-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
267 lines (227 loc) · 8.01 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
##################################################################################
## Core Configuration Variables
##################################################################################
#
variable "control_plane_url" {
type = string
description = "URL of the TrueFoundry control plane (e.g., 'https://app.truefoundry.com')"
}
variable "tfy_api_key" {
type = string
description = "TrueFoundry API key for authentication. Can be obtained from the TrueFoundry console."
sensitive = true
}
variable "cluster_name" {
type = string
description = "Name of the Kubernetes cluster to create or manage. Must be unique within your organization."
}
variable "cluster_type" {
type = string
description = "Type of cluster to create (aws-eks, azure-aks, gcp-gke-standard, generic)"
validation {
condition = contains(["aws-eks", "azure-aks", "gcp-gke-standard", "generic"], var.cluster_type)
error_message = "cluster_type must be one of: aws-eks, azure-aks, gcp-gke-standard, generic"
}
}
variable "always_update" {
type = bool
description = "Forces cluster configuration updates on every terraform apply, even without changes. Use with caution as it may cause unnecessary updates."
default = false
}
variable "stdout_log_file" {
type = string
description = "Log file of stdout"
default = "truefoundry-cluster.stdout"
}
variable "stderr_log_file" {
type = string
description = "Log file of stdout"
default = "truefoundry-cluster.stderr"
}
##################################################################################
## AWS
##################################################################################
#
variable "aws_account_id" {
type = string
description = "AWS Account ID where the EKS cluster will be created (e.g., '123456789012')"
default = null
}
variable "aws_region" {
type = string
description = "AWS Region where resources will be created (e.g., 'us-west-2')"
default = null
}
variable "aws_platform_features_user_enabled" {
type = bool
description = "Enable AWS IAM user-based authentication. If true, requires aws_platform_features_user_access_key_id and aws_platform_features_user_secret_access_key."
default = false
}
variable "aws_platform_features_user_access_key_id" {
type = string
description = "AWS IAM Access Key ID for user-based authentication. Required if aws_platform_features_user_enabled is true."
sensitive = true
default = null
}
variable "aws_platform_features_user_secret_access_key" {
type = string
description = "AWS IAM Secret Access Key for user-based authentication. Required if aws_platform_features_user_enabled is true."
sensitive = true
default = null
}
variable "aws_platform_features_role_arn" {
type = string
description = "AWS IAM Role ARN for role-based authentication (e.g., 'arn:aws:iam::123456789012:role/TrueFoundryRole')"
default = null
}
variable "aws_s3_enabled" {
type = bool
description = "Enable AWS S3 integration for cluster storage capabilities"
default = true
}
variable "aws_s3_bucket_name" {
type = string
description = "Name of the S3 bucket to use for cluster storage. Required if aws_s3_enabled is true."
default = null
}
variable "aws_ecr_enabled" {
type = bool
description = "Enable AWS Elastic Container Registry (ECR) integration for container image storage"
default = true
}
variable "aws_parameter_store_enabled" {
type = bool
description = "Enable AWS Systems Manager Parameter Store integration for secret management"
default = true
}
variable "aws_secrets_manager_enabled" {
type = bool
description = "Enable AWS Secrets Manager integration for enhanced secrets management capabilities"
default = false
}
variable "aws_cluster_integration_enabled" {
type = bool
description = "Enable direct integration with AWS EKS cluster services"
default = true
}
##################################################################################
## Azure
##################################################################################
#
variable "azure_subscription_id" {
type = string
description = "Azure Subscription ID where the AKS cluster will be created (e.g., '12345678-1234-1234-1234-123456789012')"
default = null
}
variable "azure_resource_group_name" {
type = string
description = "Name of the Azure Resource Group where the AKS cluster will be created"
default = null
}
variable "azure_cluster_integration_enabled" {
type = bool
description = "Enable direct integration with Azure AKS cluster services"
default = true
}
variable "azure_client_id" {
type = string
description = "Azure Service Principal Client ID for authentication"
default = null
}
variable "azure_client_secret" {
type = string
description = "Azure Service Principal Client Secret for authentication"
sensitive = true
default = null
}
variable "azure_tenant_id" {
type = string
description = "Azure Tenant ID associated with the subscription"
default = null
}
variable "azure_acr_enabled" {
type = bool
description = "Enable Azure Container Registry (ACR) integration for container image storage"
default = true
}
variable "azure_acr_admin_password" {
type = string
description = "Admin password for Azure Container Registry. Required if azure_acr_enabled is true."
sensitive = true
default = null
}
variable "azure_acr_admin_username" {
type = string
description = "Admin username for Azure Container Registry. Required if azure_acr_enabled is true."
default = null
}
variable "azure_acr_login_server" {
type = string
description = "Azure Container Registry login server URL (e.g., 'myregistry.azurecr.io')"
default = null
}
variable "azure_blob_storage_enabled" {
type = bool
description = "Enable Azure Blob Storage integration for cluster storage capabilities"
default = true
}
variable "azure_blob_storage_connection_string" {
type = string
description = "Connection string for Azure Storage Account. Required if azure_blob_storage_enabled is true."
sensitive = true
default = null
}
variable "azure_blob_storage_root_url" {
type = string
description = "Root URL for Azure Storage Account (e.g., 'https://mystorageaccount.blob.core.windows.net')"
default = null
}
##################################################################################
## GCP
##################################################################################
#
variable "gcp_project_id" {
type = string
description = "GCP Project ID where the GKE cluster will be created"
default = null
}
variable "gcp_artifact_registry_url" {
type = string
description = "URL for GCP Artifact Registry (e.g., 'LOCATION-docker.pkg.dev/PROJECT_ID')"
default = null
}
variable "gcp_storage_bucket_url" {
type = string
description = "URL for GCP Storage bucket (e.g., 'gs://bucket-name')"
default = null
}
variable "gcp_cluster_integration_enabled" {
type = bool
description = "Enable direct integration with GCP GKE cluster services"
default = true
}
variable "gcp_blob_storage_enabled" {
type = bool
description = "Enable GCP Blob Storage integration for cluster storage capabilities"
default = true
}
variable "gcp_secrets_manager_enabled" {
type = bool
description = "Enable GCP Secrets Manager integration for secret management"
default = true
}
variable "gcp_container_registry_enabled" {
type = bool
description = "Enable GCP Container Registry integration for container image storage"
default = true
}
variable "gcp_region" {
type = string
description = "GCP Region where the GKE cluster is located"
default = null
}
variable "gcp_sa_auth_data" {
type = string
description = "GCP Service Account auth_data"
default = null
}