generated from blackbird-cloud/terraform-module-template
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathvariables.tf
73 lines (61 loc) · 2.13 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
variable "name" {
type = string
description = "Name of the VPN"
}
variable "vpn_saml_metadata" {
type = string
description = "VPN XML document generated by an identity provider that supports SAML 2.0."
}
variable "vpn_portal_saml_metadata" {
type = string
description = "VPN SelfService Portal XML document generated by an identity provider that supports SAML 2.0."
}
variable "tags" {
description = "(Optional) Map of resource tags for all AWS resources. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level."
type = map(string)
default = {}
}
variable "client_cidr_block" {
type = string
description = "CIDR Block used for assigning IP's to clients, must not overlap with any of the connected networks."
}
variable "server_certificate_arn" {
type = string
description = "ARN of the ACM certificate the server will use."
}
variable "cloudwatch_log_group_name" {
type = string
description = "(Optional) CloudWatch log group name for VPN connection logging."
default = ""
}
variable "cloudwatch_log_stream_name" {
type = string
description = "(Optional) CloudWatch log stream name for VPN connection logging."
default = ""
}
variable "auth_rules" {
type = list(object({
cidr = string
groups = list(string)
description = string
}))
description = "List of CIDR blocks, and IDP groups to authorize access for."
}
variable "private_subnets" {
type = list(string)
description = "List of private subnets"
}
variable "vpc_id" {
type = string
description = "VPC ID For the VPN SG"
}
variable "split_tunnel" {
default = false
type = bool
description = "To split the VPN tunnel, or not, defaults to false"
}
variable "dns_servers" {
type = list(string)
default = []
description = "(Optional) Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the connecting device is used."
}