-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathvariables.tf
96 lines (83 loc) · 4.32 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
variable "name" {
description = "(Required) The name of the DX connection."
type = string
nullable = false
}
variable "skip_destroy" {
description = "(Optional) Set to `true` if you do not wish the connection to be deleted at destroy time, and instead just removed from the Terraform state."
type = bool
default = false
nullable = false
}
variable "bandwidth" {
description = "(Required) The bandwidth of the DX connection. Valid values for dedicated connections: 1Gbps, 10Gbps. Valid values for hosted connections: 50Mbps, 100Mbps, 200Mbps, 300Mbps, 400Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps, 10Gbps and 100Gbps. Case sensitive."
type = string
nullable = false
}
variable "location_code" {
description = "(Required) The location code of AWS Direct Connect location where the connection is located. See `DescribeLocations` API for the list of AWS Direct Connect locations."
type = string
nullable = false
}
variable "service_provider" {
description = "(Optional) The name of the service provider associated with the connection."
type = string
default = null
}
variable "encryption" {
description = <<EOF
(Optional) The configuration for MACsec encryption of the AWS Direct Connect connection. MACsec is supported on 10 Gbps and 100 Gbps dedicated Direct Connect connections at selected points of presence. `encryption` as defined below.
(Optional) `request_macsec_capable_port` - Indicate whether you want the connection to support MAC Security (MACsec). MAC Security (MACsec) is only available on dedicated connections. See MACsec prerequisites for more information about MAC Security (MACsec) prerequisites. Defaults to `false`. Changing the value will cause the resource to be destroyed and re-created.
(Optional) `mode` - The connection MAC Security (MACsec) encryption mode. MAC Security (MACsec) is only available on dedicated connections. Valid values are `NO_ENCRYPT`, `SHOULD_ENCRYPT` and `MUST_ENCRYPT`. You can only specify the encryption_mode argument once the connection is in an Available state.
(Optional) `macsec_key_pair` - The values in this pair are used to generate the MACsec secret key. The MACsec secret key is generated by the devices at the ends of the connection using the CKN/CAK pair that you provide to AWS. `macsec_key_pair` as defined below.
(Required) `ckn` - The Connection Key Name (CKN) to associate with the dedicated connection. The valid values are 64 hexadecimal characters.
(Required) `cak` - The Connectivity Association Key (CAK) to associate with the dedicated connection. The valid values are 64 hexadecimal characters.
EOF
type = object({
request_macsec_capable_port = optional(bool, false)
mode = optional(string)
macsec_key_pair = optional(object({
ckn = string
cak = string
}))
})
default = {}
nullable = false
validation {
condition = var.encryption.mode != null ? contains(["NO_ENCRYPT", "SHOULD_ENCRYPT", "MUST_ENCRYPT"], var.encryption.mode) : true
error_message = "Valid values for `encryption.mode` are `NO_ENCRYPT`, `SHOULD_ENCRYPT` or `MUST_ENCRYPT`."
}
}
variable "tags" {
description = "(Optional) A map of tags to add to all resources."
type = map(string)
default = {}
nullable = false
}
variable "module_tags_enabled" {
description = "(Optional) Whether to create AWS Resource Tags for the module informations."
type = bool
default = true
nullable = false
}
###################################################
# Resource Group
###################################################
variable "resource_group_enabled" {
description = "(Optional) Whether to create Resource Group to find and group AWS resources which are created by this module."
type = bool
default = true
nullable = false
}
variable "resource_group_name" {
description = "(Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`."
type = string
default = ""
nullable = false
}
variable "resource_group_description" {
description = "(Optional) The description of Resource Group."
type = string
default = "Managed by Terraform."
nullable = false
}