fxinnovation-public
/
mirror-terraform-module-aws-vpc
mirror of https://github.com/terraform-aws-modules/terraform-aws-vpc
42
0
Fork 0
Code Issues 0 Releases 150 Wiki Activity
This is a mirror of the official AWS VPC module from github. (Prevents failed clones happening frequently when using github).
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
306 Commits
2 Branches
6.7MB
Tree: af51566b67
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'af51566b67'
${ noResults }
mirror-terraform-module-aws.../variables.tf

2599 lines
87KB
Raw Blame History 

  1. variable "create_vpc" {

  2.   description = "Controls if VPC should be created (it affects almost all resources)"

  3.   type        = bool

  4.   default     = true

  5. }

  6. 

  7. variable "name" {

  8.   description = "Name to be used on all the resources as identifier"

  9.   type        = string

  10.   default     = ""

  11. }

  12. 

  13. variable "cidr" {

  14.   description = "The CIDR block for the VPC. Default value is a valid CIDR, but not acceptable by AWS and should be overridden"

  15.   type        = string

  16.   default     = "0.0.0.0/0"

  17. }

  18. 

  19. variable "enable_ipv6" {

  20.   description = "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block."

  21.   type        = bool

  22.   default     = false

  23. }

  24. 

  25. variable "private_subnet_ipv6_prefixes" {

  26.   description = "Assigns IPv6 private subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"

  27.   type        = list(string)

  28.   default     = []

  29. }

  30. 

  31. variable "public_subnet_ipv6_prefixes" {

  32.   description = "Assigns IPv6 public subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"

  33.   type        = list(string)

  34.   default     = []

  35. }

  36. 

  37. variable "database_subnet_ipv6_prefixes" {

  38.   description = "Assigns IPv6 database subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"

  39.   type        = list(string)

  40.   default     = []

  41. }

  42. 

  43. variable "redshift_subnet_ipv6_prefixes" {

  44.   description = "Assigns IPv6 redshift subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"

  45.   type        = list(string)

  46.   default     = []

  47. }

  48. 

  49. variable "elasticache_subnet_ipv6_prefixes" {

  50.   description = "Assigns IPv6 elasticache subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"

  51.   type        = list(string)

  52.   default     = []

  53. }

  54. 

  55. variable "intra_subnet_ipv6_prefixes" {

  56.   description = "Assigns IPv6 intra subnet id based on the Amazon provided /56 prefix base 10 integer (0-256). Must be of equal length to the corresponding IPv4 subnet list"

  57.   type        = list(string)

  58.   default     = []

  59. }

  60. 

  61. variable "assign_ipv6_address_on_creation" {

  62.   description = "Assign IPv6 address on subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch"

  63.   type        = bool

  64.   default     = false

  65. }

  66. 

  67. variable "private_subnet_assign_ipv6_address_on_creation" {

  68.   description = "Assign IPv6 address on private subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch"

  69.   type        = bool

  70.   default     = null

  71. }

  72. 

  73. variable "public_subnet_assign_ipv6_address_on_creation" {

  74.   description = "Assign IPv6 address on public subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch"

  75.   type        = bool

  76.   default     = null

  77. }

  78. 

  79. variable "database_subnet_assign_ipv6_address_on_creation" {

  80.   description = "Assign IPv6 address on database subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch"

  81.   type        = bool

  82.   default     = null

  83. }

  84. 

  85. variable "redshift_subnet_assign_ipv6_address_on_creation" {

  86.   description = "Assign IPv6 address on redshift subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch"

  87.   type        = bool

  88.   default     = null

  89. }

  90. 

  91. variable "elasticache_subnet_assign_ipv6_address_on_creation" {

  92.   description = "Assign IPv6 address on elasticache subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch"

  93.   type        = bool

  94.   default     = null

  95. }

  96. 

  97. variable "intra_subnet_assign_ipv6_address_on_creation" {

  98.   description = "Assign IPv6 address on intra subnet, must be disabled to change IPv6 CIDRs. This is the IPv6 equivalent of map_public_ip_on_launch"

  99.   type        = bool

  100.   default     = null

  101. }

  102. 

  103. variable "secondary_cidr_blocks" {

  104.   description = "List of secondary CIDR blocks to associate with the VPC to extend the IP Address pool"

  105.   type        = list(string)

  106.   default     = []

  107. }

  108. 

  109. variable "instance_tenancy" {

  110.   description = "A tenancy option for instances launched into the VPC"

  111.   type        = string

  112.   default     = "default"

  113. }

  114. 

  115. variable "public_subnet_suffix" {

  116.   description = "Suffix to append to public subnets name"

  117.   type        = string

  118.   default     = "public"

  119. }

  120. 

  121. variable "private_subnet_suffix" {

  122.   description = "Suffix to append to private subnets name"

  123.   type        = string

  124.   default     = "private"

  125. }

  126. 

  127. variable "intra_subnet_suffix" {

  128.   description = "Suffix to append to intra subnets name"

  129.   type        = string

  130.   default     = "intra"

  131. }

  132. 

  133. variable "database_subnet_suffix" {

  134.   description = "Suffix to append to database subnets name"

  135.   type        = string

  136.   default     = "db"

  137. }

  138. 

  139. variable "redshift_subnet_suffix" {

  140.   description = "Suffix to append to redshift subnets name"

  141.   type        = string

  142.   default     = "redshift"

  143. }

  144. 

  145. variable "elasticache_subnet_suffix" {

  146.   description = "Suffix to append to elasticache subnets name"

  147.   type        = string

  148.   default     = "elasticache"

  149. }

  150. 

  151. variable "public_subnets" {

  152.   description = "A list of public subnets inside the VPC"

  153.   type        = list(string)

  154.   default     = []

  155. }

  156. 

  157. variable "private_subnets" {

  158.   description = "A list of private subnets inside the VPC"

  159.   type        = list(string)

  160.   default     = []

  161. }

  162. 

  163. variable "database_subnets" {

  164.   description = "A list of database subnets"

  165.   type        = list(string)

  166.   default     = []

  167. }

  168. 

  169. variable "redshift_subnets" {

  170.   description = "A list of redshift subnets"

  171.   type        = list(string)

  172.   default     = []

  173. }

  174. 

  175. variable "elasticache_subnets" {

  176.   description = "A list of elasticache subnets"

  177.   type        = list(string)

  178.   default     = []

  179. }

  180. 

  181. variable "intra_subnets" {

  182.   description = "A list of intra subnets"

  183.   type        = list(string)

  184.   default     = []

  185. }

  186. 

  187. variable "create_database_subnet_route_table" {

  188.   description = "Controls if separate route table for database should be created"

  189.   type        = bool

  190.   default     = false

  191. }

  192. 

  193. variable "create_redshift_subnet_route_table" {

  194.   description = "Controls if separate route table for redshift should be created"

  195.   type        = bool

  196.   default     = false

  197. }

  198. 

  199. variable "enable_public_redshift" {

  200.   description = "Controls if redshift should have public routing table"

  201.   type        = bool

  202.   default     = false

  203. }

  204. 

  205. variable "create_elasticache_subnet_route_table" {

  206.   description = "Controls if separate route table for elasticache should be created"

  207.   type        = bool

  208.   default     = false

  209. }

  210. 

  211. variable "create_database_subnet_group" {

  212.   description = "Controls if database subnet group should be created (n.b. database_subnets must also be set)"

  213.   type        = bool

  214.   default     = true

  215. }

  216. 

  217. variable "create_elasticache_subnet_group" {

  218.   description = "Controls if elasticache subnet group should be created"

  219.   type        = bool

  220.   default     = true

  221. }

  222. 

