| acm_allow_record_overwrite |
Allow record overwrite in DNS validation |
bool |
true |
no |
| acm_domain_names |
Domain name for ACM certificate |
list(string) |
[] |
no |
| acm_hosted_zone_name |
Hosted zone name for DNS validation |
string |
"" |
no |
| acm_private_zone |
Whether the hosted zone is private or not |
bool |
false |
no |
| acm_ttl |
Time to live (TTL) for DNS records |
number |
60 |
no |
| acm_validation_method |
Validation method for ACM certificate |
string |
"DNS" |
no |
| alb_acm_certificate_domain_name |
ACM Certificate domain name |
string |
"" |
no |
| alb_name_prefix |
Prefix for the Application Load Balancer name |
string |
"" |
no |
| alb_route53_allow_record_overwrite |
Allow creation of this record in Terraform to overwrite an existing record |
bool |
false |
no |
| alb_route53_evaluate_target_health |
Whether to evaluate the target health of the ALB |
bool |
true |
no |
| alb_route53_private_zone |
Whether the DNS zone is private or not |
bool |
false |
no |
| alb_route53_record_names |
The DNS record name for the first ALB record |
list(string) |
[] |
no |
| alb_route53_record_type |
The DNS record type for ALB records |
string |
"A" |
no |
| alb_route53_zone_name |
The DNS zone name |
string |
"" |
no |
| alb_security_groups |
List of security group IDs for the Application Load Balancer (ALB) |
list(string) |
[] |
no |
| alb_sg_name |
Name of the ALB security group |
string |
"aws-ref-alb-sg" |
no |
| alb_subnets |
List of subnet IDs for the Application Load Balancer (ALB) |
list(string) |
[] |
no |
| alb_target_group_name_prefix |
Prefix for the ALB target group name |
string |
"" |
no |
| allocated_storage |
Allocated storage for the RDS instance (in GB) |
string |
"20" |
no |
| apply_immediately |
Apply changes immediately or during the next maintenance window |
bool |
true |
no |
| asg_create |
Whether to create asg or not. asg dependent on Launch Template |
bool |
true |
no |
| asg_desired_capacity |
Desired capacity of the Auto Scaling Group |
number |
1 |
no |
| asg_enable_monitoring |
Enable monitoring for the Auto Scaling Group |
bool |
true |
no |
| asg_health_check_grace_period |
Health check grace period for instances in the Auto Scaling Group |
number |
300 |
no |
| asg_health_check_type |
Health check type for the Auto Scaling Group |
string |
"ELB" |
no |
| asg_max_size |
Maximum size of the Auto Scaling Group |
number |
2 |
no |
| asg_min_size |
Minimum size of the Auto Scaling Group |
number |
1 |
no |
| asg_name |
Name of the Auto Scaling Group |
string |
"" |
no |
| asg_vpc_zone_identifier |
List of subnet IDs to launch resources in. Subnets automatically determine which availability zones the group will reside. Required if VPC is not created as part of this project |
list(string) |
[] |
no |
| asg_wait_for_capacity_timeout |
Timeout for waiting for the desired capacity to be reached |
string |
"10m" |
no |
| azs |
Availability Zones for subnets |
list(string) |
[] |
no |
| backup_retention_period |
Backup retention period (in days) for the RDS instance |
number |
7 |
no |
| backup_window |
Preferred backup window for the RDS instance |
string |
"03:00-05:00" |
no |
| cidr |
CIDR block for the VPC |
string |
"" |
no |
| create_alb_route53_record |
Whether to create ALB - Route53 record |
bool |
true |
no |
| create_alb_sg |
Whether to create the Application Load Balancer (ALB) security group. |
bool |
false |
no |
| create_certificates |
Controls if certificate should be generated |
bool |
true |
no |
| create_custom_policy |
Whether to create custom policy |
bool |
false |
no |
| create_db_subnet_group |
Create a new DB subnet group |
bool |
true |
no |
| create_ec2_sg |
Whether to create the EC2 instance security group. |
bool |
false |
no |
| create_efs_parameters |
Whether to store efs parameters on SSM parameter store |
bool |
false |
no |
| create_efs_sg |
Whether to create the Elastic File System (EFS) security group. |
bool |
false |
no |
| create_instance_profile |
Whether to create an instance profile |
bool |
true |
no |
| create_launch_template |
Whether to create new launch template |
bool |
true |
no |
| create_lb |
Controls if the Load Balancer should be created |
bool |
true |
no |
| create_primary_database |
Whether to create primary database |
bool |
true |
no |
| create_primary_db_parameters |
Whether to store primary database parameters on SSM parameter store |
bool |
false |
no |
| create_rds_sg |
Whether to create the RDS security group. |
bool |
false |
no |
| create_replica_database |
Whether to create replica database. create_primary_database must be true |
bool |
true |
no |
