This repository has been archived by the owner on Nov 24, 2023. It is now read-only.
forked from mineiros-io/terraform-google-subnetwork
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
138 lines (117 loc) · 5.8 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
# ---------------------------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
# These variables must be set when using this module.
# ---------------------------------------------------------------------------------------------------------------------
variable "network" {
description = "(Required) The VPC network the subnets belong to. Only networks that are in the distributed mode can have subnetworks."
type = string
}
variable "name" {
type = string
description = "(Required) The name of this subnetwork, provided by the client when initially creating the resource. The name must be 1-63 characters long, and comply with [RFC1035](https://datatracker.ietf.org/doc/html/rfc1035). Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash."
}
variable "region" {
type = string
description = "(Required) The GCP region for this subnetwork."
}
variable "ip_cidr_range" {
type = string
description = "(Required) The range of internal addresses that are owned by this subnetwork. Provide this property when you create the subnetwork. For example, 10.0.0.0/8 or 192.168.0.0/16. Ranges must be unique and non-overlapping within a network. Only IPv4 is supported."
}
# ---------------------------------------------------------------------------------------------------------------------
# OPTIONAL VARIABLES
# These variables have defaults, but may be overridden.
# ---------------------------------------------------------------------------------------------------------------------
variable "private_ip_google_access" {
type = bool
description = "(Optional) When enabled, VMs in this subnetwork without external IP addresses can access Google APIs and services by using Private Google Access."
default = true
}
variable "description" {
type = string
description = "(Optional) An optional description of this subnetwork. Provide this property when you create the resource. This field can be set only at resource creation time."
default = null
}
variable "secondary_ip_ranges" {
type = list(any)
# type = list(object({
# range_name = string
# ip_cidr_range = string
# }))
description = "An array of configurations for secondary IP ranges for VM instances contained in this subnetwork. The primary IP of such VM must belong to the primary ipCidrRange of the subnetwork. The alias IPs may belong to either primary or secondary ranges."
default = []
}
variable "project" {
type = string
description = "(Optional) The ID of the project in which the resources belong. If it is not set, the provider project is used."
default = null
}
variable "log_config" {
description = "(Optional) Logging options for the subnetwork flow logs. Setting this value to 'null' will disable them. See https://www.terraform.io/docs/providers/google/r/compute_subnetwork.html for more information and examples."
# type = object({
# aggregation_interval = optional(string)
# flow_sampling = optional(number)
# metadata = optional(string)
# metadata_fields = optional(list(string))
# filter_expr = optional(string)
# })
type = any
default = null
}
## IAM
variable "iam" {
description = "(Optional) A list of IAM access."
type = any
default = []
# validate required keys in each object
validation {
condition = alltrue([for x in var.iam : length(setintersection(keys(x), ["role", "members"])) == 2])
error_message = "Each object in var.iam must specify a role and a set of members."
}
# validate no invalid keys are in each object
validation {
condition = alltrue([for x in var.iam : length(setsubtract(keys(x), ["role", "members", "authoritative"])) == 0])
error_message = "Each object in var.iam does only support role, members and authoritative attributes."
}
}
variable "policy_bindings" {
description = "(Optional) A list of IAM policy bindings."
type = any
default = null
# validate required keys in each object
validation {
condition = var.policy_bindings == null ? true : alltrue([for x in var.policy_bindings : length(setintersection(keys(x), ["role", "members"])) == 2])
error_message = "Each object in var.policy_bindings must specify a role and a set of members."
}
# validate no invalid keys are in each object
validation {
condition = var.policy_bindings == null ? true : alltrue([for x in var.policy_bindings : length(setsubtract(keys(x), ["role", "members", "condition"])) == 0])
error_message = "Each object in var.policy_bindings does only support role, members and condition attributes."
}
}
# ------------------------------------------------------------------------------
# MODULE CONFIGURATION PARAMETERS
# These variables are used to configure the module.
# ------------------------------------------------------------------------------
variable "module_enabled" {
type = bool
description = "(Optional) Whether or not to create resources within the module."
default = true
}
variable "module_timeouts" {
description = "(Optional) How long certain operations (per resource type) are allowed to take before being considered to have failed."
type = any
# type = object({
# google_compute_subnetwork = optional(object({
# create = optional(string)
# update = optional(string)
# delete = optional(string)
# }))
# })
default = {}
}
variable "module_depends_on" {
type = any
description = "(Optional) A list of external resources the module depends on."
default = []
}