grace-ansible-lambda/variables.tf at master · GSA/grace-ansible-lambda · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
variable "project" {
  type        = string
  description = "(optional) The project name used as a prefix for all resources"
  default     = "grace"
}

variable "appenv" {
  type        = string
  description = "(optional) The targeted application environment used in resource names (default: development)"
  default     = "development"
}

variable "region" {
  type        = string
  description = "(optional) The AWS region for executing the EC2 (default: us-east-1)"
  default     = "us-east-1"
}

variable "image_id" {
  type        = string
  description = "(optional) The Amazon Machine Image ID to use for the EC2"
  default     = ""
}

variable "ami_search_term" {
  type        = string
  description = "(optional) The search term used for the Amazon Machine Image name field"
  default     = "amzn2-ami-hvm-*-x86_64-gp2"
}

variable "ami_owner_alias" {
  type        = string
  description = "(optional) The owner alias for the Amazon Machine Image"
  default     = "amazon"
}

variable "instance_type" {
  type        = string
  description = "(optional) The instance type to use for the EC2 (default: t2.micro)"
  default     = "t2.micro"
}

variable "keypair_name" {
  type        = string
  description = "(optional) The keypair name to use for the EC2"
  default     = ""
}

variable "ec2_user" {
  type        = string
  description = "(optional) The username ansible should use when ssh'ing"
  default     = "ec2-user"
}

variable "subnet_id" {
  type        = string
  description = "(optional) The VPC Subnet ID where the EC2 should be placed"
  default     = ""
}

variable "security_group_ids" {
  type        = string
  description = "(optional) A comma delimited list of security group ids"
  default     = ""
}

variable "schedule_expression" {
  type        = string
  description = "(optional) Expression is used to adjust the trigger rate of the lambda function (default: rate(60 minutes))"
  default     = "rate(60 minutes)"
}

variable "source_file" {
  type        = string
  description = "(optional) full or relative path to zipped binary of lambda handler"
  default     = "../release/grace-ansible-lambda.zip"
}
variable "rotate_keypair_source_file" {
  type        = string
  description = "(optional) full or relative path to zipped binary of rotate keypair lambda handler"
  default     = "../release/grace-ansible-rotate-keypair.zip"
}

variable "secret_name" {
  type        = string
  description = "(optional) name of the secret to store ssh public key"
  default     = "ansible-key-pairs" #tfsec:ignore:GEN001
}

variable "job_trigger_file" {
  type        = string
  description = "(optional) The path to the S3 bucket file that changes on push in CI/CD"
  default     = "ansible/.gitkeep"
}

variable "job_timeout_secs" {
  type    = string
  default = "3500"
}

# TODO: uncomment when aws_iam_policy_document.kms supports dynamic updates
#
# variable "config_role_arn" {
#     type = string
#     description = "(optional) The Role Arn used by the AWS Config service"
#     value = ""
# }