| create_replica_db_parameters |
Whether to store replica database parameters on SSM parameter store |
bool |
false |
no |
| create_ssh_sg |
Whether to create the SSH security group |
bool |
false |
no |
| create_vpc |
Controls if VPC should be created |
bool |
true |
no |
| custom_iam_policy_description |
Description for the IAM policy. Required if create_custom_policy set to true |
string |
"custom policy" |
no |
| custom_iam_policy_json |
JSON policy document. Required if create_custom_policy set to true |
string |
"" |
no |
| custom_iam_policy_name_prefix |
Prefix for the IAM policy name. Required if create_custom_policy set to true |
string |
"" |
no |
| custom_iam_policy_path |
The path for the IAM policy. Required if create_custom_policy set to true |
string |
"/" |
no |
| database_port |
Port for the RDS instance |
number |
3306 |
no |
| db_identifier |
The name of the RDS instance |
string |
"aws-ref-arch-db" |
no |
| db_master_username |
Master username for the RDS instance |
string |
"" |
no |
| db_name |
Name of the initial database |
string |
"" |
no |
| db_security_groups |
List of security group IDs for the RDS instance |
list(string) |
[] |
no |
| db_subnet_cidr |
CIDR blocks for database subnets |
list(string) |
[] |
no |
| db_subnet_group_name |
Name for the DB subnet group |
string |
"aws-ref-arch-db-subnet" |
no |
| db_subnets |
List of DB subnets for the RDS instance |
list(string) |
[] |
no |
| delete_automated_backups |
Delete automated backups when the RDS instance is deleted |
bool |
true |
no |
| deletion_protection |
Enable or disable deletion protection for the RDS instance |
bool |
false |
no |
| ec2_sg_name |
Name of the ec2 security group |
string |
"aws-ref-ec2-sg" |
no |
| efs_create |
Whether to create Elastic File System |
bool |
false |
no |
| efs_encrypted |
Whether to enable encryption for the EFS file system |
bool |
true |
no |
| efs_mount_target_security_group_ids |
List of security group IDs for EFS mount targets |
list(string) |
[] |
no |
| efs_mount_target_subnet_ids |
List of subnet IDs for EFS mount targets |
list(string) |
[] |
no |
| efs_name |
Name of the Elastic File System |
string |
"" |
no |
| efs_performance_mode |
The performance mode for the EFS file system (e.g., 'generalPurpose' or 'maxIO') |
string |
"generalPurpose" |
no |
| efs_sg_name |
Name of the EFS security group |
string |
"aws-ref-efs-sg" |
no |
| efs_throughput_mode |
The throughput mode for the EFS file system (e.g., 'bursting' or 'provisioned') |
string |
"bursting" |
no |
| efs_transition_to_ia |
The lifecycle policy transition for files to Infrequent Access (IA) storage |
string |
"AFTER_30_DAYS" |
no |
| enable_dns_hostnames |
Enable DNS hostnames for the VPC |
bool |
true |
no |
| enable_dns_support |
Enable DNS resolution for the VPC |
bool |
true |
no |
| enable_single_nat_gateway |
Enable a single NAT gateway for all private subnets |
bool |
false |
no |
| enabled_cloudwatch_logs_exports |
Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine). MySQL and MariaDB: audit, error, general, slowquery. PostgreSQL: postgresql, upgrade. MSSQL: agent , error. Oracle: alert, audit, listener, trace. |
list(string) |
[
"audit",
"error"
] |
no |
| engine |
Database engine type |
string |
"mysql" |
no |
| engine_version |
Database engine version |
string |
"8.0" |
no |
| general_tags |
General tags to apply to resources created |
map(string) |
{
"Env": "dev",
"Project_name": "aws-ref-architecture",
"Team": "platform-team"
} |
no |
| iam_database_authentication_enabled |
Enable IAM database authentication |
bool |
false |
no |
| instance_class |
RDS instance class |
string |
"db.t3.micro" |
no |
| instance_profile_custom_policy_arns |
List of ARNs of custom policies(created outside of this project) to attach to the role |
list(string) |
[] |
no |
| instance_profile_instance_profile_name |
Name of the IAM instance profile |
string |
"" |
no |
| instance_profile_managed_policy_arns |
List of ARNs of managed policies to attach to the role |
list(string) |
[] |
no |
| instance_profile_role_name |
Name of the IAM role associated with the instance profile |
string |
"aws-ref-instance-role" |
no |
| instance_profile_role_path |
The path for the IAM role |
string |
"/" |
no |
| intra_subnet_cidr |
CIDR blocks for intra subnets. Used as EFS subnets |
list(string) |
[] |
no |
| launch_template_delete_on_termination |
Whether the root volume should be deleted on instance termination |
bool |
true |
no |
| launch_template_device_name |
The device name for the root volume |
string |
"/dev/xvda" |
no |
| launch_template_enable_monitoring |
Whether instance monitoring should be enabled |