  223. variable "create_redshift_subnet_group" {

  224.   description = "Controls if redshift subnet group should be created"

  225.   type        = bool

  226.   default     = true

  227. }

  228. 

  229. variable "create_database_internet_gateway_route" {

  230.   description = "Controls if an internet gateway route for public database access should be created"

  231.   type        = bool

  232.   default     = false

  233. }

  234. 

  235. variable "create_database_nat_gateway_route" {

  236.   description = "Controls if a nat gateway route should be created to give internet access to the database subnets"

  237.   type        = bool

  238.   default     = false

  239. }

  240. 

  241. variable "azs" {

  242.   description = "A list of availability zones names or ids in the region"

  243.   type        = list(string)

  244.   default     = []

  245. }

  246. 

  247. variable "enable_dns_hostnames" {

  248.   description = "Should be true to enable DNS hostnames in the VPC"

  249.   type        = bool

  250.   default     = false

  251. }

  252. 

  253. variable "enable_dns_support" {

  254.   description = "Should be true to enable DNS support in the VPC"

  255.   type        = bool

  256.   default     = true

  257. }

  258. 

  259. variable "enable_classiclink" {

  260.   description = "Should be true to enable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic."

  261.   type        = bool

  262.   default     = null

  263. }

  264. 

  265. variable "enable_classiclink_dns_support" {

  266.   description = "Should be true to enable ClassicLink DNS Support for the VPC. Only valid in regions and accounts that support EC2 Classic."

  267.   type        = bool

  268.   default     = null

  269. }

  270. 

  271. variable "enable_nat_gateway" {

  272.   description = "Should be true if you want to provision NAT Gateways for each of your private networks"

  273.   type        = bool

  274.   default     = false

  275. }

  276. 

  277. variable "single_nat_gateway" {

  278.   description = "Should be true if you want to provision a single shared NAT Gateway across all of your private networks"

  279.   type        = bool

  280.   default     = false

  281. }

  282. 

  283. variable "one_nat_gateway_per_az" {

  284.   description = "Should be true if you want only one NAT Gateway per availability zone. Requires `var.azs` to be set, and the number of `public_subnets` created to be greater than or equal to the number of availability zones specified in `var.azs`."

  285.   type        = bool

  286.   default     = false

  287. }

  288. 

  289. variable "reuse_nat_ips" {

  290.   description = "Should be true if you don't want EIPs to be created for your NAT Gateways and will instead pass them in via the 'external_nat_ip_ids' variable"

  291.   type        = bool

  292.   default     = false

  293. }

  294. 

  295. variable "external_nat_ip_ids" {

  296.   description = "List of EIP IDs to be assigned to the NAT Gateways (used in combination with reuse_nat_ips)"

  297.   type        = list(string)

  298.   default     = []

  299. }

  300. 

  301. variable "external_nat_ips" {

  302.   description = "List of EIPs to be used for `nat_public_ips` output (used in combination with reuse_nat_ips and external_nat_ip_ids)"

  303.   type        = list(string)

  304.   default     = []

  305. }

  306. 

  307. variable "enable_public_s3_endpoint" {

  308.   description = "Whether to enable S3 VPC Endpoint for public subnets"

  309.   default     = true

  310.   type        = bool

  311. }

  312. 

  313. variable "enable_dynamodb_endpoint" {

  314.   description = "Should be true if you want to provision a DynamoDB endpoint to the VPC"

  315.   type        = bool

  316.   default     = false

  317. }

  318. 

  319. variable "enable_s3_endpoint" {

  320.   description = "Should be true if you want to provision an S3 endpoint to the VPC"

  321.   type        = bool

  322.   default     = false

  323. }

  324. 

  325. variable "enable_codeartifact_api_endpoint" {

  326.   description = "Should be true if you want to provision an Codeartifact API endpoint to the VPC"

  327.   type        = bool

  328.   default     = false

  329. }

  330. 

  331. variable "codeartifact_api_endpoint_security_group_ids" {

  332.   description = "The ID of one or more security groups to associate with the network interface for Codeartifact API endpoint"

  333.   type        = list(string)

  334.   default     = []

  335. }

  336. 

  337. variable "codeartifact_api_endpoint_subnet_ids" {

  338.   description = "The ID of one or more subnets in which to create a network interface for Codeartifact API endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  339.   type        = list(string)

  340.   default     = []

  341. }

  342. 

  343. variable "codeartifact_api_endpoint_private_dns_enabled" {

  344.   description = "Whether or not to associate a private hosted zone with the specified VPC for Codeartifact API endpoint"

  345.   type        = bool

  346.   default     = false

  347. }

  348. 

  349. variable "enable_codeartifact_repositories_endpoint" {

  350.   description = "Should be true if you want to provision an Codeartifact repositories endpoint to the VPC"

  351.   type        = bool

  352.   default     = false

  353. }

  354. 

  355. variable "codeartifact_repositories_endpoint_security_group_ids" {

  356.   description = "The ID of one or more security groups to associate with the network interface for Codeartifact repositories endpoint"

  357.   type        = list(string)

  358.   default     = []

  359. }

  360. 

  361. variable "codeartifact_repositories_endpoint_subnet_ids" {

  362.   description = "The ID of one or more subnets in which to create a network interface for Codeartifact repositories endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  363.   type        = list(string)

  364.   default     = []

  365. }

  366. 

  367. variable "codeartifact_repositories_endpoint_private_dns_enabled" {

  368.   description = "Whether or not to associate a private hosted zone with the specified VPC for Codeartifact repositories endpoint"

  369.   type        = bool

  370.   default     = false

  371. }

  372. 

  373. variable "enable_codebuild_endpoint" {

  374.   description = "Should be true if you want to provision an Codebuild endpoint to the VPC"

  375.   type        = bool

  376.   default     = false

  377. }

  378. 

  379. variable "codebuild_endpoint_security_group_ids" {

  380.   description = "The ID of one or more security groups to associate with the network interface for Codebuild endpoint"

  381.   type        = list(string)

  382.   default     = []

  383. }

  384. 

  385. variable "codebuild_endpoint_subnet_ids" {

  386.   description = "The ID of one or more subnets in which to create a network interface for Codebuilt endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  387.   type        = list(string)

  388.   default     = []

  389. }

  390. 

  391. variable "codebuild_endpoint_private_dns_enabled" {

  392.   description = "Whether or not to associate a private hosted zone with the specified VPC for Codebuild endpoint"

  393.   type        = bool

  394.   default     = false

  395. }

  396. 

  397. variable "enable_codecommit_endpoint" {

  398.   description = "Should be true if you want to provision an Codecommit endpoint to the VPC"

  399.   type        = bool

  400.   default     = false

  401. }

  402. 

  403. variable "codecommit_endpoint_security_group_ids" {

  404.   description = "The ID of one or more security groups to associate with the network interface for Codecommit endpoint"

  405.   type        = list(string)

  406.   default     = []

  407. }

  408. 

  409. variable "codecommit_endpoint_subnet_ids" {

  410.   description = "The ID of one or more subnets in which to create a network interface for Codecommit endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  411.   type        = list(string)

  412.   default     = []

  413. }

  414. 

  415. variable "codecommit_endpoint_private_dns_enabled" {

  416.   description = "Whether or not to associate a private hosted zone with the specified VPC for Codecommit endpoint"

  417.   type        = bool

  418.   default     = false

  419. }

  420. 

  421. variable "enable_git_codecommit_endpoint" {

  422.   description = "Should be true if you want to provision an Git Codecommit endpoint to the VPC"

  423.   type        = bool

  424.   default     = false

  425. }

  426. 

