acm_allow_record_overwrite |
Allow record overwrite in DNS validation |
bool |
true |
no |
acm_domain_names |
Domain name for ACM certificate |
list(string) |
[] |
no |
acm_hosted_zone_name |
Hosted zone name for DNS validation |
string |
"" |
no |
acm_private_zone |
Whether the hosted zone is private or not |
bool |
false |
no |
acm_ttl |
Time to live (TTL) for DNS records |
number |
60 |
no |
acm_validation_method |
Validation method for ACM certificate |
string |
"DNS" |
no |
alb_acm_certificate_domain_name |
ACM Certificate domain name |
string |
"" |
no |
alb_name_prefix |
Prefix for the Application Load Balancer name |
string |
"" |
no |
alb_route53_allow_record_overwrite |
Allow creation of this record in Terraform to overwrite an existing record |
bool |
false |
no |
alb_route53_evaluate_target_health |
Whether to evaluate the target health of the ALB |
bool |
true |
no |
alb_route53_private_zone |
Whether the DNS zone is private or not |
bool |
false |
no |
alb_route53_record_names |
The DNS record name for the first ALB record |
list(string) |
[] |
no |
alb_route53_record_type |
The DNS record type for ALB records |
string |
"A" |
no |
alb_route53_zone_name |
The DNS zone name |
string |
"" |
no |
alb_security_groups |
List of security group IDs for the Application Load Balancer (ALB) |
list(string) |
[] |
no |
alb_sg_name |
Name of the ALB security group |
string |
"aws-ref-alb-sg" |
no |
alb_subnets |
List of subnet IDs for the Application Load Balancer (ALB) |
list(string) |
[] |
no |
alb_target_group_name_prefix |
Prefix for the ALB target group name |
string |
"" |
no |
allocated_storage |
Allocated storage for the RDS instance (in GB) |
string |
"20" |
no |
apply_immediately |
Apply changes immediately or during the next maintenance window |
bool |
true |
no |
asg_create |
Whether to create asg or not. asg dependent on Launch Template |
bool |
true |
no |
asg_desired_capacity |
Desired capacity of the Auto Scaling Group |
number |
1 |
no |
asg_enable_monitoring |
Enable monitoring for the Auto Scaling Group |
bool |
true |
no |
asg_health_check_grace_period |
Health check grace period for instances in the Auto Scaling Group |
number |
300 |
no |
asg_health_check_type |
Health check type for the Auto Scaling Group |
string |
"ELB" |
no |
asg_max_size |
Maximum size of the Auto Scaling Group |
number |
2 |
no |
asg_min_size |
Minimum size of the Auto Scaling Group |
number |
1 |
no |
asg_name |
Name of the Auto Scaling Group |
string |
"" |
no |
asg_vpc_zone_identifier |
List of subnet IDs to launch resources in. Subnets automatically determine which availability zones the group will reside. Required if VPC is not created as part of this project |
list(string) |
[] |
no |
asg_wait_for_capacity_timeout |
Timeout for waiting for the desired capacity to be reached |
string |
"10m" |
no |
azs |
Availability Zones for subnets |
list(string) |
[] |
no |
backup_retention_period |
Backup retention period (in days) for the RDS instance |
number |
7 |
no |
backup_window |
Preferred backup window for the RDS instance |
string |
"03:00-05:00" |
no |
cidr |
CIDR block for the VPC |
string |
"" |
no |
create_alb_route53_record |
Whether to create ALB - Route53 record |
bool |
true |
no |
create_alb_sg |
Whether to create the Application Load Balancer (ALB) security group. |
bool |
false |
no |
create_certificates |
Controls if certificate should be generated |
bool |
true |
no |
create_custom_policy |
Whether to create custom policy |
bool |
false |
no |
create_db_subnet_group |
Create a new DB subnet group |
bool |
true |
no |
create_ec2_sg |
Whether to create the EC2 instance security group. |
bool |
false |
no |
create_efs_parameters |
Whether to store efs parameters on SSM parameter store |
bool |
false |
no |
create_efs_sg |
Whether to create the Elastic File System (EFS) security group. |
bool |
false |
no |
create_instance_profile |
Whether to create an instance profile |
bool |
true |
no |
create_launch_template |
Whether to create new launch template |
bool |
true |
no |
create_lb |
Controls if the Load Balancer should be created |
bool |
true |
no |
create_primary_database |
Whether to create primary database |
bool |
true |
no |
create_primary_db_parameters |
Whether to store primary database parameters on SSM parameter store |
bool |
false |
no |
create_rds_sg |
Whether to create the RDS security group. |
bool |
false |
no |
create_replica_database |
Whether to create replica database. create_primary_database must be true |
bool |
true |
no |
create_replica_db_parameters |
