-
-
Notifications
You must be signed in to change notification settings - Fork 231
/
Copy pathvariables.tf
130 lines (109 loc) · 4.05 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
variable "create_certificate" {
description = "Whether to create ACM certificate"
type = bool
default = true
}
variable "create_route53_records_only" {
description = "Whether to create only Route53 records (e.g. using separate AWS provider)"
type = bool
default = false
}
variable "validate_certificate" {
description = "Whether to validate certificate by creating Route53 record"
type = bool
default = true
}
variable "validation_allow_overwrite_records" {
description = "Whether to allow overwrite of Route53 records"
type = bool
default = true
}
variable "wait_for_validation" {
description = "Whether to wait for the validation to complete"
type = bool
default = true
}
variable "validation_timeout" {
description = "Define maximum timeout to wait for the validation to complete"
type = string
default = null
}
variable "certificate_transparency_logging_preference" {
description = "Specifies whether certificate details should be added to a certificate transparency log"
type = bool
default = true
}
variable "domain_name" {
description = "A domain name for which the certificate should be issued"
type = string
default = ""
}
variable "subject_alternative_names" {
description = "A list of domains that should be SANs in the issued certificate"
type = list(string)
default = []
}
variable "validation_method" {
description = "Which method to use for validation. DNS or EMAIL are valid. This parameter must not be set for certificates that were imported into ACM and then into Terraform."
type = string
default = null
validation {
condition = var.validation_method == null || contains(["DNS", "EMAIL"], coalesce(var.validation_method, 0))
error_message = "This variable is optional. Valid values are DNS, EMAIL, or null."
}
}
variable "validation_option" {
description = "The domain name that you want ACM to use to send you validation emails. This domain name is the suffix of the email addresses that you want ACM to use."
type = any
default = {}
}
variable "create_route53_records" {
description = "When validation is set to DNS, define whether to create the DNS records internally via Route53 or externally using any DNS provider"
type = bool
default = true
}
variable "validation_record_fqdns" {
description = "When validation is set to DNS and the DNS validation records are set externally, provide the fqdns for the validation"
type = list(string)
default = []
}
variable "zone_id" {
description = "The ID of the hosted zone to contain this record. Required when validating via Route53"
type = string
default = ""
}
variable "zones" {
description = "Map containing the Route53 Zone IDs for additional domains."
type = map(string)
default = {}
}
variable "tags" {
description = "A mapping of tags to assign to the resource"
type = map(string)
default = {}
}
variable "dns_ttl" {
description = "The TTL of DNS recursive resolvers to cache information about this record."
type = number
default = 60
}
variable "acm_certificate_domain_validation_options" {
description = "A list of domain_validation_options created by the ACM certificate to create required Route53 records from it (used when create_route53_records_only is set to true)"
type = any
default = {}
}
variable "distinct_domain_names" {
description = "List of distinct domains and SANs (used when create_route53_records_only is set to true)"
type = list(string)
default = []
}
variable "key_algorithm" {
description = "Specifies the algorithm of the public and private key pair that your Amazon issued certificate uses to encrypt data"
type = string
default = null
}
variable "putin_khuylo" {
description = "Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo!"
type = bool
default = true
}