  427. variable "git_codecommit_endpoint_security_group_ids" {

  428.   description = "The ID of one or more security groups to associate with the network interface for Git Codecommit endpoint"

  429.   type        = list(string)

  430.   default     = []

  431. }

  432. 

  433. variable "git_codecommit_endpoint_subnet_ids" {

  434.   description = "The ID of one or more subnets in which to create a network interface for Git Codecommit endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  435.   type        = list(string)

  436.   default     = []

  437. }

  438. 

  439. variable "git_codecommit_endpoint_private_dns_enabled" {

  440.   description = "Whether or not to associate a private hosted zone with the specified VPC for Git Codecommit endpoint"

  441.   type        = bool

  442.   default     = false

  443. }

  444. 

  445. variable "enable_config_endpoint" {

  446.   description = "Should be true if you want to provision an config endpoint to the VPC"

  447.   type        = bool

  448.   default     = false

  449. }

  450. 

  451. variable "config_endpoint_security_group_ids" {

  452.   description = "The ID of one or more security groups to associate with the network interface for config endpoint"

  453.   type        = list(string)

  454.   default     = []

  455. }

  456. 

  457. variable "config_endpoint_subnet_ids" {

  458.   description = "The ID of one or more subnets in which to create a network interface for config endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  459.   type        = list(string)

  460.   default     = []

  461. }

  462. 

  463. variable "config_endpoint_private_dns_enabled" {

  464.   description = "Whether or not to associate a private hosted zone with the specified VPC for config endpoint"

  465.   type        = bool

  466.   default     = false

  467. }

  468. 

  469. variable "enable_sqs_endpoint" {

  470.   description = "Should be true if you want to provision an SQS endpoint to the VPC"

  471.   type        = bool

  472.   default     = false

  473. }

  474. 

  475. variable "sqs_endpoint_security_group_ids" {

  476.   description = "The ID of one or more security groups to associate with the network interface for SQS endpoint"

  477.   type        = list(string)

  478.   default     = []

  479. }

  480. 

  481. variable "sqs_endpoint_subnet_ids" {

  482.   description = "The ID of one or more subnets in which to create a network interface for SQS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  483.   type        = list(string)

  484.   default     = []

  485. }

  486. 

  487. variable "sqs_endpoint_private_dns_enabled" {

  488.   description = "Whether or not to associate a private hosted zone with the specified VPC for SQS endpoint"

  489.   type        = bool

  490.   default     = false

  491. }

  492. 

  493. variable "enable_lambda_endpoint" {

  494.   description = "Should be true if you want to provision a Lambda endpoint to the VPC"

  495.   type        = bool

  496.   default     = false

  497. }

  498. 

  499. variable "lambda_endpoint_security_group_ids" {

  500.   description = "The ID of one or more security groups to associate with the network interface for Lambda endpoint"

  501.   type        = list(string)

  502.   default     = []

  503. }

  504. 

  505. variable "lambda_endpoint_subnet_ids" {

  506.   description = "The ID of one or more subnets in which to create a network interface for Lambda endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  507.   type        = list(string)

  508.   default     = []

  509. }

  510. 

  511. variable "lambda_endpoint_private_dns_enabled" {

  512.   description = "Whether or not to associate a private hosted zone with the specified VPC for Lambda endpoint"

  513.   type        = bool

  514.   default     = false

  515. }

  516. 

  517. variable "enable_ssm_endpoint" {

  518.   description = "Should be true if you want to provision an SSM endpoint to the VPC"

  519.   type        = bool

  520.   default     = false

  521. }

  522. 

  523. variable "ssm_endpoint_security_group_ids" {

  524.   description = "The ID of one or more security groups to associate with the network interface for SSM endpoint"

  525.   type        = list(string)

  526.   default     = []

  527. }

  528. 

  529. variable "ssm_endpoint_subnet_ids" {

  530.   description = "The ID of one or more subnets in which to create a network interface for SSM endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  531.   type        = list(string)

  532.   default     = []

  533. }

  534. 

  535. variable "ssm_endpoint_private_dns_enabled" {

  536.   description = "Whether or not to associate a private hosted zone with the specified VPC for SSM endpoint"

  537.   type        = bool

  538.   default     = false

  539. }

  540. 

  541. variable "enable_secretsmanager_endpoint" {

  542.   description = "Should be true if you want to provision an Secrets Manager endpoint to the VPC"

  543.   type        = bool

  544.   default     = false

  545. }

  546. 

  547. variable "secretsmanager_endpoint_security_group_ids" {

  548.   description = "The ID of one or more security groups to associate with the network interface for Secrets Manager endpoint"

  549.   type        = list(string)

  550.   default     = []

  551. }

  552. 

  553. variable "secretsmanager_endpoint_subnet_ids" {

  554.   description = "The ID of one or more subnets in which to create a network interface for Secrets Manager endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  555.   type        = list(string)

  556.   default     = []

  557. }

  558. 

  559. variable "secretsmanager_endpoint_private_dns_enabled" {

  560.   description = "Whether or not to associate a private hosted zone with the specified VPC for Secrets Manager endpoint"

  561.   type        = bool

  562.   default     = false

  563. }

  564. 

  565. variable "enable_apigw_endpoint" {

  566.   description = "Should be true if you want to provision an api gateway endpoint to the VPC"

  567.   type        = bool

  568.   default     = false

  569. }

  570. 

  571. variable "apigw_endpoint_security_group_ids" {

  572.   description = "The ID of one or more security groups to associate with the network interface for API GW  endpoint"

  573.   type        = list(string)

  574.   default     = []

  575. }

  576. 

  577. variable "apigw_endpoint_private_dns_enabled" {

  578.   description = "Whether or not to associate a private hosted zone with the specified VPC for API GW endpoint"

  579.   type        = bool

  580.   default     = false

  581. }

  582. 

  583. variable "apigw_endpoint_subnet_ids" {

  584.   description = "The ID of one or more subnets in which to create a network interface for API GW endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  585.   type        = list(string)

  586.   default     = []

  587. }

  588. 

  589. variable "enable_ssmmessages_endpoint" {

  590.   description = "Should be true if you want to provision a SSMMESSAGES endpoint to the VPC"

  591.   type        = bool

  592.   default     = false

  593. }

  594. 

  595. variable "ssmmessages_endpoint_security_group_ids" {

  596.   description = "The ID of one or more security groups to associate with the network interface for SSMMESSAGES endpoint"

  597.   type        = list(string)

  598.   default     = []

  599. }

  600. 

  601. variable "ssmmessages_endpoint_subnet_ids" {

  602.   description = "The ID of one or more subnets in which to create a network interface for SSMMESSAGES endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  603.   type        = list(string)

  604.   default     = []

  605. }

  606. 

  607. variable "ssmmessages_endpoint_private_dns_enabled" {

  608.   description = "Whether or not to associate a private hosted zone with the specified VPC for SSMMESSAGES endpoint"

  609.   type        = bool

  610.   default     = false

  611. }

  612. 

  613. variable "enable_textract_endpoint" {

  614.   description = "Should be true if you want to provision an Textract endpoint to the VPC"

  615.   type        = bool

  616.   default     = false

  617. }

  618. 

  619. variable "textract_endpoint_security_group_ids" {

  620.   description = "The ID of one or more security groups to associate with the network interface for Textract endpoint"

  621.   type        = list(string)

  622.   default     = []

  623. }

  624. 

  625. variable "textract_endpoint_subnet_ids" {

  626.   description = "The ID of one or more subnets in which to create a network interface for Textract endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  627.   type        = list(string)

  628.   default     = []

  629. }

  630. 