Whether to store replica database parameters on SSM parameter store |
bool |
false |
no |
create_ssh_sg |
Whether to create the SSH security group |
bool |
false |
no |
create_vpc |
Controls if VPC should be created |
bool |
true |
no |
custom_iam_policy_description |
Description for the IAM policy. Required if create_custom_policy set to true |
string |
"custom policy" |
no |
custom_iam_policy_json |
JSON policy document. Required if create_custom_policy set to true |
string |
"" |
no |
custom_iam_policy_name_prefix |
Prefix for the IAM policy name. Required if create_custom_policy set to true |
string |
"" |
no |
custom_iam_policy_path |
The path for the IAM policy. Required if create_custom_policy set to true |
string |
"/" |
no |
database_port |
Port for the RDS instance |
number |
3306 |
no |
db_identifier |
The name of the RDS instance |
string |
"aws-ref-arch-db" |
no |
db_master_username |
Master username for the RDS instance |
string |
"" |
no |
db_name |
Name of the initial database |
string |
"" |
no |
db_security_groups |
List of security group IDs for the RDS instance |
list(string) |
[] |
no |
db_subnet_cidr |
CIDR blocks for database subnets |
list(string) |
[] |
no |
db_subnet_group_name |
Name for the DB subnet group |
string |
"aws-ref-arch-db-subnet" |
no |
db_subnets |
List of DB subnets for the RDS instance |
list(string) |
[] |
no |
delete_automated_backups |
Delete automated backups when the RDS instance is deleted |
bool |
true |
no |
deletion_protection |
Enable or disable deletion protection for the RDS instance |
bool |
false |
no |
ec2_sg_name |
Name of the ec2 security group |
string |
"aws-ref-ec2-sg" |
no |
efs_create |
Whether to create Elastic File System |
bool |
false |
no |
efs_encrypted |
Whether to enable encryption for the EFS file system |
bool |
true |
no |
efs_mount_target_security_group_ids |
List of security group IDs for EFS mount targets |
list(string) |
[] |
no |
efs_mount_target_subnet_ids |
List of subnet IDs for EFS mount targets |
list(string) |
[] |
no |
efs_name |
Name of the Elastic File System |
string |
"" |
no |
efs_performance_mode |
The performance mode for the EFS file system (e.g., 'generalPurpose' or 'maxIO') |
string |
"generalPurpose" |
no |
efs_sg_name |
Name of the EFS security group |
string |
"aws-ref-efs-sg" |
no |
efs_throughput_mode |
The throughput mode for the EFS file system (e.g., 'bursting' or 'provisioned') |
string |
"bursting" |
no |
efs_transition_to_ia |
The lifecycle policy transition for files to Infrequent Access (IA) storage |
string |
"AFTER_30_DAYS" |
no |
enable_dns_hostnames |
Enable DNS hostnames for the VPC |
bool |
true |
no |
enable_dns_support |
Enable DNS resolution for the VPC |
bool |
true |
no |
enable_single_nat_gateway |
Enable a single NAT gateway for all private subnets |
bool |
false |
no |
enabled_cloudwatch_logs_exports |
Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine). MySQL and MariaDB: audit, error, general, slowquery. PostgreSQL: postgresql, upgrade. MSSQL: agent , error. Oracle: alert, audit, listener, trace. |
list(string) |
[ "audit", "error" ] |
no |
engine |
Database engine type |
string |
"mysql" |
no |
engine_version |
Database engine version |
string |
"8.0" |
no |
general_tags |
General tags to apply to resources created |
map(string) |
{ "Env": "dev", "Project_name": "aws-ref-architecture", "Team": "platform-team" } |
no |
iam_database_authentication_enabled |
Enable IAM database authentication |
bool |
false |
no |
instance_class |
RDS instance class |
string |
"db.t3.micro" |
no |
instance_profile_custom_policy_arns |
List of ARNs of custom policies(created outside of this project) to attach to the role |
list(string) |
[] |
no |
instance_profile_instance_profile_name |
Name of the IAM instance profile |
string |
"" |
no |
instance_profile_managed_policy_arns |
List of ARNs of managed policies to attach to the role |
list(string) |
[] |
no |
instance_profile_role_name |
Name of the IAM role associated with the instance profile |
string |
"aws-ref-instance-role" |
no |
instance_profile_role_path |
The path for the IAM role |
string |
"/" |
no |
intra_subnet_cidr |
CIDR blocks for intra subnets. Used as EFS subnets |
list(string) |
[] |
no |
launch_template_delete_on_termination |
Whether the root volume should be deleted on instance termination |
bool |
true |
no |
launch_template_device_name |
The device name for the root volume |
string |
"/dev/xvda" |
no |
launch_template_enable_monitoring |
Whether instance monitoring should be enabled |
