forked from gpdenny/terraform-aws-dms
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
343 lines (284 loc) · 10.7 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
variable "create" {
description = "Determines whether resources will be created"
type = bool
default = true
}
variable "tags" {
description = "A map of tags to use on all resources"
type = map(string)
default = {}
}
################################################################################
# IAM Roles
# https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.APIRole
# Issue: https://github.com/hashicorp/terraform-provider-aws/issues/19580
################################################################################
variable "create_iam_roles" {
description = "Determines whether the required [DMS IAM resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.APIRole) will be created"
type = bool
default = true
}
variable "iam_role_permissions_boundary" {
description = "ARN of the policy that is used to set the permissions boundary for the role"
type = string
default = null
}
variable "iam_role_tags" {
description = "A map of additional tags to apply to the DMS IAM roles"
type = map(string)
default = {}
}
variable "enable_redshift_target_permissions" {
description = "Determines whether `redshift.amazonaws.com` is permitted access to assume the `dms-access-for-endpoint` role"
type = bool
default = false
}
################################################################################
# Subnet group
################################################################################
variable "create_repl_subnet_group" {
description = "Determines whether the replication subnet group will be created"
type = bool
default = true
}
variable "repl_subnet_group_description" {
description = "The description for the subnet group"
type = string
default = null
}
variable "repl_subnet_group_name" {
description = "The name for the replication subnet group. Stored as a lowercase string, must contain no more than 255 alphanumeric characters, periods, spaces, underscores, or hyphens"
type = string
default = null
}
variable "repl_subnet_group_subnet_ids" {
description = "A list of the EC2 subnet IDs for the subnet group"
type = list(string)
default = []
}
variable "repl_subnet_group_tags" {
description = "A map of additional tags to apply to the replication subnet group"
type = map(string)
default = {}
}
################################################################################
# Instance
################################################################################
variable "repl_instance_allocated_storage" {
description = "The amount of storage (in gigabytes) to be initially allocated for the replication instance. Min: 5, Max: 6144, Default: 50"
type = number
default = null
}
variable "repl_instance_auto_minor_version_upgrade" {
description = "Indicates that minor engine upgrades will be applied automatically to the replication instance during the maintenance window"
type = bool
default = true
}
variable "repl_instance_allow_major_version_upgrade" {
description = "Indicates that major version upgrades are allowed"
type = bool
default = true
}
variable "repl_instance_apply_immediately" {
description = "Indicates whether the changes should be applied immediately or during the next maintenance window"
type = bool
default = null
}
variable "repl_instance_availability_zone" {
description = "The EC2 Availability Zone that the replication instance will be created in"
type = string
default = null
}
variable "repl_instance_engine_version" {
description = "The [engine version](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReleaseNotes.html) number of the replication instance"
type = string
default = null
}
variable "repl_instance_kms_key_arn" {
description = "The Amazon Resource Name (ARN) for the KMS key that will be used to encrypt the connection parameters"
type = string
default = null
}
variable "repl_instance_multi_az" {
description = "Specifies if the replication instance is a multi-az deployment. You cannot set the `availability_zone` parameter if the `multi_az` parameter is set to `true`"
type = bool
default = null
}
variable "repl_instance_network_type" {
description = "The type of IP address protocol used by a replication instance. Valid values: IPV4, DUAL"
type = string
default = null
}
variable "repl_instance_preferred_maintenance_window" {
description = "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC)"
type = string
default = null
}
variable "repl_instance_publicly_accessible" {
description = "Specifies the accessibility options for the replication instance"
type = bool
default = null
}
variable "repl_instance_class" {
description = "The compute and memory capacity of the replication instance as specified by the replication instance class"
type = string
default = null
}
variable "repl_instance_id" {
description = "The replication instance identifier. This parameter is stored as a lowercase string"
type = string
default = null
}
variable "repl_instance_subnet_group_id" {
description = "An existing subnet group to associate with the replication instance"
type = string
default = null
}
variable "repl_instance_vpc_security_group_ids" {
description = "A list of VPC security group IDs to be used with the replication instance"
type = list(string)
default = null
}
variable "repl_instance_tags" {
description = "A map of additional tags to apply to the replication instance"
type = map(string)
default = {}
}
variable "repl_instance_timeouts" {
description = "A map of timeouts for replication instance create/update/delete operations"
type = map(string)
default = {}
}
################################################################################
# Endpoint
################################################################################
variable "endpoints" {
description = "Map of objects that define the endpoints to be created"
type = any
default = {}
}
################################################################################
# S3 Endpoint
################################################################################
variable "s3_endpoints" {
description = "Map of objects that define the S3 endpoints to be created"
type = any
default = {}
}
################################################################################
# Replication Task
################################################################################
variable "replication_tasks" {
description = "Map of objects that define the replication tasks to be created"
type = any
default = {}
}
################################################################################
# Event Subscription
################################################################################
variable "event_subscriptions" {
description = "Map of objects that define the event subscriptions to be created"
type = any
default = {}
}
variable "event_subscription_timeouts" {
description = "A map of timeouts for event subscription create/update/delete operations"
type = map(string)
default = {}
}
################################################################################
# Certificate
################################################################################
variable "certificates" {
description = "Map of objects that define the certificates to be created"
type = map(any)
default = {}
}
################################################################################
# Access IAM Role
################################################################################
variable "create_access_iam_role" {
description = "Determines whether the ECS task definition IAM role should be created"
type = bool
default = true
}
variable "access_iam_role_name" {
description = "Name to use on IAM role created"
type = string
default = null
}
variable "access_iam_role_use_name_prefix" {
description = "Determines whether the IAM role name (`access_iam_role_name`) is used as a prefix"
type = bool
default = true
}
variable "access_iam_role_path" {
description = "IAM role path"
type = string
default = null
}
variable "access_iam_role_description" {
description = "Description of the role"
type = string
default = null
}
variable "access_iam_role_permissions_boundary" {
description = "ARN of the policy that is used to set the permissions boundary for the IAM role"
type = string
default = null
}
variable "access_iam_role_tags" {
description = "A map of additional tags to add to the IAM role created"
type = map(string)
default = {}
}
variable "access_iam_role_policies" {
description = "Map of IAM role policy ARNs to attach to the IAM role"
type = map(string)
default = {}
}
variable "create_access_policy" {
description = "Determines whether the IAM policy should be created"
type = bool
default = true
}
variable "access_iam_statements" {
description = "A map of IAM policy [statements](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document#statement) for custom permission usage"
type = any
default = {}
}
variable "access_kms_key_arns" {
description = "A list of KMS key ARNs the access IAM role is permitted to decrypt"
type = list(string)
default = []
}
variable "access_secret_arns" {
description = "A list of SecretManager secret ARNs the access IAM role is permitted to access"
type = list(string)
default = []
}
variable "access_source_s3_bucket_arns" {
description = "A list of S3 bucket ARNs the access IAM role is permitted to access"
type = list(string)
default = []
}
variable "access_target_s3_bucket_arns" {
description = "A list of S3 bucket ARNs the access IAM role is permitted to access"
type = list(string)
default = []
}
variable "access_target_elasticsearch_arns" {
description = "A list of Elasticsearch ARNs the access IAM role is permitted to access"
type = list(string)
default = []
}
variable "access_target_kinesis_arns" {
description = "A list of Kinesis ARNs the access IAM role is permitted to access"
type = list(string)
default = []
}
variable "access_target_dynamodb_table_arns" {
description = "A list of DynamoDB table ARNs the access IAM role is permitted to access"
type = list(string)
default = []
}