-
Notifications
You must be signed in to change notification settings - Fork 52
/
Copy pathvariables.tf
76 lines (63 loc) · 2.21 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
variable "rotation_type" {
type = string
description = "Is this `single` or `multi` user rotation?"
default = "single"
}
variable "rotation_days" {
type = number
description = "How often in days the secret will be rotated"
default = 30
}
variable "subnets_lambda" {
type = list(any)
description = "The subnets where the Lambda Function will be run"
}
variable "mysql_username" {
type = string
description = "The MySQL/Aurora username you chose during RDS creation or another one that you want to rotate"
}
variable "mysql_dbname" {
type = string
description = "The Database name inside your RDS"
}
variable "mysql_host" {
type = string
description = "The RDS endpoint to connect to your database"
}
variable "mysql_password" {
type = string
description = "The password that you want to rotate, this will be changed after the creation"
}
variable "mysql_port" {
type = number
description = "In case you don't have your MySQL on default port and you need to change it"
default = 3306
}
variable "secretsmanager_masterarn" {
type = string
description = "The ARN of the Secrets Manager which rotates the MySQL superuser"
default = ""
}
#variable "additional_kms_role_arn" {
# type = list
# description = "If you want add another role of another resource to access to the kms key used to encrypt the secret"
# default = []
#}
variable "security_group" {
type = list(any)
description = "The security group(s) where the Lambda Function will be run. This must have access to the RDS instance. The best option is to make this the RDS' security group and allow the SG to access itself"
}
variable "mysql_replicahost" {
type = string
description = "The RDS replica endpoint to connect to your read-only database"
default = null
}
variable "secret_label_order" {
type = list(any)
default = ["namespace", "environment", "stage", "name", "attributes"]
description = <<-EOT
The naming order of the id output and Name tag.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 5 elements, but at least one must be present.
EOT
}