  631. variable "textract_endpoint_private_dns_enabled" {

  632.   description = "Whether or not to associate a private hosted zone with the specified VPC for Textract endpoint"

  633.   type        = bool

  634.   default     = false

  635. }

  636. 

  637. variable "enable_transferserver_endpoint" {

  638.   description = "Should be true if you want to provision a Transfer Server endpoint to the VPC"

  639.   type        = bool

  640.   default     = false

  641. }

  642. 

  643. variable "transferserver_endpoint_security_group_ids" {

  644.   description = "The ID of one or more security groups to associate with the network interface for Transfer Server endpoint"

  645.   type        = list(string)

  646.   default     = []

  647. }

  648. 

  649. variable "transferserver_endpoint_subnet_ids" {

  650.   description = "The ID of one or more subnets in which to create a network interface for Transfer Server endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  651.   type        = list(string)

  652.   default     = []

  653. }

  654. 

  655. variable "transferserver_endpoint_private_dns_enabled" {

  656.   description = "Whether or not to associate a private hosted zone with the specified VPC for Transfer Server endpoint"

  657.   type        = bool

  658.   default     = false

  659. }

  660. 

  661. 

  662. variable "enable_ec2_endpoint" {

  663.   description = "Should be true if you want to provision an EC2 endpoint to the VPC"

  664.   type        = bool

  665.   default     = false

  666. }

  667. 

  668. variable "ec2_endpoint_security_group_ids" {

  669.   description = "The ID of one or more security groups to associate with the network interface for EC2 endpoint"

  670.   type        = list(string)

  671.   default     = []

  672. }

  673. 

  674. variable "ec2_endpoint_private_dns_enabled" {

  675.   description = "Whether or not to associate a private hosted zone with the specified VPC for EC2 endpoint"

  676.   type        = bool

  677.   default     = false

  678. }

  679. 

  680. variable "ec2_endpoint_subnet_ids" {

  681.   description = "The ID of one or more subnets in which to create a network interface for EC2 endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  682.   type        = list(string)

  683.   default     = []

  684. }

  685. 

  686. variable "enable_ec2messages_endpoint" {

  687.   description = "Should be true if you want to provision an EC2MESSAGES endpoint to the VPC"

  688.   type        = bool

  689.   default     = false

  690. }

  691. 

  692. variable "ec2messages_endpoint_security_group_ids" {

  693.   description = "The ID of one or more security groups to associate with the network interface for EC2MESSAGES endpoint"

  694.   type        = list(string)

  695.   default     = []

  696. }

  697. 

  698. variable "ec2messages_endpoint_private_dns_enabled" {

  699.   description = "Whether or not to associate a private hosted zone with the specified VPC for EC2MESSAGES endpoint"

  700.   type        = bool

  701.   default     = false

  702. }

  703. 

  704. variable "ec2messages_endpoint_subnet_ids" {

  705.   description = "The ID of one or more subnets in which to create a network interface for EC2MESSAGES endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  706.   type        = list(string)

  707.   default     = []

  708. }

  709. 

  710. 

  711. variable "enable_ec2_autoscaling_endpoint" {

  712.   description = "Should be true if you want to provision an EC2 Autoscaling endpoint to the VPC"

  713.   type        = bool

  714.   default     = false

  715. }

  716. 

  717. variable "ec2_autoscaling_endpoint_security_group_ids" {

  718.   description = "The ID of one or more security groups to associate with the network interface for EC2 Autoscaling endpoint"

  719.   type        = list(string)

  720.   default     = []

  721. }

  722. 

  723. variable "ec2_autoscaling_endpoint_private_dns_enabled" {

  724.   description = "Whether or not to associate a private hosted zone with the specified VPC for EC2 Autoscaling endpoint"

  725.   type        = bool

  726.   default     = false

  727. }

  728. 

  729. variable "ec2_autoscaling_endpoint_subnet_ids" {

  730.   description = "The ID of one or more subnets in which to create a network interface for EC2 Autoscaling endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  731.   type        = list(string)

  732.   default     = []

  733. }

  734. 

  735. variable "enable_ecr_api_endpoint" {

  736.   description = "Should be true if you want to provision an ecr api endpoint to the VPC"

  737.   type        = bool

  738.   default     = false

  739. }

  740. 

  741. variable "ecr_api_endpoint_subnet_ids" {

  742.   description = "The ID of one or more subnets in which to create a network interface for ECR api endpoint. If omitted, private subnets will be used."

  743.   type        = list(string)

  744.   default     = []

  745. }

  746. 

  747. variable "ecr_api_endpoint_private_dns_enabled" {

  748.   description = "Whether or not to associate a private hosted zone with the specified VPC for ECR API endpoint"

  749.   type        = bool

  750.   default     = false

  751. }

  752. 

  753. variable "ecr_api_endpoint_security_group_ids" {

  754.   description = "The ID of one or more security groups to associate with the network interface for ECR API endpoint"

  755.   type        = list(string)

  756.   default     = []

  757. }

  758. 

  759. variable "enable_ecr_dkr_endpoint" {

  760.   description = "Should be true if you want to provision an ecr dkr endpoint to the VPC"

  761.   type        = bool

  762.   default     = false

  763. }

  764. 

  765. variable "ecr_dkr_endpoint_subnet_ids" {

  766.   description = "The ID of one or more subnets in which to create a network interface for ECR dkr endpoint. If omitted, private subnets will be used."

  767.   type        = list(string)

  768.   default     = []

  769. }

  770. 

  771. variable "ecr_dkr_endpoint_private_dns_enabled" {

  772.   description = "Whether or not to associate a private hosted zone with the specified VPC for ECR DKR endpoint"

  773.   type        = bool

  774.   default     = false

  775. }

  776. 

  777. variable "ecr_dkr_endpoint_security_group_ids" {

  778.   description = "The ID of one or more security groups to associate with the network interface for ECR DKR endpoint"

  779.   type        = list(string)

  780.   default     = []

  781. }

  782. 

  783. variable "enable_kms_endpoint" {

  784.   description = "Should be true if you want to provision a KMS endpoint to the VPC"

  785.   type        = bool

  786.   default     = false

  787. }

  788. 

  789. variable "kms_endpoint_security_group_ids" {

  790.   description = "The ID of one or more security groups to associate with the network interface for KMS endpoint"

  791.   type        = list(string)

  792.   default     = []

  793. }

  794. 

  795. variable "kms_endpoint_subnet_ids" {

  796.   description = "The ID of one or more subnets in which to create a network interface for KMS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  797.   type        = list(string)

  798.   default     = []

  799. }

  800. 

  801. variable "kms_endpoint_private_dns_enabled" {

  802.   description = "Whether or not to associate a private hosted zone with the specified VPC for KMS endpoint"

  803.   type        = bool

  804.   default     = false

  805. }

  806. 

  807. variable "enable_ecs_endpoint" {

  808.   description = "Should be true if you want to provision a ECS endpoint to the VPC"

  809.   type        = bool

  810.   default     = false

  811. }

  812. 

  813. variable "ecs_endpoint_security_group_ids" {

  814.   description = "The ID of one or more security groups to associate with the network interface for ECS endpoint"

  815.   type        = list(string)

  816.   default     = []

  817. }

  818. 

  819. variable "ecs_endpoint_subnet_ids" {

  820.   description = "The ID of one or more subnets in which to create a network interface for ECS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  821.   type        = list(string)

  822.   default     = []

  823. }

  824. 

  825. variable "ecs_endpoint_private_dns_enabled" {

  826.   description = "Whether or not to associate a private hosted zone with the specified VPC for ECS endpoint"

  827.   type        = bool

  828.   default     = false

  829. }

  830. 