bool |
false |
no |
| launch_template_image_id |
The AMI from which to launch the instance. Default will be Amazonlinux2 |
string |
"" |
no |
| launch_template_instance_type |
The EC2 instance type for instances launched from the template |
string |
"t2.micro" |
no |
| launch_template_key_name |
The name of the SSH key pair to associate with instances launched from the template |
string |
"" |
no |
| launch_template_name_prefix |
Creates a unique name beginning with the specified prefix |
string |
"aws-ref" |
no |
| launch_template_resource_type |
The type of resource to tag |
string |
"instance" |
no |
| launch_template_sg_ids |
List of security group IDs for the launch template |
list(string) |
[] |
no |
| launch_template_update_default_version |
Flag to update the default version of the launch template |
bool |
true |
no |
| launch_template_userdata_file_path |
Path to the user data script file |
string |
"" |
no |
| launch_template_volume_size |
The size of the root volume for instances launched from the template (in GiB) |
number |
20 |
no |
| launch_template_volume_type |
The type of volume for the root volume (e.g., 'gp2') |
string |
"gp2" |
no |
| load_balancer_type |
Type of the Load Balancer |
string |
"application" |
no |
| maintenance_window |
Maintenance window for the RDS instance |
string |
"Sat:05:00-Sat:07:00" |
no |
| master_db_availability_zone |
Availability zone for the RDS instance |
string |
"" |
no |
| max_allocated_storage |
Maximum allocated storage for the RDS instance (in GB) |
string |
"20" |
no |
| multi_az |
Enable multi-AZ deployment for the RDS instance |
bool |
false |
no |
| project_name |
Name of the project |
string |
"aws-ref-architecture" |
no |
| public_subnet_cidr |
CIDR blocks for public subnets |
list(string) |
[] |
no |
| publicly_accessible |
Make the RDS instance publicly accessible |
bool |
false |
no |
| rds_sg_name |
Name of the RDS security group |
string |
"aws-ref-rds-sg" |
no |
| replica_apply_immediately |
Apply changes immediately or during the next maintenance window for the replica |
bool |
null |
no |
| replica_backup_retention_period |
Backup retention period (in days) for the RDS replica instance |
number |
null |
no |
| replica_backup_window |
Preferred backup window for the RDS replica instance |
string |
"" |
no |
| replica_database_port |
Port for the RDS replica instance |
number |
null |
no |
| replica_db_availability_zone |
Availability zone for the RDS replica instance |
string |
"" |
no |
| replica_db_identifier |
Identifier for the RDS replica instance |
string |
"" |
no |
| replica_delete_automated_backups |
Delete automated backups when the RDS replica instance is deleted |
bool |
null |
no |
| replica_deletion_protection |
Enable or disable deletion protection for the RDS replica instance |
bool |
null |
no |
| replica_enabled_cloudwatch_logs_exports |
Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine). MySQL and MariaDB: audit, error, general, slowquery. PostgreSQL: postgresql, upgrade. MSSQL: agent , error. Oracle: alert, audit, listener, trace. |
list(string) |
[] |
no |
| replica_engine |
Database engine type for the RDS replica instance |
string |
"" |
no |
| replica_engine_version |
Database engine version for the RDS replica instance |
string |
"" |
no |
| replica_iam_database_authentication_enabled |
Enable IAM database authentication |
bool |
null |
no |
| replica_instance_class |
RDS instance class for the replica |
string |
"" |
no |
| replica_maintenance_window |
Maintenance window for the RDS replica instance |
string |
"" |
no |
| replica_max_allocated_storage |
Maximum allocated storage for the RDS replica instance (in GB) |
string |
"" |
no |
| replica_multi_az |
Enable multi-AZ deployment for the RDS replica instance |
bool |
null |
no |
| replica_publicly_accessible |
Make the RDS replica instance publicly accessible |
bool |
null |
no |
| replica_skip_final_snapshot |
Skip the final DB snapshot when the RDS replica instance is deleted |
bool |
null |
no |
| replica_storage_type |
Storage type for the RDS replica instance |
string |
"" |
no |
| skip_final_snapshot |
Skip the final DB snapshot when the RDS instance is deleted |
bool |
true |
no |
| ssh_ingress_cidr |
List of CIDR blocks allowed to SSH into the EC2 instances |
list(any) |
[] |
no |
| ssh_sg_name |
Name of the SSH security group |
string |
"aws-ref-ssh-sg" |
no |
| storage_type |
Storage type for the RDS instance |
string |
"gp2" |
no |
| vpc_id |
Id of the VPC.Required while provisioning on an existing VPC |
string |
"" |
no |
| vpc_name |
Name of the VPC |
string |
"aws-ref-arch-vpc" |
no |
