forked from Flaconi/terraform-aws-transit-gateway-satellite
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
131 lines (112 loc) · 3.57 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
variable "satellite_create" {
description = "Boolean flag for toggling the handling of satellite resources"
default = false
type = bool
}
variable "satellite_destination_cidr_blocks" {
description = "List of CIDRs to be routed for the satellite"
type = list(string)
default = []
}
variable "hub_destination_cidr_blocks" {
description = "List of CIDRs to be routed for the hub"
type = list(string)
default = []
}
variable "aws_account_id_satellite" {
description = "AWS account number containing the TGW satellite"
type = string
default = ""
}
variable "aws_account_id_hub" {
description = "AWS account number containing the TGW hub"
type = string
}
variable "aws_login_profile" {
description = "Name of the AWS login profile as seen under ~/.aws/config used for assuming cross-account roles"
}
variable "role_to_assume_satellite" {
description = "IAM role name to assume in the AWS account containing the TGW satellite (eg. ASSUME-ROLE-SATELLITE)"
type = string
default = ""
}
variable "role_to_assume_hub" {
description = "IAM role name to assume in the AWS account containing the TGW hub (eg. ASSUME-ROLE-HUB)"
type = string
}
variable "vpc_name_to_attach" {
description = "Name of the satellite VPC to be attached to the TGW"
type = string
default = ""
}
variable "transit_gateway_route_table_id" {
description = "Identifier of the Transit Gateway Route Table"
type = string
default = ""
}
variable "transit_gateway_id" {
description = "Identifier of the Transit Gateway"
type = string
default = ""
}
variable "ram_resource_association_id" {
description = "Identifier of the Resource Access Manager Resource Association"
type = string
default = ""
}
variable "attachment_subnet_filters" {
description = "List of maps selecting the subnet(s) where TGW will be attached"
type = list(object({
name = string
values = list(string)
}))
default = [
{
name = "tag:Name"
values = ["*private*"]
}
]
}
variable "private_subnets_strict_acl_rules" {
description = "Create additional ACLs for private subnets to restrict inbound traffic only to VPC itself and VPCs paired over TGW"
type = bool
default = false
}
variable "route_private_subnets_via_tgw" {
description = "Use TGW attachment as a default route (0.0.0.0/0) for private subnets. Value `satellite_destination_cidr_block`s will be ignored."
type = bool
default = false
}
variable "private_subnet_filters" {
description = "List of maps selecting the subnet(s) which are private"
type = list(object({
name = string
values = list(string)
}))
default = [
{
name = "tag:Name"
values = ["*private*"]
}
]
}
variable "transit_gateway_hub_name" {
description = "Name of the Transit Gateway to attach to"
type = string
default = ""
}
variable "route_entire_satellite_vpc" {
description = "Boolean flag for toggling the creation of network routes for all the subnets of the satellite VPC"
type = bool
default = false
}
variable "transit_gateway_default_route_table_association" {
description = "Set this to false when the hub account also becomes a satellite. Check the official docs for more info."
type = bool
default = true
}
variable "transit_gateway_default_route_table_propagation" {
description = "Set this to false when the hub account also becomes a satellite. Check the official docs for more info."
type = bool
default = true
}