generated from cloudposse/terraform-example-module
-
-
Notifications
You must be signed in to change notification settings - Fork 102
/
Copy pathvariables.tf
198 lines (167 loc) · 6.11 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
variable "kafka_version" {
type = string
description = "The desired Kafka software version"
}
variable "broker_instance_type" {
type = string
description = "The instance type to use for the Kafka brokers"
}
variable "broker_per_zone" {
type = number
default = 1
description = "Number of Kafka brokers per zone."
validation {
condition = var.broker_per_zone > 0
error_message = "The broker_per_zone value must be at atleast 1."
}
}
variable "broker_volume_size" {
type = number
default = 1000
description = "The size in GiB of the EBS volume for the data drive on each broker node"
}
variable "vpc_id" {
type = string
description = "VPC ID where subnets will be created (e.g. `vpc-aceb2723`)"
}
variable "subnet_ids" {
type = list(string)
description = "Subnet IDs for Client Broker"
validation {
condition = length(var.subnet_ids) > 0
error_message = "The subnet_ids list must have at atleast 1 value."
}
}
variable "zone_id" {
type = string
description = "Route53 DNS Zone ID for MSK broker hostnames"
default = null
}
# Intentionally not deprecated via security_group_inputs.tf since it cannot effectively be replaced via var.additional_security_group_rules.
# This is because the logic to create these rules exists within this module, and should not be passed in by the consumer
# of this module.
variable "allowed_cidr_blocks" {
type = list(string)
default = []
description = "List of CIDR blocks to be allowed to connect to the cluster"
}
variable "client_broker" {
type = string
default = "TLS"
description = "Encryption setting for data in transit between clients and brokers. Valid values: `TLS`, `TLS_PLAINTEXT`, and `PLAINTEXT`"
}
variable "encryption_in_cluster" {
type = bool
default = true
description = "Whether data communication among broker nodes is encrypted"
}
variable "encryption_at_rest_kms_key_arn" {
type = string
default = ""
description = "You may specify a KMS key short ID or ARN (it will always output an ARN) to use for encrypting your data at rest"
}
variable "enhanced_monitoring" {
type = string
default = "DEFAULT"
description = "Specify the desired enhanced MSK CloudWatch monitoring level. Valid values: `DEFAULT`, `PER_BROKER`, and `PER_TOPIC_PER_BROKER`"
}
variable "certificate_authority_arns" {
type = list(string)
default = []
description = "List of ACM Certificate Authority Amazon Resource Names (ARNs) to be used for TLS client authentication"
}
variable "client_allow_unauthenticated" {
type = bool
default = false
description = "Enables unauthenticated access."
}
variable "client_sasl_scram_enabled" {
type = bool
default = false
description = "Enables SCRAM client authentication via AWS Secrets Manager (cannot be set to `true` at the same time as `client_tls_auth_enabled`)."
}
variable "client_sasl_scram_secret_association_arns" {
type = list(string)
default = []
description = "List of AWS Secrets Manager secret ARNs for scram authentication (cannot be set to `true` at the same time as `client_tls_auth_enabled`)."
}
variable "client_sasl_iam_enabled" {
type = bool
default = false
description = "Enables client authentication via IAM policies (cannot be set to `true` at the same time as `client_sasl_*_enabled`)."
}
variable "client_tls_auth_enabled" {
type = bool
default = false
description = "Set `true` to enable the Client TLS Authentication"
}
variable "jmx_exporter_enabled" {
type = bool
default = false
description = "Set `true` to enable the JMX Exporter"
}
variable "node_exporter_enabled" {
type = bool
default = false
description = "Set `true` to enable the Node Exporter"
}
variable "cloudwatch_logs_enabled" {
type = bool
default = false
description = "Indicates whether you want to enable or disable streaming broker logs to Cloudwatch Logs"
}
variable "cloudwatch_logs_log_group" {
type = string
default = null
description = "Name of the Cloudwatch Log Group to deliver logs to"
}
variable "firehose_logs_enabled" {
type = bool
default = false
description = "Indicates whether you want to enable or disable streaming broker logs to Kinesis Data Firehose"
}
variable "firehose_delivery_stream" {
type = string
default = ""
description = "Name of the Kinesis Data Firehose delivery stream to deliver logs to"
}
variable "s3_logs_enabled" {
type = bool
default = false
description = " Indicates whether you want to enable or disable streaming broker logs to S3"
}
variable "s3_logs_bucket" {
type = string
default = ""
description = "Name of the S3 bucket to deliver logs to"
}
variable "s3_logs_prefix" {
type = string
default = ""
description = "Prefix to append to the S3 folder name logs are delivered to"
}
variable "properties" {
type = map(string)
default = {}
description = "Contents of the server.properties file. Supported properties are documented in the [MSK Developer Guide](https://docs.aws.amazon.com/msk/latest/developerguide/msk-configuration-properties.html)"
}
variable "autoscaling_enabled" {
type = bool
default = true
description = "To automatically expand your cluster's storage in response to increased usage, you can enable this. [More info](https://docs.aws.amazon.com/msk/latest/developerguide/msk-autoexpand.html)"
}
variable "storage_autoscaling_target_value" {
type = number
default = 60
description = "Percentage of storage used to trigger autoscaled storage increase"
}
variable "storage_autoscaling_max_capacity" {
type = number
default = null
description = "Maximum size the autoscaling policy can scale storage. Defaults to `broker_volume_size`"
}
variable "storage_autoscaling_disable_scale_in" {
type = bool
default = false
description = "If the value is true, scale in is disabled and the target tracking policy won't remove capacity from the scalable resource."
}