-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
81 lines (61 loc) · 2.32 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
variable "namespace" {
description = "Specifies the namespace for the deployment."
default = "common-fate"
type = string
}
variable "stage" {
description = "Determines the deployment stage (e.g., 'dev', 'staging', 'prod')."
default = "prod"
type = string
}
variable "proxy_id" {
description = "The ID of the Common Fate AWS RDS Proxy e.g prod-us-west-2. The proxy is deployed seperately, it must exist before you register a database using this module."
type = string
}
variable "app_url" {
description = "The app url (e.g., 'https://common-fate.mydomain.com')."
type = string
validation {
condition = can(regex("^https://", var.app_url))
error_message = "The app_url must start with 'https://'."
}
}
variable "rds_security_group_id" {
description = "The security group attached with your RDS database."
type = string
default = ""
validation {
# when create_security_group_rule is false, a rds_security_group_id is not required, it can either have a value or be empty
# when create_security_group_rule is true, rds_security_group_id must not be empty
condition = var.create_security_group_rule == false || length(var.rds_security_group_id) > 0
error_message = "rds_security_group_id must not be empty when create_security_group_rule is true."
}
}
variable "rds_instance_identifier" {
description = "The identifier of the rds instance."
type = string
}
variable "name" {
description = "A human readable name to give the RDS database resource in Common Fate. Defaults to the database name."
type = string
default = ""
}
variable "database" {
description = "The name of the database to connect to on the RDS instance."
type = string
}
variable "users" {
description = "A list of database users and their credentials to access the database"
type = list(object({
name = string
username = string
password_secrets_manager_arn = string
endpoint = optional(string)
default_local_port = optional(number)
}))
}
variable "create_security_group_rule" {
description = "If 'true', will create a rule allowing ingress from the proxy to the database security group. The database security group is specified by the 'rds_security_group_id' variable."
type = bool
default = true
}