tags" {
type = map(string)
default = null
description = "A mapping of tags to assign to the bucket"
}
variable "timeout_action" {
type = string
default = "RollbackCapacityChange"
description = "The action to take when the timeout is reached"
validation {
condition = contains(["ForceApplyCapacityChange", "RollbackCapacityChange"], var.timeout_action)
error_message = "Allowed values for timeout_action are \"ForceApplyCapacityChange\", \"RollbackCapacityChange\"."
}
}