-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
168 lines (147 loc) · 5.38 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
variable "main_vpc_id" {
type = string
description = "The VPC ID into which to launch resources."
validation {
condition = length(var.main_vpc_id) > 4 && substr(var.main_vpc_id, 0, 4) == "vpc-"
error_message = "The main_vpc_id value must be a valid VPC id, starting with \"vpc-\"."
}
}
variable "subnet_ids" {
type = list(any)
description = "A list of subnet IDs within the specified VPC where resources will be launched."
}
variable "aws_account_id" {
type = string
description = "The AWS account ID into which resources will be launched."
}
variable "site_domain" {
type = string
description = "The site domain name to configure (without any subdomains such as 'www')"
}
variable "site_name" {
type = string
description = "The unique name for this instance of the module. Required to deploy multiple wordpress instances to the same AWS account (if desired)."
validation {
# regex(...) fails if it cannot find a match
condition = can(regex("^[0-9A-Za-z]+$", var.site_name))
error_message = "For site_name value only a-z, A-Z and 0-9 are allowed."
}
}
variable "site_prefix" {
type = string
description = "The subdomain prefix of the website domain. E.g. www"
default = "www"
}
variable "s3_region" {
type = string
description = "The regional endpoint to use for the creation of the S3 bucket for published static wordpress site."
}
variable "slack_webhook" {
type = string
description = "The Slack webhook URL where ECS Cluster EventBridge notifications will be sent."
default = ""
sensitive = true
}
variable "launch" {
type = number
default = "0"
description = "The number of tasks to launch of the Wordpress container. Used as a toggle to start/stop your Wordpress management session."
validation {
condition = var.launch >= 0 && var.launch <= 1
error_message = "The number of tasks to launch should be either 1 or 0 only."
}
}
variable "ecs_cpu" {
type = number
description = "The CPU limit password to the Wordpress container definition."
default = 256
}
variable "ecs_memory" {
type = number
default = 512
description = "The memory limit password to the Wordpress container definition."
}
variable "snapshot_identifier" {
description = "To create the RDS cluster from a previous snapshot in the same region, specify it by name."
type = string
default = null
}
# Backup functionality awaits: https://github.com/hashicorp/terraform-provider-aws/pull/18006
# variable "efs_backups" {
# description = "A flag to set whether EFS default backups should be enabled (not yet implemented)."
# type = bool
# default = true
# }
variable "cloudfront_aliases" {
type = list(any)
description = "The domain and sub-domain aliases to use for the cloudfront distribution."
default = []
}
variable "cloudfront_class" {
type = string
description = "The [price class](https://aws.amazon.com/cloudfront/pricing/) for the distribution. One of: PriceClass_All, PriceClass_200, PriceClass_100"
default = "PriceClass_All"
}
variable "hosted_zone_id" {
type = string
description = "The Route53 HostedZone ID to use to create records in."
}
variable "waf_enabled" {
type = bool
description = "Flag to enable default WAF configuration in front of CloudFront."
}
variable "wordpress_subdomain" {
type = string
description = "The subdomain used for the Wordpress container."
default = "wordpress"
}
variable "wordpress_admin_user" {
type = string
description = "The username of the default wordpress admin user."
default = "supervisor"
}
variable "wordpress_admin_password" {
type = string
description = "The password of the default wordpress admin user."
#tfsec:ignore:GEN001
default = "techtospeech.com"
sensitive = true
}
variable "wordpress_admin_email" {
type = string
description = "The email address of the default wordpress admin user."
default = "admin@example.com"
}
variable "waf_acl_rules" {
type = list(any)
description = "List of WAF rules to apply. Can be customized to apply others created outside of module."
default = [
{
name = "AWS-AWSManagedRulesAmazonIpReputationList"
priority = 0
managed_rule_group_name = "AWSManagedRulesAmazonIpReputationList"
vendor_name = "AWS"
cloudwatch_metrics_enabled = true
metric_name = "AWS-AWSManagedRulesAmazonIpReputationList"
sampled_requests_enabled = true
},
{
name = "AWS-AWSManagedRulesKnownBadInputsRuleSet"
priority = 1
managed_rule_group_name = "AWSManagedRulesKnownBadInputsRuleSet"
vendor_name = "AWS"
cloudwatch_metrics_enabled = true
metric_name = "AWS-AWSManagedRulesKnownBadInputsRuleSet"
sampled_requests_enabled = true
},
{
name = "AWS-AWSManagedRulesBotControlRuleSet"
priority = 2
managed_rule_group_name = "AWSManagedRulesBotControlRuleSet"
vendor_name = "AWS"
cloudwatch_metrics_enabled = true
metric_name = "AWS-AWSManagedRulesBotControlRuleSet"
sampled_requests_enabled = true
}
]
}