-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathvariables.tf
72 lines (60 loc) · 2.08 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
variable "use_existing_iam_role" {
type = bool
default = false
description = "Set this to true to use an existing IAM role"
}
variable "use_existing_iam_role_policy" {
type = bool
default = false
description = "Set this to `true` to use an existing policy on the IAM role, rather than attaching a new one"
}
variable "iam_role_arn" {
type = string
default = ""
description = "The IAM role ARN is required when setting use_existing_iam_role to `true`"
}
variable "iam_role_external_id" {
type = string
default = ""
description = "The external ID configured inside the IAM role is required when setting use_existing_iam_role to `true`"
}
variable "iam_role_name" {
type = string
default = ""
description = "The IAM role name. Required to match with iam_role_arn if use_existing_iam_role is set to `true`"
}
variable "permission_boundary_arn" {
type = string
default = null
description = "Optional - ARN of the policy that is used to set the permissions boundary for the role."
}
variable "external_id_length" {
type = number
default = 16
description = "**Deprecated** - Will be removed on our next major release v1.0.0"
}
variable "lacework_aws_account_id" {
type = string
default = "434813966438"
description = "The Lacework AWS account that the IAM role will grant access"
}
variable "lacework_integration_name" {
type = string
default = "TF config"
description = "The name of the integration in Lacework"
}
variable "lacework_audit_policy_name" {
type = string
default = ""
description = "The name of the custom audit policy (which extends SecurityAudit) to allow Lacework to read configs. Defaults to lwaudit-policy-$${random_id.uniq.hex} when empty"
}
variable "wait_time" {
type = string
default = "10s"
description = "Amount of time to wait before the next resource is provisioned"
}
variable "tags" {
type = map(string)
description = "A map/dictionary of Tags to be assigned to created resources"
default = {}
}