forked from cloudposse/terraform-aws-ec2-bastion-server
-
Notifications
You must be signed in to change notification settings - Fork 1
/
variables.tf
107 lines (89 loc) · 2.49 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
variable "zone_id" {
type = string
default = ""
description = "Route53 DNS Zone ID"
}
variable "instance_type" {
type = string
default = "t2.micro"
description = "Bastion instance type"
}
variable "ami" {
type = string
default = "ami-084ef34fdfdd7384c"
description = "AMI to use"
}
variable "vpc_id" {
type = string
description = "VPC ID"
}
variable "subnets" {
type = list(string)
description = "AWS subnet IDs"
}
variable "user_data" {
type = list(string)
default = []
description = "User data content"
}
variable "key_name" {
type = string
default = ""
description = "Key name"
}
variable "ssh_user" {
type = string
description = "Default SSH user for this AMI. e.g. `ec2user` for Amazon Linux and `ubuntu` for Ubuntu systems"
}
variable "ingress_security_groups" {
type = list(string)
description = "AWS security group IDs allowed ingress to instance"
default = []
}
variable "security_groups" {
type = list(string)
description = "AWS security group IDs associated with instance"
default = []
}
variable "allowed_cidr_blocks" {
type = list(string)
description = "A list of CIDR blocks allowed to connect"
default = [
"0.0.0.0/0",
]
}
variable "root_block_device_encrypted" {
type = bool
default = false
description = "Whether to encrypt the root block device"
}
variable "root_block_device_volume_size" {
type = number
default = 8
description = "The volume size (in GiB) to provision for the root block device. It cannot be smaller than the AMI it refers to."
}
variable "metadata_http_endpoint_enabled" {
type = bool
default = true
description = "Whether the metadata service is available"
}
variable "metadata_http_put_response_hop_limit" {
type = number
default = 1
description = "The desired HTTP PUT response hop limit (between 1 and 64) for instance metadata requests."
}
variable "metadata_http_tokens_required" {
type = bool
default = false
description = "Whether or not the metadata service requires session tokens, also referred to as Instance Metadata Service Version 2."
}
variable "associate_public_ip_address" {
type = bool
default = true
description = "Whether to associate a public IP to the instance."
}
variable "egress_allowed" {
type = bool
default = false
description = "Allow all egress traffic from instance"
}