-
Notifications
You must be signed in to change notification settings - Fork 17
/
variables.tf
200 lines (167 loc) · 5.19 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
variable "auth_base_url" {
type = string
default = null
description = "Is the 'AUTH_BASE_URL' env var in the lambda."
}
variable "bucket_map_file" {
type = string
default = null
description = "Path and file of bucketmap file's location in the ConfigBucket."
}
variable "bucketname_prefix" {
type = string
description = "All data buckets should have names prefixed with this. Must be compatible with S3 naming conventions (lower case only, etc)."
}
variable "config_bucket" {
type = string
description = "This is the bucket where config files can be found."
}
variable "cookie_domain" {
type = string
default = null
description = "Valid domain for cookie."
}
variable "domain_cert_arn" {
type = string
default = null
description = "Certificate Manager SSL Cert ARN if deployed outside NGAP/CloudFront"
}
variable "domain_name" {
type = string
default = null
description = "Custom domain name used by redirect_url"
}
variable "download_role_arn" {
type = string
default = null
description = "ARN for reading of data buckets."
}
variable "download_role_in_region_arn" {
type = string
default = null
description = "ARN for reading of data buckets for in-region requests."
}
variable "html_template_dir" {
type = string
default = null
description = "Directory in ConfigBucket where the lambda will look for html templates. Lambda will not look into subdirectories. Please put only html templates in this dir. Leave this field blank to use default templates that are included with the lambda code zip file."
}
variable "jwt_algo" {
type = string
default = "RS256"
description = "Algorithm with which to encode the JWT cookie."
}
variable "jwt_secret_name" {
type = string
default = "jwt_secret_for_tea"
description = "Name of AWS secret where keys for JWT encode/decode are stored."
}
variable "lambda_code_dependency_archive_key" {
type = string
default = null
description = "S3 Key of packaged python modules for lambda dependency layer."
}
variable "lambda_code_s3_bucket" {
type = string
default = null
description = "S3 bucket of packaged lambda egress code"
}
variable "lambda_code_s3_key" {
type = string
default = null
description = "S3 Key of packaged lambda egress code."
}
variable "lambda_timeout" {
type = number
default = 6
description = "Timeout in seconds for lambda."
}
variable "lambda_memory" {
type = number
default = 1792
description = "The amount of memory available to the function during execution. Must be multiple of 64. Minimum: 128. Max: 3008"
}
variable "log_api_gateway_to_cloudwatch" {
type = bool
default = false
description = "Switch that will enable logging of api gateway request/response to cloudwatch."
}
variable "s3credentials_endpoint" {
type = bool
default = false
description = "Switch that will enable deployment of the /s3credentials endpoint for s3 direct access."
}
variable "suppress_head_check" {
type = bool
default = false
description = "Do not validate if a file exists before creating pre-signed URL."
}
variable "log_level" {
type = string
default = null
description = "Python loglevel."
}
variable "log_type" {
type = string
default = null
description = "Type of log entry."
}
variable "maturity" {
type = string
default = null
description = "Maturity of deployment."
}
variable "permissions_boundary_name" {
type = string
default = null
description = "Optional PermissionsBoundary Policy name. In NGAP2, the policy name is \"NGAPShRoleBoundary\"."
}
variable "private_vpc" {
type = string
default = null
description = "Optional internal VPC."
}
variable "session_ttl" {
type = number
default = null
description = "Time to live for auth session, in hours. 168 is a week."
}
variable "stack_name" {
type = string
description = "The name of the CloudFormation stack"
}
variable "stage_name" {
type = string
default = null
description = "This value will show up as the 'base' of the url path as so: https://xxxxxxxx.execute-api.us-east-1.amazonaws.com/<StageName>/and/so/on."
}
variable "tags" {
description = "Tags to be applied to managed resources"
type = map(string)
default = {}
}
variable "urs_auth_creds_secret_name" {
type = string
default = "urs_creds_for_tea"
description = "AWS Secrets Manager name of URS creds. Must consist of two rows, names 'UrsId' and 'UrsAuth'."
}
variable "use_reverse_bucket_map" {
type = bool
default = false
description = "Standard bucketmaps are not reverse."
}
variable "vpc_security_group_ids" {
type = list(string)
default = []
description = "Optional list of security groups for the Lambda function."
}
variable "vpc_subnet_ids" {
type = list(string)
default = []
description = "Optional list of Subnets for the Lambda function."
}
variable "use_cors" {
type = bool
default = false
description = "Enable cross origin resource sharing"
}