bool |
false |
no |
launch_template_image_id |
The AMI from which to launch the instance. Default will be Amazonlinux2 |
string |
"" |
no |
launch_template_instance_type |
The EC2 instance type for instances launched from the template |
string |
"t2.micro" |
no |
launch_template_key_name |
The name of the SSH key pair to associate with instances launched from the template |
string |
"" |
no |
launch_template_name_prefix |
Creates a unique name beginning with the specified prefix |
string |
"aws-ref" |
no |
launch_template_resource_type |
The type of resource to tag |
string |
"instance" |
no |
launch_template_sg_ids |
List of security group IDs for the launch template |
list(string) |
[] |
no |
launch_template_update_default_version |
Flag to update the default version of the launch template |
bool |
true |
no |
launch_template_userdata_file_path |
Path to the user data script file |
string |
"" |
no |
launch_template_volume_size |
The size of the root volume for instances launched from the template (in GiB) |
number |
20 |
no |
launch_template_volume_type |
The type of volume for the root volume (e.g., 'gp2') |
string |
"gp2" |
no |
load_balancer_type |
Type of the Load Balancer |
string |
"application" |
no |
maintenance_window |
Maintenance window for the RDS instance |
string |
"Sat:05:00-Sat:07:00" |
no |
master_db_availability_zone |
Availability zone for the RDS instance |
string |
"" |
no |
max_allocated_storage |
Maximum allocated storage for the RDS instance (in GB) |
string |
"20" |
no |
multi_az |
Enable multi-AZ deployment for the RDS instance |
bool |
false |
no |
project_name |
Name of the project |
string |
"aws-ref-architecture" |
no |
public_subnet_cidr |
CIDR blocks for public subnets |
list(string) |
[] |
no |
publicly_accessible |
Make the RDS instance publicly accessible |
bool |
false |
no |
rds_sg_name |
Name of the RDS security group |
string |
"aws-ref-rds-sg" |
no |
replica_apply_immediately |
Apply changes immediately or during the next maintenance window for the replica |
bool |
null |
no |
replica_backup_retention_period |
Backup retention period (in days) for the RDS replica instance |
number |
null |
no |
replica_backup_window |
Preferred backup window for the RDS replica instance |
string |
"" |
no |
replica_database_port |
Port for the RDS replica instance |
number |
null |
no |
replica_db_availability_zone |
Availability zone for the RDS replica instance |
string |
"" |
no |
replica_db_identifier |
Identifier for the RDS replica instance |
string |
"" |
no |
replica_delete_automated_backups |
Delete automated backups when the RDS replica instance is deleted |
bool |
null |
no |
replica_deletion_protection |
Enable or disable deletion protection for the RDS replica instance |
bool |
null |
no |
replica_enabled_cloudwatch_logs_exports |
Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine). MySQL and MariaDB: audit, error, general, slowquery. PostgreSQL: postgresql, upgrade. MSSQL: agent , error. Oracle: alert, audit, listener, trace. |
list(string) |
[] |
no |
replica_engine |
Database engine type for the RDS replica instance |
string |
"" |
no |
replica_engine_version |
Database engine version for the RDS replica instance |
string |
"" |
no |
replica_iam_database_authentication_enabled |
Enable IAM database authentication |
bool |
null |
no |
replica_instance_class |
RDS instance class for the replica |
string |
"" |
no |
replica_maintenance_window |
Maintenance window for the RDS replica instance |
string |
"" |
no |
replica_max_allocated_storage |
Maximum allocated storage for the RDS replica instance (in GB) |
string |
"" |
no |
replica_multi_az |
Enable multi-AZ deployment for the RDS replica instance |
bool |
null |
no |
replica_publicly_accessible |
Make the RDS replica instance publicly accessible |
bool |
null |
no |
replica_skip_final_snapshot |
Skip the final DB snapshot when the RDS replica instance is deleted |
bool |
null |
no |
replica_storage_type |
Storage type for the RDS replica instance |
string |
"" |
no |
skip_final_snapshot |
Skip the final DB snapshot when the RDS instance is deleted |
bool |
true |
no |
ssh_ingress_cidr |
List of CIDR blocks allowed to SSH into the EC2 instances |
list(any) |
[] |
no |
ssh_sg_name |
Name of the SSH security group |
string |
"aws-ref-ssh-sg" |
no |
storage_type |
Storage type for the RDS instance |
string |
"gp2" |
no |
vpc_id |
Id of the VPC.Required while provisioning on an existing VPC |
string |
"" |
no |
vpc_name |
Name of the VPC |
string |
"aws-ref-arch-vpc" |
no |