forked from cloudposse/terraform-aws-multi-az-subnets
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
123 lines (105 loc) · 2.96 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
variable "availability_zones" {
type = list(string)
description = "List of Availability Zones (e.g. `['us-east-1a', 'us-east-1b', 'us-east-1c']`)"
}
variable "max_subnets" {
default = "6"
description = "Maximum number of subnets that can be created. The variable is used for CIDR blocks calculation"
}
variable "type" {
type = string
default = "private"
description = "Type of subnets to create (`private` or `public`)"
}
variable "vpc_id" {
type = string
description = "VPC ID"
}
variable "cidr_block" {
type = string
description = "Base CIDR block which is divided into subnet CIDR blocks (e.g. `10.0.0.0/16`)"
}
variable "igw_id" {
type = string
description = "Internet Gateway ID that is used as a default route when creating public subnets (e.g. `igw-9c26a123`)"
default = ""
}
variable "az_ngw_ids" {
type = map(string)
description = <<-EOT
Only for private subnets. Map of AZ names to NAT Gateway IDs that are used as default routes when creating private subnets.
You should either supply one NAT Gateway ID for each AZ in `var.availability_zones` or leave the map empty.
If empty, no default egress route will be created and you will have to create your own using `aws_route`.
EOT
default = {}
}
variable "public_network_acl_id" {
type = string
description = "Network ACL ID that is added to the public subnets. If empty, a new ACL will be created"
default = ""
}
variable "private_network_acl_id" {
type = string
description = "Network ACL ID that is added to the private subnets. If empty, a new ACL will be created"
default = ""
}
variable "public_network_acl_egress" {
description = "Egress network ACL rules"
type = list(map(string))
default = [
{
rule_no = 100
action = "allow"
cidr_block = "0.0.0.0/0"
from_port = 0
to_port = 0
protocol = "-1"
},
]
}
variable "public_network_acl_ingress" {
description = "Egress network ACL rules"
type = list(map(string))
default = [
{
rule_no = 100
action = "allow"
cidr_block = "0.0.0.0/0"
from_port = 0
to_port = 0
protocol = "-1"
},
]
}
variable "private_network_acl_egress" {
description = "Egress network ACL rules"
type = list(map(string))
default = [
{
rule_no = 100
action = "allow"
cidr_block = "0.0.0.0/0"
from_port = 0
to_port = 0
protocol = "-1"
},
]
}
variable "private_network_acl_ingress" {
description = "Egress network ACL rules"
type = list(map(string))
default = [
{
rule_no = 100
action = "allow"
cidr_block = "0.0.0.0/0"
from_port = 0
to_port = 0
protocol = "-1"
},
]
}
variable "nat_gateway_enabled" {
description = "Flag to enable/disable NAT Gateways creation in public subnets"
default = "true"
}