-
Notifications
You must be signed in to change notification settings - Fork 4
/
variables.tf
334 lines (280 loc) · 8.63 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
variable "name" {
type = string
description = "The name of the CloudFront distribution"
}
variable "additional_redirect_uris" {
type = list(string)
default = null
description = "Additional login redirect URLs"
}
variable "aliases" {
type = list(string)
default = []
description = "Extra CNAMEs (alternate domain names), if any, for this distribution"
}
variable "allowed_methods" {
type = list(string)
default = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
description = "Controls which HTTP methods CloudFront processes and forwards"
}
variable "application_logo" {
type = string
default = null
description = "Relative path to the application logo image"
}
variable "authentication" {
type = bool
default = false
description = "Whether to protect the cloudfront distribution behind an Okta application"
}
variable "bucket_lifecycle_rule" {
type = any
default = []
description = "List of maps containing lifecycle management configuration settings for this bucket"
}
variable "bucket_policy" {
type = string
default = null
description = "The bucket policy to merge with the Cloudfront permissions"
}
variable "block_public_acls" {
type = bool
default = true
description = "Whether Amazon S3 should block public ACLs for this bucket"
}
variable "block_public_policy" {
type = bool
default = true
description = "Whether Amazon S3 should block public bucket policies for this bucket"
}
variable "cached_methods" {
type = list(string)
default = ["GET", "HEAD"]
description = "Controls whether CloudFront caches the response to requests"
}
variable "certificate_arn" {
type = string
default = null
description = "The ARN of the AWS Certificate Manager certificate that you wish to use with this distribution"
}
variable "comment" {
type = string
default = null
description = "Any comments you want to include about the distribution"
}
variable "compress" {
type = bool
default = false
description = "Whether you want CloudFront to automatically compress content for web requests"
}
variable "cookie_domain" {
type = string
default = null
description = "The domain to set the authentication cookie on"
}
variable "cors_allowed_headers" {
type = list(string)
default = ["*"]
description = "Specifies which headers are allowed"
}
variable "cors_allowed_methods" {
type = list(string)
default = ["GET"]
description = "Specifies which methods are allowed"
}
variable "cors_allowed_origins" {
type = list(string)
default = []
description = "Specifies which origins are allowed"
}
variable "cors_expose_headers" {
type = list(string)
default = ["ETag"]
description = "Specifies expose header in the response"
}
variable "cors_max_age_seconds" {
type = number
default = 3600
description = "Specifies time (in seconds) the browser can cache the response for a preflight request"
}
variable "custom_error_response" {
type = list(object({
error_caching_min_ttl = string
error_code = string
response_code = string
response_page_path = string
}))
default = []
description = "List of one or more custom error response elements"
}
variable "default_root_object" {
type = string
default = "index.html"
description = "The object that you want CloudFront to return"
}
variable "default_ttl" {
type = number
default = 3600
description = "Default amount of time (in seconds) that an object is in a CloudFront cache"
}
variable "deployment_arn" {
type = string
default = null
description = "A resource ARN that can be used to deploy content to the origin bucket"
}
variable "enabled" {
type = bool
default = true
description = "Whether the distribution is enabled to accept requests for content"
}
variable "force_destroy" {
type = bool
default = false
description = "A boolean indicating all resources (and their data) should be deleted on destroy"
}
variable "forward_cookies" {
type = string
default = "none"
description = "Specifies whether you want CloudFront to forward cookies"
}
variable "forward_headers" {
type = list(string)
default = ["Access-Control-Request-Headers", "Access-Control-Request-Method", "Origin"]
description = "Specifies the headers you want CloudFront to vary upon for this cache behavior"
}
variable "forward_query_strings" {
type = bool
default = false
description = "Specifies whether you want CloudFront to forward query strings "
}
variable "geo_restriction_type" {
type = string
default = "none"
description = "The method that you want to use to restrict distribution of your content by country"
}
variable "geo_restriction_locations" {
type = list(string)
default = null
description = "The country codes for which you want CloudFront to whitelist or blacklist your content"
}
variable "hide_ios" {
type = bool
default = false
description = "Do not display the Okta application icon to users on mobile app"
}
variable "hide_web" {
type = bool
default = false
description = "Do not display the Okta application icon to users"
}
variable "ignore_public_acls" {
type = bool
default = true
description = "Whether Amazon S3 should ignore public ACLs for this bucket"
}
variable "ipv6_enabled" {
type = bool
default = false
description = "Whether IPv6 is enabled for the distribution"
}
variable "lambda_function_association" {
type = list(object({
event_type = string
include_body = bool
lambda_arn = string
}))
default = []
description = "A config block that triggers a lambda function with specific actions"
}
variable "logging" {
type = bool
default = true
description = "Enables logging for this distribution"
}
variable "login_uri_path" {
type = string
default = null
description = "Optional path to the login URL"
}
variable "minimum_protocol_version" {
type = string
default = "TLSv1.2_2018"
description = "The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections"
}
variable "max_ttl" {
type = number
default = 86400
description = "Maximum amount of time (in seconds) that an object is in a CloudFront cache"
}
variable "min_ttl" {
type = number
default = 0
description = "Minimum amount of time that you want objects to stay in CloudFront caches"
}
variable "okta_app_name" {
type = string
default = null
description = "The Okta OIDC application name"
}
variable "okta_org_name" {
type = string
default = null
description = "The Okta organization for the OIDC application"
}
variable "okta_groups" {
type = list(string)
default = []
description = "The default groups assigned to the Okta OIDC application"
}
variable "okta_spa" {
type = bool
default = false
description = "Set to true if this is a single page web application"
}
variable "origin_path" {
type = string
default = ""
description = "A path that CloudFront uses to request your content from a specific directory"
}
variable "price_class" {
type = string
default = "PriceClass_100"
description = "Price class for this distribution"
}
variable "redirect_uri_path" {
type = string
default = "_callback"
description = "Path to the login redirect URL"
}
variable "restrict_public_buckets" {
type = bool
default = true
description = "Whether Amazon S3 should restrict public bucket policies for this bucket"
}
variable "subdomain" {
type = string
description = "A DNS subdomain for this distribution"
}
variable "use_regional_endpoint" {
type = bool
default = false
description = "Whether to use a regional instead of the global endpoint address"
}
variable "viewer_protocol_policy" {
type = string
default = "redirect-to-https"
description = "Use this element to specify the protocol that users can use to access the files"
}
variable "wait_for_deployment" {
type = bool
default = true
description = "Whether to wait for the deployment of the CloudFront Distribution to be complete"
}
variable "zone_id" {
type = string
description = "ID of the Route53 zone in which to create the subdomain record"
}
variable "tags" {
type = map(string)
description = "A mapping of tags to assign to all resources"
}