generated from oracle/template-repo
-
Notifications
You must be signed in to change notification settings - Fork 2
/
variables_general.tf
79 lines (78 loc) · 3.44 KB
/
variables_general.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# Copyright (c) 2023 Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
variable "tenancy_ocid" {}
variable "user_ocid" {
default = ""
}
variable "fingerprint" {
default = ""
}
variable "private_key_path" {
default = ""
}
variable "private_key_password" {
default = ""
}
# ------------------------------------------------------
# ----- General
#-------------------------------------------------------
variable "region" {
description = "The region where resources are deployed."
type = string
}
variable "service_label" {
description = "A unique label that gets prepended to all resources deployed by the Landing Zone. Max length: 15 characters."
validation {
condition = length(regexall("^[A-Za-z][A-Za-z0-9]{1,14}$", var.service_label)) > 0
error_message = "Validation failed for service_label: value is required and must contain alphanumeric characters only, starting with a letter up to a maximum of 15 characters."
}
}
variable "cis_level" {
description = "Determines CIS OCI Benchmark Level to apply on Landing Zone managed resources. Level 1 is be practical and prudent. Level 2 is intended for environments where security is more critical than manageability and usability. Level 2 drives the creation of an OCI Vault, buckets encryption with a customer managed key, write logs for buckets and the usage of specific policies in Security Zones."
type = string
default = "1"
}
variable "extend_landing_zone_to_new_region" {
description = "Whether Landing Zone is being extended to another region. When set to true, compartments, groups, policies and resources at the home region are not provisioned. Use this when you want to provision a Landing Zone in a new region, but reuse existing Landing Zone resources in the home region."
default = false
type = bool
}
variable "customize_iam" {
description = "Whether Landing Zone IAM settings are to be customized. Customizable options are identity domains, groups, dynamic groups and policies."
type = bool
default = false
}
variable "define_net" {
description = "Whether networking is defined as part of this Landing Zone. By default, no networking resources are created."
type = bool
default = false
}
variable "enable_zpr" {
default = false
description = "Whether to enable ZPR service."
type = bool
}
variable "zpr_namespace_name" {
description = "ZPR namespace name."
type = string
default = null
}
variable "display_output" {
description = "Whether to display a concise set of select resource outputs with their OCIDs and names."
type = bool
default = true
}
variable "lz_provenant_prefix" {
description = "The provenant landing zone prefix or code that identifies the client of this Landing Zone. This information goes into a freeform tag applied to all deployed resources."
type = string
default = "core"
validation {
condition = length(regexall("^[A-Za-z][A-Za-z0-9]{1,4}$", var.lz_provenant_prefix)) > 0
error_message = "Validation failed for lz_provenant_prefix: value must contain alphanumeric characters only, starting with a letter up to a maximum of 5 characters."
}
}
variable "lz_provenant_version" {
description = "The provenant landing zone version. This information goes into a freeform tag applied to all deployed resources."
type = string
default = null
}