forked from cloudposse/terraform-aws-transfer-sftp
-
Notifications
You must be signed in to change notification settings - Fork 1
/
variables.tf
149 lines (125 loc) · 4.41 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
variable "aws_profile" {
type = string
description = "AWS profile to use for AWS CLI to add DNS tags"
default = ""
}
variable "route53enabled" {
type = bool
default = true
}
variable "domain" {
type = string
description = "Where your files are stored. S3 or EFS"
default = "S3"
}
variable "sftp_users" {
type = map(object({
user_name = string,
public_key = string
}))
default = {}
description = "List of SFTP usernames and public keys"
}
variable "restricted_home" {
type = bool
description = "Restricts SFTP users so they only have access to their home directories."
default = true
}
variable "force_destroy" {
type = bool
description = "Forces the AWS Transfer Server to be destroyed"
default = false
}
variable "log_retention" {
type = string
description = "Transfer server cloudwatch log group retention"
default = "7"
}
variable "s3_bucket_name" {
type = string
description = "This is the bucket that the SFTP users will use when managing files"
}
# Variables used when deploying to VPC
variable "vpc_id" {
type = string
description = "VPC ID that the AWS Transfer Server will be deployed to"
default = null
}
variable "address_allocation_ids" {
type = list(string)
description = "A list of address allocation IDs that are required to attach an Elastic IP address to your SFTP server's endpoint. This property can only be used when endpoint_type is set to VPC."
default = []
}
variable "security_group_enabled" {
type = bool
description = "Whether to create default Security Group for AWS Transfer Server."
default = true
}
variable "security_group_description" {
type = string
default = "AWS Transfer Server Security Group"
description = "The Security Group description."
}
variable "security_group_use_name_prefix" {
type = bool
default = false
description = "Whether to create a default Security Group with unique name beginning with the normalized prefix."
}
variable "security_group_rules" {
type = list(any)
default = [
{
type = "ingress"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Allow inbound traffic"
}
]
description = <<-EOT
A list of maps of Security Group rules.
The values of map is fully complated with `aws_security_group_rule` resource.
To get more info see https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule .
EOT
}
variable "vpc_security_group_ids" {
type = list(string)
description = "A list of security groups IDs that are available to attach to your server's endpoint. If no security groups are specified, the VPC's default security groups are automatically assigned to your endpoint. This property can only be used when endpoint_type is set to VPC."
default = []
}
variable "subnet_ids" {
type = list(string)
description = "A list of subnet IDs that are required to host your SFTP server endpoint in your VPC. This property can only be used when endpoint_type is set to VPC."
default = []
}
variable "vpc_endpoint_id" {
type = string
description = "The ID of the VPC endpoint. This property can only be used when endpoint_type is set to VPC_ENDPOINT"
default = null
}
variable "security_policy_name" {
type = string
description = "Specifies the name of the security policy that is attached to the server. Possible values are TransferSecurityPolicy-2018-11, TransferSecurityPolicy-2020-06, and TransferSecurityPolicy-FIPS-2020-06. Default value is: TransferSecurityPolicy-2018-11."
default = "TransferSecurityPolicy-2018-11"
}
variable "domain_name" {
type = string
description = "Domain to use when connecting to the SFTP endpoint"
default = ""
}
variable "zone_id" {
type = string
description = "Route53 Zone ID to add the CNAME"
default = ""
}
variable "eip_enabled" {
type = bool
description = "Whether to provision and attach an Elastic IP to be used as the SFTP endpoint. An EIP will be provisioned per subnet."
default = false
}
variable "pre_authentication_login_banner" {
type = string
description = "This is pre authentication login banner while connectimg to server"
default = "This system is for the use of authorized Appzen users only."
}