-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathvariables.tf
66 lines (55 loc) · 2.37 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# --------------------------------------------------------------------------------------------------
# OPTIONAL PARAMETERS
# These parameters have reasonable defaults.
# --------------------------------------------------------------------------------------------------
variable "nomad_server_policy" {
description = "Name of the policy to allow for the creation of the token to pass to Nomad servers"
default = "nomad-server"
}
variable "nomad_cluster_policy" {
description = "Name of the policy for tokens passed to Nomad servers"
default = "nomad-cluster"
}
variable "nomad_server_role" {
description = "Name of the token role that is used to create Tokens to pass to Nomad"
default = "nomad-server"
}
variable "nomad_cluster_role" {
description = "Name for the Token role that is used by the Nomad server to create tokens"
default = "nomad-cluster"
}
variable "nomad_cluster_suffix" {
description = "Suffix to create tokens with. See https://www.vaultproject.io/api/auth/token/index.html#path_suffix for more information"
default = "nomad-cluster"
}
variable "nomad_cluster_disallowed_policies" {
description = "Additional policies that tokens created by Nomad servers are not allowed to have"
type = list(string)
default = []
}
# --------------------------------------------------------------------------------------------------
# CORE INTEGRATION SETTINGS
# --------------------------------------------------------------------------------------------------
variable "core_integration" {
description = <<EOF
Enable integration with the `core` module by setting some values in Consul so
that the user_data scripts in core know that this module has been applied
EOF
default = true
}
variable "consul_key_prefix" {
description = <<EOF
Path prefix to the key in Consul to set for the `core` module to know that this module has
been applied. If you change this, you have to update the
`integration_consul_prefix` variable in the core module as well.
EOF
default = "terraform/"
}
variable "allow_unauthenticated" {
description = <<EOF
Specifies if users submitting jobs to the Nomad server should be required to provide
their own Vault token, proving they have access to the policies listed in the job.
This option should be disabled in an untrusted environment.
EOF
default = "false"
}