-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathvariables.tf
95 lines (83 loc) · 2.6 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
variable "hostname" {
description = "Hostname of the managed website."
type = string
validation {
condition = can(regex("^[.0-9a-z-]+$", var.hostname))
error_message = "The hostname must be a valid DNS name."
}
}
variable "auth_provider" {
description = "Authentication provider. Currently only 'OKTA' is supported."
type = string
default = "OKTA"
validation {
condition = contains(["OKTA"], var.auth_provider)
error_message = "This is not a supported authentication provider."
}
}
variable "client_id" {
description = "The client_id from authentication provider."
type = string
}
variable "client_secret" {
description = "The client_secret from authentication provider."
type = string
sensitive = true
}
variable "redirect_uri" {
description = "The URI to redirect users to after successful login. Defaults to /_callback on hostname."
type = string
default = null
validation {
condition = can(regex("^https?://", var.redirect_uri))
error_message = "URI must begin with 'http://' or 'https://'."
}
}
variable "base_url" {
description = "The base_url or Org URL of the authentication provider."
type = string
validation {
condition = can(regex("^https?://", var.base_url))
error_message = "URL must begin with 'http://' or 'https://'."
}
}
variable "session_duration" {
description = "Length of time session will be valid."
type = number
default = 24
}
variable "acm_cert_arn" {
description = "ARN of AWS Certificate Manager certificate for website."
type = string
}
variable "s3_bucket_name" {
description = "Name of website S3 bucket. Must be globally unique. Defaults to hostname."
type = string
default = null
}
variable "deploy_arn" {
description = "(Optional) IAM user to give permissions to update site (via s3 bucket)."
type = string
default = null
}
variable "aliases" {
description = "List of any aliases (CNAMEs) for the website."
type = list(string)
default = []
validation {
condition = alltrue([
for alias in var.aliases : can(regex("^[.0-9a-z-]+$", alias))
])
error_message = "Aliases must be a valid DNS name."
}
}
variable "always_rebuild" {
description = "Always create new lambda zip source directory. Useful for environments, such as Terraform Cloud, where the terraform runner does not preserve local disk contents."
type = bool
default = true
}
variable "tags" {
description = "Common tags for created resources"
type = map(any)
default = {}
}