| access_logs_bucket |
The name of the bucket to store LB access logs in. Required if access_logs_enabled is true |
string |
null |
no |
| access_logs_enabled |
Whether to enable LB access logging |
bool |
false |
no |
| access_logs_interval |
The log publishing interval in minutes |
number |
60 |
no |
| access_logs_prefix |
The path prefix to apply to the LB access logs. |
string |
null |
no |
| admin_email |
email address for administrator |
string |
n/a |
yes |
| admin_password |
initial password to use for administrator (only used when bootstrapping a new instance, otherwise ignored) |
string |
null |
no |
| alb_additional_sg_tags |
Additional tags to apply to the LB security group. Useful if you use an external process to manage ingress rules. |
map(string) |
{} |
no |
| alb_allowed_https_cidr_blocks |
List of allowed CIDR blocks. If [] is specified, no inbound ingress rules will be created |
list(string) |
[
"0.0.0.0/0"
] |
no |
| alb_allowed_ssh_cidr_blocks |
List of allowed CIDR blocks for SSH access. If [] is specified, no inbound ingress rules will be created |
list(string) |
[
"0.0.0.0/0"
] |
no |
| alb_certificate |
ARN of certificate to associate with LB |
string |
n/a |
yes |
| alb_https_internal |
Create as an internal or internet-facing LB |
bool |
true |
no |
| alb_https_port |
Port that the Load Balancer for Bitbucket should listen for HTTPS on (Default is 443.) |
number |
443 |
no |
| alb_https_subnets |
Subnets to associate HTTPS LB to |
list(string) |
n/a |
yes |
| alb_ssh_internal |
Create as an internal or internet-facing LB for SSH |
bool |
true |
no |
| alb_ssh_port |
Port that the Load Balancer for Bitbucket should listen for SSH on (Default is 22.) |
number |
22 |
no |
| alb_ssh_subnets |
Subnets to associate SSH LB to |
list(string) |
null |
no |
| alb_ssl_policy |
SSL policy for ALB |
string |
"ELBSecurityPolicy-TLS-1-2-2017-01" |
no |
| ami_id |
AMI to build on (must have ansible-role-atlassian-bitbucket module installed) |
string |
n/a |
yes |
| asg_additional_iam_policies |
Additional IAM policies to attach to the ASG instance profile |
list(string) |
[] |
no |
| asg_additional_security_groups |
Additional security group IDs to attach to ASG instances |
list(string) |
[] |
no |
| asg_additional_user_data |
Additional User Data to attach to the launch template |
string |
"" |
no |
| asg_allow_outbound_egress |
whether or not the default SG should allow outbound egress |
bool |
true |
no |
| asg_desired_capacity |
The number of Amazon EC2 instances that should be running in the group. |
number |
1 |
no |
| asg_instance_type |
Instance type for app |
string |
"t3a.micro" |
no |
| asg_key_name |
Optional ssh keypair to associate with instances |
string |
null |
no |
| asg_max_size |
Maximum number of instances in the autoscaling group |
number |
1 |
no |
| asg_min_size |
Minimum number of instances in the autoscaling group |
number |
1 |
no |
| asg_root_volume_size |
size of root volume (includes app install but not data dir) |
number |
20 |
no |
| asg_subnet |
Subnet to associate ASG instances with (specify no more than 1) |
string |
n/a |
yes |
| availability_zone |
Specify the availability zone that the instance will be deployed in. Because Bitbucket requires an EBS volume for data and can't use EFS, the value of availability_zone must match the AZ associated with the value of asg_subnet. |
string |
n/a |
yes |
| create_alb |
Create an ALB. This will by requirement create an NLB for SSH access on a separate address. |
bool |
false |
no |
| data_volume_size |
Size in GB of the data volume |
number |
n/a |
yes |
| db_additional_security_groups |
SGs permitted access to RDS |
list(string) |
[] |
no |
| db_allowed_access_cidrs |
CIDRs permitted access to RDS |
list(string) |
[] |
no |
| db_engine_version |
engine version to run |
string |
"11" |
no |
| db_instance_class |
DB Instance Size |
string |
"db.t3.large" |
no |
| db_monitoring_interval |
Enhanced monitoring interval (5-60 seconds, 0 to disable) |
number |
0 |
no |
| db_monitoring_role_arn |
IAM Role ARN for Database Monitoring permissions (if db_monitoring_interval > 0 and this is omitted, a role will be created automatically) |
string |
null |
no |
| db_multi_az |
If true, DB will be configured in multi-AZ mode |
bool |
false |
no |
| db_parameters |
DB parameters (by default only sets utf8 as required by Bitbucket) |
list(object({
apply_method = string
name = string
value = string
})) |
[
{
"apply_method": "immediate",
"name": "client_encoding",
"value": "UTF8"
}
] |
no |
| db_password_version |
Increment to force master user password change |
number |
1 |
no |
| db_performance_insights_enabled |
Whether or not to enable DB performance insights |
bool |
false |
no |
| db_storage_size |
Size of DB (in GB) |
number |
n/a |
yes |
| db_subnet_group |
Database subnet group |
string |
n/a |
yes |
| db_vpc_id |
VPC ID for database (if omitted, the value for vpc_id is used instead) |
string |
null |
no |
| dns_prefix |
Hostname that will be used for bitbucket. This will be combined with the domain in zone_id or the value of domain_name to form the base url. |
string |
null |
no |
| dns_ssh_prefix |
Hostname that will be used for bitbucket SSH access. This is only used when create_alb == true |
string |
null |
no |
| domain_name |
domain name, which is only used if zone_id is not specified to compute the base url |
string |
null |
no |
| elb_additional_sg_tags |
Additional tags to apply to the ELB security group. Useful if you use an external process to manage ingress rules. |
map(string) |
{} |
no |
| elb_allowed_cidr_blocks |
List of allowed CIDR blocks. If [] is specified, no inbound ingress rules will be created |
list(string) |
[
"0.0.0.0/0"
] |
no |
| elb_certificate |
ARN of certificate to associate with ELB |
string |
null |
no |
| elb_internal |
Create as an internal or internet-facing ELB |
bool |
true |
no |
| elb_port |
Port that the Elastic Load Balancer for Bitbucket should listen for HTTPS on (Default is 443.) |
number |
443 |
no |
| elb_ssh_port |
Port that the Elastic Load Balancer for Bitbucket should listen for SSH on (Default is 22.) |
number |
22 |
no |
| elb_subnets |
Subnets to associate ELB to |
list(string) |
null |
no |
| license_key |
Bitbucket license key (optional, must be a single line) |
string |
"" |
no |
| name |
Moniker to apply to all resources in the module |
string |
"bitbucket" |
no |
| site_name |
Bitbucket site name |
string |
"Bitbucket" |
no |
| tags |
User-Defined tags |
map(string) |
{} |
no |
| volume_key |
This value is set to a key on the EBS volume and must be present for the bitbucket instance to be permitted to attach it. |
string |
"bitbucket-volume" |
no |
| vpc_id |
VPC to create associated resources in |
string |
n/a |
yes |
| zone_id |
Zone ID to make Route53 entry for bitbucket in. If not specified, domain_name must be specified so that the base URL can be determined. |
string |
null |
no |
