forked from cloudposse/terraform-aws-mq-broker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
190 lines (161 loc) · 4.99 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
variable "apply_immediately" {
type = bool
default = false
description = "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window"
}
variable "auto_minor_version_upgrade" {
type = bool
default = false
description = "Enables automatic upgrades to new minor versions for brokers, as Apache releases the versions"
}
variable "deployment_mode" {
type = string
default = "ACTIVE_STANDBY_MULTI_AZ"
description = "The deployment mode of the broker. Supported: SINGLE_INSTANCE and ACTIVE_STANDBY_MULTI_AZ"
}
variable "engine_type" {
type = string
default = "ActiveMQ"
description = "Type of broker engine, `ActiveMQ` or `RabbitMQ`"
}
variable "engine_version" {
type = string
default = "5.15.14"
description = "The version of the broker engine. See https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html for more details"
}
variable "host_instance_type" {
type = string
default = "mq.t3.micro"
description = "The broker's instance type. e.g. mq.t2.micro or mq.m4.large"
}
variable "publicly_accessible" {
type = bool
default = false
description = "Whether to enable connections from applications outside of the VPC that hosts the broker's subnets"
}
variable "general_log_enabled" {
type = bool
default = true
description = "Enables general logging via CloudWatch"
}
variable "audit_log_enabled" {
type = bool
default = true
description = "Enables audit logging. User management action made using JMX or the ActiveMQ Web Console is logged"
}
variable "maintenance_day_of_week" {
type = string
default = "SUNDAY"
description = "The maintenance day of the week. e.g. MONDAY, TUESDAY, or WEDNESDAY"
}
variable "maintenance_time_of_day" {
type = string
default = "03:00"
description = "The maintenance time, in 24-hour format. e.g. 02:00"
}
variable "maintenance_time_zone" {
type = string
default = "UTC"
description = "The maintenance time zone, in either the Country/City format, or the UTC offset format. e.g. CET"
}
variable "mq_admin_user" {
type = string
default = null
description = "Admin username"
}
variable "mq_admin_password" {
type = string
default = null
description = "Admin password"
}
variable "mq_application_user" {
type = string
default = null
description = "Application username"
}
variable "mq_application_password" {
type = string
default = null
description = "Application password"
}
variable "security_group_enabled" {
type = bool
description = "Whether to create Security Group."
default = true
}
variable "security_group_description" {
type = string
default = "AmazonMQ Security Group"
description = "The Security Group description."
}
variable "security_group_use_name_prefix" {
type = bool
default = false
description = "Whether to create a default Security Group with unique name beginning with the normalized prefix."
}
variable "security_group_rules" {
type = list(any)
default = [
{
type = "egress"
from_port = 0
to_port = 65535
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
description = "Allow all outbound traffic"
}
]
description = <<-EOT
A list of maps of Security Group rules.
The values of map is fully complated with `aws_security_group_rule` resource.
To get more info see https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule .
EOT
}
variable "security_groups" {
description = "A list of Security Group IDs to associate with AmazonMQ."
type = list(string)
default = []
}
variable "vpc_id" {
type = string
description = "VPC ID to create the broker in"
}
variable "subnet_ids" {
type = list(string)
description = "List of VPC subnet IDs"
}
variable "overwrite_ssm_parameter" {
type = bool
default = true
description = "Whether to overwrite an existing SSM parameter"
}
variable "ssm_parameter_name_format" {
type = string
default = "/%s/%s"
description = "SSM parameter name format"
}
variable "ssm_path" {
type = string
default = "mq"
description = "SSM path"
}
variable "kms_ssm_key_arn" {
type = string
default = "alias/aws/ssm"
description = "ARN of the AWS KMS key used for SSM encryption"
}
variable "encryption_enabled" {
type = bool
default = true
description = "Flag to enable/disable Amazon MQ encryption at rest"
}
variable "kms_mq_key_arn" {
type = string
default = null
description = "ARN of the AWS KMS key used for Amazon MQ encryption"
}
variable "use_aws_owned_key" {
type = bool
default = true
description = "Boolean to enable an AWS owned Key Management Service (KMS) Customer Master Key (CMK) for Amazon MQ encryption that is not in your account"
}