-
Notifications
You must be signed in to change notification settings - Fork 6
/
variables.pp
51 lines (46 loc) · 2.02 KB
/
variables.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
// Benchmarks and controls for specific services should override the "service" tag
locals {
aws_perimeter_common_tags = {
category = "Perimeter"
plugin = "aws"
service = "AWS"
}
}
variable "common_dimensions" {
type = list(string)
description = "A list of common dimensions to add to each control."
# Define which common dimensions should be added to each control.
# - account_id
# - connection_name (_ctx ->> 'connection_name')
# - region
default = ["account_id", "region"]
}
variable "tag_dimensions" {
type = list(string)
description = "A list of tags to add as dimensions to each control."
# A list of tag names to include as dimensions for resources that support
# tags (e.g. "Owner", "Environment"). Default to empty since tag names are
# a personal choice - for commonly used tag names see
# https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html#tag-categories
default = []
}
locals {
# Local internal variable to build the SQL select clause for common
# dimensions using a table name qualifier if required. Do not edit directly.
common_dimensions_qualifier_sql = <<-EOQ
%{~ if contains(var.common_dimensions, "connection_name") }, __QUALIFIER___ctx ->> 'connection_name' as connection_name%{ endif ~}
%{~ if contains(var.common_dimensions, "region") }, __QUALIFIER__region%{ endif ~}
%{~ if contains(var.common_dimensions, "account_id") }, __QUALIFIER__account_id%{ endif ~}
EOQ
# Local internal variable to build the SQL select clause for tag
# dimensions. Do not edit directly.
tag_dimensions_qualifier_sql = <<-EOQ
%{~ for dim in var.tag_dimensions }, __QUALIFIER__tags ->> '${dim}' as "${replace(dim, "\"", "\"\"")}"%{ endfor ~}
EOQ
}
locals {
# Local internal variable with the full SQL select clause for common
# dimensions and tags. Do not edit directly.
common_dimensions_sql = replace(local.common_dimensions_qualifier_sql, "__QUALIFIER__", "")
tag_dimensions_sql = replace(local.tag_dimensions_qualifier_sql, "__QUALIFIER__", "")
}