  831. variable "enable_ecs_agent_endpoint" {

  832.   description = "Should be true if you want to provision a ECS Agent endpoint to the VPC"

  833.   type        = bool

  834.   default     = false

  835. }

  836. 

  837. variable "ecs_agent_endpoint_security_group_ids" {

  838.   description = "The ID of one or more security groups to associate with the network interface for ECS Agent endpoint"

  839.   type        = list(string)

  840.   default     = []

  841. }

  842. 

  843. variable "ecs_agent_endpoint_subnet_ids" {

  844.   description = "The ID of one or more subnets in which to create a network interface for ECS Agent endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  845.   type        = list(string)

  846.   default     = []

  847. }

  848. 

  849. variable "ecs_agent_endpoint_private_dns_enabled" {

  850.   description = "Whether or not to associate a private hosted zone with the specified VPC for ECS Agent endpoint"

  851.   type        = bool

  852.   default     = false

  853. }

  854. 

  855. variable "enable_ecs_telemetry_endpoint" {

  856.   description = "Should be true if you want to provision a ECS Telemetry endpoint to the VPC"

  857.   type        = bool

  858.   default     = false

  859. }

  860. 

  861. variable "ecs_telemetry_endpoint_security_group_ids" {

  862.   description = "The ID of one or more security groups to associate with the network interface for ECS Telemetry endpoint"

  863.   type        = list(string)

  864.   default     = []

  865. }

  866. 

  867. variable "ecs_telemetry_endpoint_subnet_ids" {

  868.   description = "The ID of one or more subnets in which to create a network interface for ECS Telemetry endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  869.   type        = list(string)

  870.   default     = []

  871. }

  872. 

  873. variable "ecs_telemetry_endpoint_private_dns_enabled" {

  874.   description = "Whether or not to associate a private hosted zone with the specified VPC for ECS Telemetry endpoint"

  875.   type        = bool

  876.   default     = false

  877. }

  878. 

  879. variable "enable_sns_endpoint" {

  880.   description = "Should be true if you want to provision a SNS endpoint to the VPC"

  881.   type        = bool

  882.   default     = false

  883. }

  884. 

  885. variable "sns_endpoint_security_group_ids" {

  886.   description = "The ID of one or more security groups to associate with the network interface for SNS endpoint"

  887.   type        = list(string)

  888.   default     = []

  889. }

  890. 

  891. variable "sns_endpoint_subnet_ids" {

  892.   description = "The ID of one or more subnets in which to create a network interface for SNS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  893.   type        = list(string)

  894.   default     = []

  895. }

  896. 

  897. variable "sns_endpoint_private_dns_enabled" {

  898.   description = "Whether or not to associate a private hosted zone with the specified VPC for SNS endpoint"

  899.   type        = bool

  900.   default     = false

  901. }

  902. 

  903. variable "enable_monitoring_endpoint" {

  904.   description = "Should be true if you want to provision a CloudWatch Monitoring endpoint to the VPC"

  905.   type        = bool

  906.   default     = false

  907. }

  908. 

  909. variable "monitoring_endpoint_security_group_ids" {

  910.   description = "The ID of one or more security groups to associate with the network interface for CloudWatch Monitoring endpoint"

  911.   type        = list(string)

  912.   default     = []

  913. }

  914. 

  915. variable "monitoring_endpoint_subnet_ids" {

  916.   description = "The ID of one or more subnets in which to create a network interface for CloudWatch Monitoring endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  917.   type        = list(string)

  918.   default     = []

  919. }

  920. 

  921. variable "monitoring_endpoint_private_dns_enabled" {

  922.   description = "Whether or not to associate a private hosted zone with the specified VPC for CloudWatch Monitoring endpoint"

  923.   type        = bool

  924.   default     = false

  925. }

  926. 

  927. variable "enable_elasticloadbalancing_endpoint" {

  928.   description = "Should be true if you want to provision a Elastic Load Balancing endpoint to the VPC"

  929.   type        = bool

  930.   default     = false

  931. }

  932. 

  933. variable "elasticloadbalancing_endpoint_security_group_ids" {

  934.   description = "The ID of one or more security groups to associate with the network interface for Elastic Load Balancing endpoint"

  935.   type        = list(string)

  936.   default     = []

  937. }

  938. 

  939. variable "elasticloadbalancing_endpoint_subnet_ids" {

  940.   description = "The ID of one or more subnets in which to create a network interface for Elastic Load Balancing endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  941.   type        = list(string)

  942.   default     = []

  943. }

  944. 

  945. variable "elasticloadbalancing_endpoint_private_dns_enabled" {

  946.   description = "Whether or not to associate a private hosted zone with the specified VPC for Elastic Load Balancing endpoint"

  947.   type        = bool

  948.   default     = false

  949. }

  950. 

  951. variable "enable_events_endpoint" {

  952.   description = "Should be true if you want to provision a CloudWatch Events endpoint to the VPC"

  953.   type        = bool

  954.   default     = false

  955. }

  956. 

  957. variable "events_endpoint_security_group_ids" {

  958.   description = "The ID of one or more security groups to associate with the network interface for CloudWatch Events endpoint"

  959.   type        = list(string)

  960.   default     = []

  961. }

  962. 

  963. variable "events_endpoint_subnet_ids" {

  964.   description = "The ID of one or more subnets in which to create a network interface for CloudWatch Events endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  965.   type        = list(string)

  966.   default     = []

  967. }

  968. 

  969. variable "events_endpoint_private_dns_enabled" {

  970.   description = "Whether or not to associate a private hosted zone with the specified VPC for CloudWatch Events endpoint"

  971.   type        = bool

  972.   default     = false

  973. }

  974. 

  975. variable "enable_logs_endpoint" {

  976.   description = "Should be true if you want to provision a CloudWatch Logs endpoint to the VPC"

  977.   type        = bool

  978.   default     = false

  979. }

  980. 

  981. variable "logs_endpoint_security_group_ids" {

  982.   description = "The ID of one or more security groups to associate with the network interface for CloudWatch Logs endpoint"

  983.   type        = list(string)

  984.   default     = []

  985. }

  986. 

  987. variable "logs_endpoint_subnet_ids" {

  988.   description = "The ID of one or more subnets in which to create a network interface for CloudWatch Logs endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  989.   type        = list(string)

  990.   default     = []

  991. }

  992. 

  993. variable "logs_endpoint_private_dns_enabled" {

  994.   description = "Whether or not to associate a private hosted zone with the specified VPC for CloudWatch Logs endpoint"

  995.   type        = bool

  996.   default     = false

  997. }

  998. 

  999. variable "enable_cloudtrail_endpoint" {

  1000.   description = "Should be true if you want to provision a CloudTrail endpoint to the VPC"

  1001.   type        = bool

  1002.   default     = false

  1003. }

  1004. 

  1005. variable "cloudtrail_endpoint_security_group_ids" {

  1006.   description = "The ID of one or more security groups to associate with the network interface for CloudTrail endpoint"

  1007.   type        = list(string)

  1008.   default     = []

  1009. }

  1010. 

  1011. variable "cloudtrail_endpoint_subnet_ids" {

  1012.   description = "The ID of one or more subnets in which to create a network interface for CloudTrail endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1013.   type        = list(string)

  1014.   default     = []

  1015. }

  1016. 

  1017. variable "cloudtrail_endpoint_private_dns_enabled" {

  1018.   description = "Whether or not to associate a private hosted zone with the specified VPC for CloudTrail endpoint"

  1019.   type        = bool

  1020.   default     = false

  1021. }

  1022. 

