-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathvariables.tf
115 lines (97 loc) · 2.94 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
variable "name" {
type = string
default = "keycloak-staging"
description = "Name used for ECS cluster resources"
}
variable "region" {
type = string
default = "eu-west-2"
description = "AWS region name"
}
variable "keycloak-image" {
type = string
default = "ghcr.io/hic-infra/ecs-keycloak:2.1.0"
description = "Keycloak image including registry"
}
variable "lb-cidr-blocks-in" {
type = list(string)
default = ["0.0.0.0/0"]
description = "CIDR blocks to allow access to the load balancer"
}
variable "vpc-id" {
type = string
default = ""
description = "VPC ID, if empty creates a new VPC"
}
variable "public-subnets" {
type = list(string)
default = []
description = "Public subnet IDs, must be defined if vpc-id is provided"
}
variable "private-subnets" {
type = list(string)
default = []
description = "Private subnet IDs, must be defined if vpc-id is provided"
}
variable "db-name" {
type = string
default = "keycloak"
description = "Keycloak DB name"
}
variable "db-username" {
type = string
default = "keycloak"
description = "Keycloak DB username"
}
variable "db-snapshot-identifier" {
type = string
default = null
description = "If creating a new DB restore from this snapshot"
}
variable "db-instance-type" {
type = string
default = "db.t3.micro"
description = "RDS instance type: https://aws.amazon.com/rds/instance-types/"
}
variable "loadbalancer-certificate-arn" {
type = string
description = "ARN of the ACM certificate to use for the load balancer"
}
variable "keycloak-hostname" {
type = string
default = ""
description = "Keycloak hostname, if empty uses the load-balancer hostname"
}
variable "keycloak-loglevel" {
type = string
default = "INFO"
description = "Keycloak log-level e.g. DEBUG."
}
variable "desired-count" {
type = number
description = "Number of Keycloak containers to run, set to 0 for DB maintenance"
default = 1
}
variable "loadbalancer-logging-iam-principal" {
type = map(string)
description = "IAM principal type and identifier for the elastic load balancer logger. This is complicated, see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/enable-access-logging.html#attach-bucket-policy"
# For eu-west-2 this is a hard-coded AWS account ID belonging to AWS
# and not Service: logdelivery.elasticloadbalancing.amazonaws.com
default = {
type = "AWS"
identifier = "arn:aws:iam::652711504416:root"
}
}
variable "expire-access-logs-days" {
type = number
description = "Automatically delete access logs after this number of days"
default = 3653
}
variable "default-tags" {
type = map(any)
default = {
CreatedBy = "[email protected]"
Proj = "infra-keycloak"
}
description = "Default AWS tags to apply to all resources"
}