-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
174 lines (143 loc) · 6.67 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
variable "init" {
type = bool
default = false
description = "Is used for initiating the module itself for the first time. For more information please go here https://github.com/cloudeteer/terraform-azurerm-launchpad/blob/main/INSTALL.md "
}
variable "init_access_azure_principal_id" {
description = <<-EOD
Set the Azure Principal ID which will be given access to the storage account and key vault.
**NOTE**: This is only required when `init` is set to `true`.
EOD
type = string
default = null
}
variable "init_access_ip_address" {
type = string
default = null
description = "Set the IP Address of your current public IP in order to access the new created resources. For more information please go here https://github.com/cloudeteer/terraform-azurerm-launchpad/blob/main/INSTALL.md "
validation {
condition = (var.init && var.init_access_ip_address != null) || (!var.init && var.init_access_ip_address == null)
error_message = "init_access_ip_address ERROR!"
}
}
variable "key_vault_private_dns_zone_ids" {
type = list(string)
default = []
description = "A list of ID´s of DNS Zones in order to add the Private Endpoint of the Keyvault into your DNS Zones."
}
variable "key_vault_virtual_network_subnet_ids" {
type = list(string)
description = "A list of Subnet IDs that are allowed to access the Key Vault used by the Launchpad."
default = []
}
variable "location" {
type = string
description = "The geographic location where the resources will be deployed. This is must be a region name supported by Azure."
}
variable "management_group_names" {
type = list(string)
description = "A list of management group in order the Launchpad gets Owner-permission in these management-groups."
default = []
}
variable "name" {
type = string
description = "The base name applied to all resources created by this module."
default = "launchpad"
}
variable "name_suffix" {
type = string
description = <<-EOD
An optional suffix appended to the base name for all resources created by this module.
**NOTE**: This suffix is not applied to resources that use a randomly generated suffix (e.g., Key Vault and Storage Account).
EOD
default = null
}
variable "resource_group_name" {
description = "The name of the resource group in which the virtual machine should exist. Changing this forces a new resource to be created."
type = string
}
variable "runner_arch" {
type = string
default = "arm64"
description = "The CPU architecture to run the GitHub actions runner. Can be `x64` or `arm64`."
validation {
condition = contains(["x64", "arm64"], var.runner_arch)
error_message = "This architecture is not allowed. Please use 'x64' or 'arm64'"
}
}
variable "runner_count" {
type = string
default = "5"
description = "Specify the number of instances of a GitHub Action runner to install on a single virtual machine instance."
}
variable "runner_github_environments" {
type = map(string)
default = {
prod-azure = "prod-azure"
prod-azure-plan = "prod-azure (plan)"
}
description = "List of Github environments used by federal identity."
}
variable "runner_github_pat" {
type = string
sensitive = true
description = "GitHub PAT that will be used to register GitHub Action Runner tokens"
}
variable "runner_github_repo" {
type = string
description = "Specify the GitHub repository owner and name seperated by `/` to register the action runner. e.g. `cloudeteer/squad-customer`"
validation {
error_message = "You must specify the GitHub organization e.g. cloudeteer/squad-customer."
condition = length(split("/", var.runner_github_repo)) == 2
}
}
variable "runner_public_ip_address" {
type = bool
default = false
description = "Set the value of this variable to `true` if you want to allocate a public IP address to each instance within the Virtual Machine Scale Set. Enabling this option may be necessary to establish internet access when a direct connection to a HUB is currently unavailable."
}
variable "runner_user" {
type = string
default = "actions-runner"
description = "An unprivileged user to run the Runner application. If this user does not exist on the system, a new user will be created."
}
variable "runner_version" {
type = string
default = "latest"
description = "Set a specific GitHub action runner version (without the `v` in the version string) or use `latest`."
}
variable "runner_vm_instances" {
type = string
description = "Set the amount of VM´s in the Virtual Machine Sscale Set (VMSS). (Default '1')"
default = 1
}
variable "service_endpoints" {
description = <<-EOD
The list of Service endpoints to associate with the subnet. Possible values include: `Microsoft.AzureActiveDirectory`, `Microsoft.AzureCosmosDB`, `Microsoft.ContainerRegistry`, `Microsoft.EventHub`, `Microsoft.KeyVault`, `Microsoft.ServiceBus`, `Microsoft.Sql`, `Microsoft.Storage`, `Microsoft.Storage`.Global and `Microsoft.Web`.
**NOTE**: In order to use `Microsoft.Storage.Global` service endpoint (which allows access to virtual networks in other regions), you must enable the `AllowGlobalTagsForStorage` feature in your subscription. This is currently a preview feature, please see the [official documentation](https://learn.microsoft.com/en-us/azure/storage/common/storage-network-security?tabs=azure-cli#enabling-access-to-virtual-networks-in-other-regions-preview) for more information.
EOD
type = list(string)
default = ["Microsoft.KeyVault", "Microsoft.Storage"]
}
variable "subnet_address_prefixes" {
type = list(string)
description = "A list of IP address prefixes (CIDR blocks) to be assigned to the subnet. Each entry in the list represents a CIDR block used to define the address space of the subnet within the virtual network."
}
variable "subscription_ids" {
type = list(string)
description = "A list of subscription IDs, which the Launchpad will manage.Each must be exactly 36 characters long."
default = []
validation {
condition = alltrue([for id in var.subscription_ids : length(id) == 36])
error_message = "Each subscription ID must be exactly 36 characters long."
}
}
variable "tags" {
description = "A mapping of tags which should be assigned to all resources in this module."
type = map(string)
default = {}
}
variable "virtual_network_address_space" {
type = list(string)
description = "A list of IP address ranges to be assigned to the virtual network (VNet). Each entry in the list represents a CIDR block used to define the address space of the VNet."
}