  1023. variable "enable_kinesis_streams_endpoint" {

  1024.   description = "Should be true if you want to provision a Kinesis Streams endpoint to the VPC"

  1025.   type        = bool

  1026.   default     = false

  1027. }

  1028. 

  1029. variable "kinesis_streams_endpoint_security_group_ids" {

  1030.   description = "The ID of one or more security groups to associate with the network interface for Kinesis Streams endpoint"

  1031.   type        = list(string)

  1032.   default     = []

  1033. }

  1034. 

  1035. variable "kinesis_streams_endpoint_subnet_ids" {

  1036.   description = "The ID of one or more subnets in which to create a network interface for Kinesis Streams endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1037.   type        = list(string)

  1038.   default     = []

  1039. }

  1040. 

  1041. variable "kinesis_streams_endpoint_private_dns_enabled" {

  1042.   description = "Whether or not to associate a private hosted zone with the specified VPC for Kinesis Streams endpoint"

  1043.   type        = bool

  1044.   default     = false

  1045. }

  1046. 

  1047. variable "enable_kinesis_firehose_endpoint" {

  1048.   description = "Should be true if you want to provision a Kinesis Firehose endpoint to the VPC"

  1049.   type        = bool

  1050.   default     = false

  1051. }

  1052. 

  1053. variable "kinesis_firehose_endpoint_security_group_ids" {

  1054.   description = "The ID of one or more security groups to associate with the network interface for Kinesis Firehose endpoint"

  1055.   type        = list(string)

  1056.   default     = []

  1057. }

  1058. 

  1059. variable "kinesis_firehose_endpoint_subnet_ids" {

  1060.   description = "The ID of one or more subnets in which to create a network interface for Kinesis Firehose endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1061.   type        = list(string)

  1062.   default     = []

  1063. }

  1064. 

  1065. variable "kinesis_firehose_endpoint_private_dns_enabled" {

  1066.   description = "Whether or not to associate a private hosted zone with the specified VPC for Kinesis Firehose endpoint"

  1067.   type        = bool

  1068.   default     = false

  1069. }

  1070. 

  1071. variable "enable_glue_endpoint" {

  1072.   description = "Should be true if you want to provision a Glue endpoint to the VPC"

  1073.   type        = bool

  1074.   default     = false

  1075. }

  1076. 

  1077. variable "glue_endpoint_security_group_ids" {

  1078.   description = "The ID of one or more security groups to associate with the network interface for Glue endpoint"

  1079.   type        = list(string)

  1080.   default     = []

  1081. }

  1082. 

  1083. variable "glue_endpoint_subnet_ids" {

  1084.   description = "The ID of one or more subnets in which to create a network interface for Glue endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1085.   type        = list(string)

  1086.   default     = []

  1087. }

  1088. 

  1089. variable "glue_endpoint_private_dns_enabled" {

  1090.   description = "Whether or not to associate a private hosted zone with the specified VPC for Glue endpoint"

  1091.   type        = bool

  1092.   default     = false

  1093. }

  1094. 

  1095. variable "enable_sagemaker_notebook_endpoint" {

  1096.   description = "Should be true if you want to provision a Sagemaker Notebook endpoint to the VPC"

  1097.   type        = bool

  1098.   default     = false

  1099. }

  1100. 

  1101. variable "sagemaker_notebook_endpoint_region" {

  1102.   description = "Region to use for Sagemaker Notebook endpoint"

  1103.   type        = string

  1104.   default     = ""

  1105. }

  1106. 

  1107. variable "sagemaker_notebook_endpoint_security_group_ids" {

  1108.   description = "The ID of one or more security groups to associate with the network interface for Sagemaker Notebook endpoint"

  1109.   type        = list(string)

  1110.   default     = []

  1111. }

  1112. 

  1113. variable "sagemaker_notebook_endpoint_subnet_ids" {

  1114.   description = "The ID of one or more subnets in which to create a network interface for Sagemaker Notebook endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1115.   type        = list(string)

  1116.   default     = []

  1117. }

  1118. 

  1119. variable "sagemaker_notebook_endpoint_private_dns_enabled" {

  1120.   description = "Whether or not to associate a private hosted zone with the specified VPC for Sagemaker Notebook endpoint"

  1121.   type        = bool

  1122.   default     = false

  1123. }

  1124. 

  1125. variable "enable_sts_endpoint" {

  1126.   description = "Should be true if you want to provision a STS endpoint to the VPC"

  1127.   type        = bool

  1128.   default     = false

  1129. }

  1130. 

  1131. variable "sts_endpoint_security_group_ids" {

  1132.   description = "The ID of one or more security groups to associate with the network interface for STS endpoint"

  1133.   type        = list(string)

  1134.   default     = []

  1135. }

  1136. 

  1137. variable "sts_endpoint_subnet_ids" {

  1138.   description = "The ID of one or more subnets in which to create a network interface for STS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1139.   type        = list(string)

  1140.   default     = []

  1141. }

  1142. 

  1143. variable "sts_endpoint_private_dns_enabled" {

  1144.   description = "Whether or not to associate a private hosted zone with the specified VPC for STS endpoint"

  1145.   type        = bool

  1146.   default     = false

  1147. }

  1148. 

  1149. variable "enable_cloudformation_endpoint" {

  1150.   description = "Should be true if you want to provision a Cloudformation endpoint to the VPC"

  1151.   type        = bool

  1152.   default     = false

  1153. }

  1154. 

  1155. variable "cloudformation_endpoint_security_group_ids" {

  1156.   description = "The ID of one or more security groups to associate with the network interface for Cloudformation endpoint"

  1157.   type        = list(string)

  1158.   default     = []

  1159. }

  1160. 

  1161. variable "cloudformation_endpoint_subnet_ids" {

  1162.   description = "The ID of one or more subnets in which to create a network interface for Cloudformation endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1163.   type        = list(string)

  1164.   default     = []

  1165. }

  1166. 

  1167. variable "cloudformation_endpoint_private_dns_enabled" {

  1168.   description = "Whether or not to associate a private hosted zone with the specified VPC for Cloudformation endpoint"

  1169.   type        = bool

  1170.   default     = false

  1171. }

  1172. variable "enable_codepipeline_endpoint" {

  1173.   description = "Should be true if you want to provision a CodePipeline endpoint to the VPC"

  1174.   type        = bool

  1175.   default     = false

  1176. }

  1177. 

  1178. variable "codepipeline_endpoint_security_group_ids" {

  1179.   description = "The ID of one or more security groups to associate with the network interface for CodePipeline endpoint"

  1180.   type        = list(string)

  1181.   default     = []

  1182. }

  1183. 

  1184. variable "codepipeline_endpoint_subnet_ids" {

  1185.   description = "The ID of one or more subnets in which to create a network interface for CodePipeline endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1186.   type        = list(string)

  1187.   default     = []

  1188. }

  1189. 

  1190. variable "codepipeline_endpoint_private_dns_enabled" {

  1191.   description = "Whether or not to associate a private hosted zone with the specified VPC for CodePipeline endpoint"

  1192.   type        = bool

  1193.   default     = false

  1194. }

  1195. variable "enable_appmesh_envoy_management_endpoint" {

  1196.   description = "Should be true if you want to provision a AppMesh endpoint to the VPC"

  1197.   type        = bool

  1198.   default     = false

  1199. }

  1200. 

  1201. variable "appmesh_envoy_management_endpoint_security_group_ids" {

  1202.   description = "The ID of one or more security groups to associate with the network interface for AppMesh endpoint"

  1203.   type        = list(string)

  1204.   default     = []

  1205. }

  1206. 

