-
Notifications
You must be signed in to change notification settings - Fork 2
/
variables.tf
217 lines (191 loc) · 8.71 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
variable "fsx_name" {
description = "The name to assign to the FSxN file system."
type = string
default = "terraform-fsxn"
}
variable "fsx_deploy_type" {
description = "The file system deployment type. Supported values are 'MULTI_AZ_1', 'SINGLE_AZ_1', 'MULTI_AZ_2', and 'SINGLE_AZ_2'. MULTI_AZ_1 and SINGLE_AZ_1 are Gen 1. MULTI_AZ_2 and SINGLE_AZ_2 are Gen 2."
type = string
default = "MULTI_AZ_1"
validation {
condition = contains(["MULTI_AZ_1", "SINGLE_AZ_1", "MULTI_AZ_2", "SINGLE_AZ_2"], var.fsx_deploy_type)
error_message = "Invalid deployment type. Valid values are MULTI_AZ_1, SINGLE_AZ_1, MULTI_AZ_2 or SINGLE_AZ_2."
}
}
variable "fsx_capacity_size_gb" {
description = "The storage capacity in GiBs of the FSxN file system. Valid values between 1024 (1 TiB) and 1048576 (1 PiB). Gen 1 deployment types are limited to 192 TiB. Gen 2 Multi AZ is limited to 512 TiB. Gen 2 Single AZ is limited to 1 PiB."
type = number
default = 1024
validation {
condition = var.fsx_capacity_size_gb >= 1024 && var.fsx_capacity_size_gb <= 1048576
error_message = "Invalid capacity size. Valid values are between 1024 (1TiB) and 1045876 (1 PiB)."
}
}
variable "fsx_tput_in_MBps" {
description = "The throughput capacity (in MBps) for the file system. Valid values are 128, 256, 512, 1024, 2048, and 4096 for Gen 1, and 384, 768, 1536, 3072 and 6144 for Gen 2."
type = string
default = "128"
validation {
condition = contains(["128", "256", "384", "512", "768", "1024", "1536", "2048", "3072", "4086", "6144"], var.fsx_tput_in_MBps)
error_message = "Invalid throughput value. Valid values are 128, 256, 384, 512, 768, 1024, 1536, 2048, 3072, 4086, 6144."
}
}
variable "disk_iops_configuration" {
description = "The SSD IOPS configuration for the file system. Valid modes are 'AUTOMATIC' (3 iops per GB provisioned) or 'USER_PROVISIONED'. NOTE: Due to a bug in the AWS FSx provider, if you want AUTOMATIC, then leave this variable empty. If you want USER_PROVISIONED, then add a 'mode=USER_PROVISIONED' (with USER_PROVISIONED enclosed in double quotes) and 'iops=number' where number is between 1 and 160000."
type = map(any)
default = {}
}
variable "ha_pairs" {
description = "The number of HA pairs in the file system. Valid values are from 1 through 12. Only single AZ Gen 2 deployment type supports more than 1 HA pair."
type = number
default = 1
validation {
condition = var.ha_pairs >= 1 && var.ha_pairs <= 12
error_message = "Invalid number of HA pairs. Valid values are from 1 through 12."
}
}
variable "fsx_region" {
description = "The AWS region where the FSxN file system to be deployed."
type = string
default = "us-west-2"
}
variable "fsx_subnets" {
description = "The primary subnet ID, and secondary subnet ID if you are deploying in a Multi AZ environment, file system will be accessible from. For MULTI_AZ deployment types both subnets are required. For SINGLE_AZ deployment type, only the primary subnet is used."
type = map(any)
default = {
"primarysub" = "subnet-22222222"
"secondarysub" = "subnet-33333333"
}
}
variable "endpoint_ip_address_range" {
description = "The IP address range that the FSxN file system will be accessible from. This is only used for Multi AZ deployment types and must be left a null for Single AZ deployment types."
type = string
default = null
}
variable "route_table_ids" {
description = "An array of routing table IDs that will be modified to allow access to the FSxN file system. This is only used for Multi AZ deployment types and must be left as null for Single AZ deployment types."
