-
Notifications
You must be signed in to change notification settings - Fork 1
/
variables.tf
146 lines (120 loc) · 4.1 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# Required Variables
variable "prefix" {
type = string
description = "This will be the prefix used to name the Resources."
}
variable "default_snowflake_error_dsn" {
description = "Default DSN used to initialize the Sentry SDK in python lambda."
type = string
}
variable "jira_cloud_id" {
description = "ID of your JIRA cloud instance."
type = string
}
# Optional Variables
variable "aws_region" {
description = "The AWS region in which the AWS infrastructure is created."
type = string
default = "us-west-2"
}
variable "aws_cloudwatch_metric_namespace" {
type = string
description = "cloudwatch prefix for lambda metrics."
default = "*"
}
variable "log_retention_days" {
description = "Log retention period in days."
default = 0 # Forever
}
variable "env" {
type = string
description = "Dev/Prod/Staging or any other custom environment name."
default = "dev"
}
variable "snowflake_integration_user_roles" {
type = list(string)
default = [
"MONITORING_RL"
]
description = "List of roles to which Sentry infra will GRANT USAGE ON INTEGRATION perms."
}
variable "deploy_lambda_in_vpc" {
type = bool
description = "The SG VPC ID for the Lambda function."
default = false
}
variable "lambda_security_group_ids" {
type = list(string)
default = []
description = "The SG IDs for the lambda function."
}
variable "lambda_subnet_ids" {
type = list(string)
default = []
description = "The subnet IDs for the lambda function."
}
variable "vpc_id" {
type = string
description = "The VPC ID for creating the lambda and security group ID."
default = null
}
variable "arn_format" {
type = string
description = "ARN format could be aws or aws-us-gov. Defaults to non-gov."
default = "aws"
}
variable "database" {
type = string
description = "Snowflake Database in which the snowflake db level objects are created."
default = "SNOWALERT"
}
variable "monitoring_schema" {
type = string
description = "Snowflake Schema in which the snowflake db schema level objects are created."
default = "MONITORING"
}
variable "warehouse" {
type = string
description = "Snowflake Warehouse used for any compute such as tasks and external functions."
default = "SNOWALERT_WAREHOUSE"
}
variable "slack_secrets_arn" {
description = "The ARN for the secrets user by the sentry slack app."
type = string
}
variable "jira_secrets_arn" {
description = "The ARN for the secrets user by the sentry slack app."
type = string
}
variable "sentry_hostname" {
description = "Hostname of the Sentry instance."
type = string
}
variable "send_to_sentry_function_user_roles" {
description = "List of roles to grant usage to send_to_sentry external function."
type = list(string)
default = []
}
data "aws_caller_identity" "current" {}
data "aws_region" "current" {}
data "aws_partition" "current" {}
locals {
account_id = data.aws_caller_identity.current.account_id
aws_region = data.aws_region.current.name
aws_partition = data.aws_partition.current.partition
aws_dns_suffix = data.aws_partition.current.dns_suffix
}
locals {
inferred_api_gw_invoke_url = "https://${aws_api_gateway_rest_api.ef_to_lambda.id}.execute-api.${local.aws_region}.${local.aws_dns_suffix}/"
sentry_integration_prefix = "${var.prefix}-sentry-integration"
}
locals {
lambda_function_name = "${local.sentry_integration_prefix}-lambda"
lambda_backtraffic_function_name = "${var.prefix}-sentry-backtraffic-lambda"
api_gw_caller_role_name = "${local.sentry_integration_prefix}-api-gateway-caller"
api_gw_logger_role_name = "${local.sentry_integration_prefix}-api-gateway-logger"
sentry_sns_role_name = "${local.sentry_integration_prefix}-sns"
sentry_sns_policy_name = "${local.sentry_integration_prefix}-sns-policy"
sentry_sns_topic_name = "${local.sentry_integration_prefix}-sns-topic"
backtraffic_lambda_secrets_arns = [for i in [var.jira_secrets_arn, var.slack_secrets_arn] : i if i != null]
}