  1207. variable "appmesh_envoy_management_endpoint_subnet_ids" {

  1208.   description = "The ID of one or more subnets in which to create a network interface for AppMesh endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1209.   type        = list(string)

  1210.   default     = []

  1211. }

  1212. 

  1213. variable "appmesh_envoy_management_endpoint_private_dns_enabled" {

  1214.   description = "Whether or not to associate a private hosted zone with the specified VPC for AppMesh endpoint"

  1215.   type        = bool

  1216.   default     = false

  1217. }

  1218. variable "enable_servicecatalog_endpoint" {

  1219.   description = "Should be true if you want to provision a Service Catalog endpoint to the VPC"

  1220.   type        = bool

  1221.   default     = false

  1222. }

  1223. 

  1224. variable "servicecatalog_endpoint_security_group_ids" {

  1225.   description = "The ID of one or more security groups to associate with the network interface for Service Catalog endpoint"

  1226.   type        = list(string)

  1227.   default     = []

  1228. }

  1229. 

  1230. variable "servicecatalog_endpoint_subnet_ids" {

  1231.   description = "The ID of one or more subnets in which to create a network interface for Service Catalog endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1232.   type        = list(string)

  1233.   default     = []

  1234. }

  1235. 

  1236. variable "servicecatalog_endpoint_private_dns_enabled" {

  1237.   description = "Whether or not to associate a private hosted zone with the specified VPC for Service Catalog endpoint"

  1238.   type        = bool

  1239.   default     = false

  1240. }

  1241. variable "enable_storagegateway_endpoint" {

  1242.   description = "Should be true if you want to provision a Storage Gateway endpoint to the VPC"

  1243.   type        = bool

  1244.   default     = false

  1245. }

  1246. 

  1247. variable "storagegateway_endpoint_security_group_ids" {

  1248.   description = "The ID of one or more security groups to associate with the network interface for Storage Gateway endpoint"

  1249.   type        = list(string)

  1250.   default     = []

  1251. }

  1252. 

  1253. variable "storagegateway_endpoint_subnet_ids" {

  1254.   description = "The ID of one or more subnets in which to create a network interface for Storage Gateway endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1255.   type        = list(string)

  1256.   default     = []

  1257. }

  1258. 

  1259. variable "storagegateway_endpoint_private_dns_enabled" {

  1260.   description = "Whether or not to associate a private hosted zone with the specified VPC for Storage Gateway endpoint"

  1261.   type        = bool

  1262.   default     = false

  1263. }

  1264. variable "enable_transfer_endpoint" {

  1265.   description = "Should be true if you want to provision a Transfer endpoint to the VPC"

  1266.   type        = bool

  1267.   default     = false

  1268. }

  1269. 

  1270. variable "transfer_endpoint_security_group_ids" {

  1271.   description = "The ID of one or more security groups to associate with the network interface for Transfer endpoint"

  1272.   type        = list(string)

  1273.   default     = []

  1274. }

  1275. 

  1276. variable "transfer_endpoint_subnet_ids" {

  1277.   description = "The ID of one or more subnets in which to create a network interface for Transfer endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1278.   type        = list(string)

  1279.   default     = []

  1280. }

  1281. 

  1282. variable "transfer_endpoint_private_dns_enabled" {

  1283.   description = "Whether or not to associate a private hosted zone with the specified VPC for Transfer endpoint"

  1284.   type        = bool

  1285.   default     = false

  1286. }

  1287. variable "enable_sagemaker_api_endpoint" {

  1288.   description = "Should be true if you want to provision a SageMaker API endpoint to the VPC"

  1289.   type        = bool

  1290.   default     = false

  1291. }

  1292. 

  1293. variable "sagemaker_api_endpoint_security_group_ids" {

  1294.   description = "The ID of one or more security groups to associate with the network interface for SageMaker API endpoint"

  1295.   type        = list(string)

  1296.   default     = []

  1297. }

  1298. 

  1299. variable "sagemaker_api_endpoint_subnet_ids" {

  1300.   description = "The ID of one or more subnets in which to create a network interface for SageMaker API endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1301.   type        = list(string)

  1302.   default     = []

  1303. }

  1304. 

  1305. variable "sagemaker_api_endpoint_private_dns_enabled" {

  1306.   description = "Whether or not to associate a private hosted zone with the specified VPC for SageMaker API endpoint"

  1307.   type        = bool

  1308.   default     = false

  1309. }

  1310. variable "enable_sagemaker_runtime_endpoint" {

  1311.   description = "Should be true if you want to provision a SageMaker Runtime endpoint to the VPC"

  1312.   type        = bool

  1313.   default     = false

  1314. }

  1315. 

  1316. variable "sagemaker_runtime_endpoint_security_group_ids" {

  1317.   description = "The ID of one or more security groups to associate with the network interface for SageMaker Runtime endpoint"

  1318.   type        = list(string)

  1319.   default     = []

  1320. }

  1321. 

  1322. variable "sagemaker_runtime_endpoint_subnet_ids" {

  1323.   description = "The ID of one or more subnets in which to create a network interface for SageMaker Runtime endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1324.   type        = list(string)

  1325.   default     = []

  1326. }

  1327. 

  1328. variable "sagemaker_runtime_endpoint_private_dns_enabled" {

  1329.   description = "Whether or not to associate a private hosted zone with the specified VPC for SageMaker Runtime endpoint"

  1330.   type        = bool

  1331.   default     = false

  1332. }

  1333. 

  1334. variable "enable_appstream_api_endpoint" {

  1335.   description = "Should be true if you want to provision a AppStream API endpoint to the VPC"

  1336.   type        = bool

  1337.   default     = false

  1338. }

  1339. 

  1340. variable "appstream_api_endpoint_security_group_ids" {

  1341.   description = "The ID of one or more security groups to associate with the network interface for AppStream API endpoint"

  1342.   type        = list(string)

  1343.   default     = []

  1344. }

  1345. 

  1346. variable "appstream_api_endpoint_subnet_ids" {

  1347.   description = "The ID of one or more subnets in which to create a network interface for AppStream API endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1348.   type        = list(string)

  1349.   default     = []

  1350. }

  1351. 

  1352. variable "appstream_api_endpoint_private_dns_enabled" {

  1353.   description = "Whether or not to associate a private hosted zone with the specified VPC for AppStream API endpoint"

  1354.   type        = bool

  1355.   default     = false

  1356. }

  1357. 

  1358. variable "enable_appstream_streaming_endpoint" {

  1359.   description = "Should be true if you want to provision a AppStream Streaming endpoint to the VPC"

  1360.   type        = bool

  1361.   default     = false

  1362. }

  1363. 

  1364. variable "appstream_streaming_endpoint_security_group_ids" {

  1365.   description = "The ID of one or more security groups to associate with the network interface for AppStream Streaming endpoint"

  1366.   type        = list(string)

  1367.   default     = []

  1368. }

  1369. 

  1370. variable "appstream_streaming_endpoint_subnet_ids" {

  1371.   description = "The ID of one or more subnets in which to create a network interface for AppStream Streaming endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1372.   type        = list(string)

  1373.   default     = []

  1374. }

  1375. 

  1376. variable "appstream_streaming_endpoint_private_dns_enabled" {

  1377.   description = "Whether or not to associate a private hosted zone with the specified VPC for AppStream Streaming endpoint"

  1378.   type        = bool

  1379.   default     = false

  1380. }

  1381. 

  1382. variable "enable_athena_endpoint" {

  1383.   description = "Should be true if you want to provision a Athena endpoint to the VPC"

  1384.   type        = bool

  1385.   default     = false

  1386. }

  1387. 