type = list(string)
default = null
}
variable "maintenance_start_time" {
description = "The preferred start time to perform weekly maintenance, in UTC time zone. The format is 'D:HH:MM' format. D is the day of the week, where 1=Monday and 7=Sunday."
type = string
default = "7:00:00"
}
variable "kms_key_id" {
description = "ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key."
type = string
default = null
}
variable "backup_retention_days" {
description = "The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 90 days."
type = number
default = 0
validation {
condition = var.backup_retention_days >= 0 && var.backup_retention_days <= 90
error_message = "Invalid backup retention days. Valid values are between 0 and 90."
}
}
variable "daily_backup_start_time" {
description = "A recurring daily time, in the format HH:MM. HH is the zero-padded hour of the day (0-23), and MM is the zero-padded minute of the hour. Requires automatic_backup_retention_days to be set."
type = string
default = "00:00"
}
variable "tags" {
description = "Tags to be applied to the FSxN file system. The format is '{Name1 = value, Name2 = value}' where value should be enclosed in double quotes."
type = map(any)
default = {}
}
/*
* The next three variables have to do with the creation of the secrets that will contain the
* passwords for the FSxN file system and SVM.
*
*/
variable "aws_account_id" {
description = "The AWS account ID. Used to create account specific permissions on the secrets that are created. Use the default for less specific permissions."
type = string
default = "*"
}
variable "secret_region" {
description = "The AWS region where the secrets for the FSxN file system and SVM will be deployed."
type = string
default = "us-west-2"
}
variable "secret_name_prefix" {
description = "The prefix to the secret names created that will contain the FSxN passwords (system, and SVM)."
type = string
default = "fsxn-secret"
}
/*
* The next three variables have to do with the initial SVM and volume creation.
*/
variable "svm_name" {
description = "The name of the Storage Virtual Machine"
type = string
default = "fsx"
}
variable "root_vol_sec_style" {
description = "Specifies the root volume security style, Valid values are UNIX, NTFS, and MIXED (although MIXED is not recommended). All volumes created under this SVM will inherit the root security style unless the security style is specified on the volume."
type = string
default = "UNIX"
}
variable "vol_info" {
description = "Details for the volume creation"
type = map(any)
default = {
"vol_name" = "vol1"
"junction_path" = "/vol1"
"size_mg" = 2048000
"efficiency" = true
"tier_policy_name" = "AUTO"
"cooling_period" = 31
"copy_tags_to_backups" = false
"sec_style" = "UNIX"
"skip_final_backup" = true
"snapshot_policy" = "default"
}
}
/*
* These last set of variables have to do with a security group that can be optionally
* created. The security group will have all the ingress rules that will allow access
* to all the protocols that an FSxN supports (e.g. SMB, NFS, etc). See the security_groups.tf
* for more information.
*
* If you decide to create the security group, you can specify either the CIDR block to
* be used as the source to the ingress rules OR the ID of a security group to be used as
* the source to the ingress rules. You can't specify both.
*
* If you decide not to create the security group, you must set the security_group_id to
* the ID of the security group that you want to use.
*
*/
variable "create_sg" {
description = "Determines whether the Security Group should be created as part of this deployment or not."
type = bool
default = true
}
variable "security_group_ids" {
description = "If you are not creating the security group, provide a list of IDs of security groups to be used."
type = list(string)
default = []
}
variable "security_group_name_prefix" {
description = "The prefix to the security group name that will be created."
type = string
default = "fsxn-sg"
}
variable "cidr_for_sg" {
description = "The cidr block to be used for the created security ingress rules. Set to an empty string if you want to use the source_sg_id as the source."
type = string
default = "10.0.0.0/8"
}
variable "source_sg_id" {
description = "The ID of the security group to allow access to the FSxN file system. Set to an empty string if you want to use the cidr_for_sg as the source."
type = string
default = ""
}
variable "vpc_id" {
description = "The VPC ID where the security group will be created."
type = string
default = ""
}