-
Notifications
You must be signed in to change notification settings - Fork 5
/
variables.tf
122 lines (104 loc) · 5.01 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
variable "vpn_connection" {
type = object({
name = string
static_routes_only = optional(bool, false)
tags = optional(map(string), {})
type = optional(string, "ipsec.1")
transit_gateway_id = optional(string)
vpn_gateway_id = optional(string)
enable_acceleration = optional(bool)
outside_ip_address_type = optional(string)
transport_transit_gateway_attachment_id = optional(string)
tunnel_inside_ip_version = optional(string)
local_ipv4_network_cidr = optional(string)
local_ipv6_network_cidr = optional(string)
remote_ipv4_network_cidr = optional(string)
remote_ipv6_network_cidr = optional(string)
tunnel1_inside_cidr = optional(string)
tunnel1_inside_ipv6_cidr = optional(string)
tunnel1_preshared_key = optional(string)
tunnel1_dpd_timeout_action = optional(string)
tunnel1_dpd_timeout_seconds = optional(number)
tunnel1_enable_tunnel_lifecycle_control = optional(bool)
tunnel1_ike_versions = optional(list(string))
tunnel1_rekey_fuzz_percentage = optional(number)
tunnel1_rekey_margin_time_seconds = optional(number)
tunnel1_replay_window_size = optional(number)
tunnel1_startup_action = optional(string)
tunnel1_phase1_dh_group_numbers = optional(list(number))
tunnel1_phase1_encryption_algorithms = optional(list(string))
tunnel1_phase1_integrity_algorithms = optional(list(string))
tunnel1_phase1_lifetime_seconds = optional(number)
tunnel1_phase2_dh_group_numbers = optional(list(number))
tunnel1_phase2_encryption_algorithms = optional(list(string))
tunnel1_phase2_integrity_algorithms = optional(list(string))
tunnel1_phase2_lifetime_seconds = optional(number)
tunnel1_log_options = optional(object({
cloudwatch_log_options = optional(object({
log_group_arn = optional(string)
log_enabled = optional(bool, true)
log_output_format = optional(string, "json")
}), {})
cloudwatch_log_group = optional(object({
kms_key_id = optional(string)
log_group_class = optional(string, "INFREQUENT_ACCESS")
retention_in_days = optional(number, 30)
skip_destroy = optional(bool, false)
tags = optional(map(string), {})
}), {})
}), {})
tunnel2_inside_cidr = optional(string)
tunnel2_inside_ipv6_cidr = optional(string)
tunnel2_preshared_key = optional(string)
tunnel2_dpd_timeout_action = optional(string)
tunnel2_dpd_timeout_seconds = optional(number)
tunnel2_enable_tunnel_lifecycle_control = optional(bool)
tunnel2_ike_versions = optional(list(string))
tunnel2_rekey_fuzz_percentage = optional(number)
tunnel2_rekey_margin_time_seconds = optional(number)
tunnel2_replay_window_size = optional(number)
tunnel2_startup_action = optional(string)
tunnel2_phase1_dh_group_numbers = optional(list(number))
tunnel2_phase1_encryption_algorithms = optional(list(string))
tunnel2_phase1_integrity_algorithms = optional(list(string))
tunnel2_phase1_lifetime_seconds = optional(number)
tunnel2_phase2_dh_group_numbers = optional(list(number))
tunnel2_phase2_encryption_algorithms = optional(list(string))
tunnel2_phase2_integrity_algorithms = optional(list(string))
tunnel2_phase2_lifetime_seconds = optional(number)
tunnel2_log_options = optional(object({
cloudwatch_log_options = optional(object({
log_group_arn = optional(string)
log_enabled = optional(bool, true)
log_output_format = optional(string, "json")
}), {})
cloudwatch_log_group = optional(object({
kms_key_id = optional(string)
log_group_class = optional(string, "INFREQUENT_ACCESS")
retention_in_days = optional(number, 30)
skip_destroy = optional(bool, false)
tags = optional(map(string), {})
}), {})
}), {})
customer_gateway = object({
name = string
bgp_asn = string
certificate_arn = optional(string)
device_name = optional(string)
ip_address = optional(string)
tags = optional(map(string))
type = optional(string, "ipsec.1")
})
routes = optional(list(object({
name = string
destination_cidr_block = string
})), [])
transit_gateway_route_table_association = optional(object({
transit_gateway_route_table_id = string
}))
transit_gateway_route_table_propagations = optional(list(object({
name = string
transit_gateway_route_table_id = string
})), [])
})
}