  1388. variable "athena_endpoint_security_group_ids" {

  1389.   description = "The ID of one or more security groups to associate with the network interface for Athena endpoint"

  1390.   type        = list(string)

  1391.   default     = []

  1392. }

  1393. 

  1394. variable "athena_endpoint_subnet_ids" {

  1395.   description = "The ID of one or more subnets in which to create a network interface for Athena endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1396.   type        = list(string)

  1397.   default     = []

  1398. }

  1399. 

  1400. variable "athena_endpoint_private_dns_enabled" {

  1401.   description = "Whether or not to associate a private hosted zone with the specified VPC for Athena endpoint"

  1402.   type        = bool

  1403.   default     = false

  1404. }

  1405. 

  1406. variable "enable_rekognition_endpoint" {

  1407.   description = "Should be true if you want to provision a Rekognition endpoint to the VPC"

  1408.   type        = bool

  1409.   default     = false

  1410. }

  1411. 

  1412. variable "rekognition_endpoint_security_group_ids" {

  1413.   description = "The ID of one or more security groups to associate with the network interface for Rekognition endpoint"

  1414.   type        = list(string)

  1415.   default     = []

  1416. }

  1417. 

  1418. variable "rekognition_endpoint_subnet_ids" {

  1419.   description = "The ID of one or more subnets in which to create a network interface for Rekognition endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1420.   type        = list(string)

  1421.   default     = []

  1422. }

  1423. 

  1424. variable "rekognition_endpoint_private_dns_enabled" {

  1425.   description = "Whether or not to associate a private hosted zone with the specified VPC for Rekognition endpoint"

  1426.   type        = bool

  1427.   default     = false

  1428. }

  1429. 

  1430. variable "enable_efs_endpoint" {

  1431.   description = "Should be true if you want to provision an EFS endpoint to the VPC"

  1432.   type        = bool

  1433.   default     = false

  1434. }

  1435. 

  1436. variable "efs_endpoint_security_group_ids" {

  1437.   description = "The ID of one or more security groups to associate with the network interface for EFS endpoint"

  1438.   type        = list(string)

  1439.   default     = []

  1440. }

  1441. 

  1442. variable "efs_endpoint_subnet_ids" {

  1443.   description = "The ID of one or more subnets in which to create a network interface for EFS endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1444.   type        = list(string)

  1445.   default     = []

  1446. }

  1447. 

  1448. variable "efs_endpoint_private_dns_enabled" {

  1449.   description = "Whether or not to associate a private hosted zone with the specified VPC for EFS endpoint"

  1450.   type        = bool

  1451.   default     = false

  1452. }

  1453. 

  1454. variable "enable_cloud_directory_endpoint" {

  1455.   description = "Should be true if you want to provision an Cloud Directory endpoint to the VPC"

  1456.   type        = bool

  1457.   default     = false

  1458. }

  1459. 

  1460. variable "cloud_directory_endpoint_security_group_ids" {

  1461.   description = "The ID of one or more security groups to associate with the network interface for Cloud Directory endpoint"

  1462.   type        = list(string)

  1463.   default     = []

  1464. }

  1465. 

  1466. variable "cloud_directory_endpoint_subnet_ids" {

  1467.   description = "The ID of one or more subnets in which to create a network interface for Cloud Directory endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1468.   type        = list(string)

  1469.   default     = []

  1470. }

  1471. 

  1472. variable "cloud_directory_endpoint_private_dns_enabled" {

  1473.   description = "Whether or not to associate a private hosted zone with the specified VPC for Cloud Directory endpoint"

  1474.   type        = bool

  1475.   default     = false

  1476. }

  1477. 

  1478. variable "enable_ses_endpoint" {

  1479.   description = "Should be true if you want to provision an SES endpoint to the VPC"

  1480.   type        = bool

  1481.   default     = false

  1482. }

  1483. 

  1484. variable "ses_endpoint_security_group_ids" {

  1485.   description = "The ID of one or more security groups to associate with the network interface for SES endpoint"

  1486.   type        = list(string)

  1487.   default     = []

  1488. }

  1489. 

  1490. variable "ses_endpoint_subnet_ids" {

  1491.   description = "The ID of one or more subnets in which to create a network interface for SES endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1492.   type        = list(string)

  1493.   default     = []

  1494. }

  1495. 

  1496. variable "enable_auto_scaling_plans_endpoint" {

  1497.   description = "Should be true if you want to provision an Auto Scaling Plans endpoint to the VPC"

  1498.   type        = bool

  1499.   default     = false

  1500. }

  1501. 

  1502. variable "auto_scaling_plans_endpoint_security_group_ids" {

  1503.   description = "The ID of one or more security groups to associate with the network interface for Auto Scaling Plans endpoint"

  1504.   type        = list(string)

  1505.   default     = []

  1506. }

  1507. 

  1508. variable "auto_scaling_plans_endpoint_subnet_ids" {

  1509.   description = "The ID of one or more subnets in which to create a network interface for Auto Scaling Plans endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1510.   type        = list(string)

  1511.   default     = []

  1512. }

  1513. 

  1514. variable "auto_scaling_plans_endpoint_private_dns_enabled" {

  1515.   description = "Whether or not to associate a private hosted zone with the specified VPC for Auto Scaling Plans endpoint"

  1516.   type        = bool

  1517.   default     = false

  1518. }

  1519. 

  1520. variable "ses_endpoint_private_dns_enabled" {

  1521.   description = "Whether or not to associate a private hosted zone with the specified VPC for SES endpoint"

  1522.   type        = bool

  1523.   default     = false

  1524. }

  1525. 

  1526. variable "enable_workspaces_endpoint" {

  1527.   description = "Should be true if you want to provision an Workspaces endpoint to the VPC"

  1528.   type        = bool

  1529.   default     = false

  1530. }

  1531. 

  1532. variable "workspaces_endpoint_security_group_ids" {

  1533.   description = "The ID of one or more security groups to associate with the network interface for Workspaces endpoint"

  1534.   type        = list(string)

  1535.   default     = []

  1536. }

  1537. 

  1538. variable "workspaces_endpoint_subnet_ids" {

  1539.   description = "The ID of one or more subnets in which to create a network interface for Workspaces endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1540.   type        = list(string)

  1541.   default     = []

  1542. }

  1543. 

  1544. variable "workspaces_endpoint_private_dns_enabled" {

  1545.   description = "Whether or not to associate a private hosted zone with the specified VPC for Workspaces endpoint"

  1546.   type        = bool

  1547.   default     = false

  1548. }

  1549. 

  1550. variable "enable_access_analyzer_endpoint" {

  1551.   description = "Should be true if you want to provision an Access Analyzer endpoint to the VPC"

  1552.   type        = bool

  1553.   default     = false

  1554. }

  1555. 

  1556. variable "access_analyzer_endpoint_security_group_ids" {

  1557.   description = "The ID of one or more security groups to associate with the network interface for Access Analyzer endpoint"

  1558.   type        = list(string)

  1559.   default     = []

  1560. }

  1561. 

  1562. variable "access_analyzer_endpoint_subnet_ids" {

  1563.   description = "The ID of one or more subnets in which to create a network interface for Access Analyzer endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1564.   type        = list(string)

  1565.   default     = []

  1566. }

  1567. 

  1568. variable "access_analyzer_endpoint_private_dns_enabled" {

  1569.   description = "Whether or not to associate a private hosted zone with the specified VPC for Access Analyzer endpoint"

  1570.   type        = bool

  1571.   default     = false

  1572. }

  1573. 

  1574. variable "enable_ebs_endpoint" {

  1575.   description = "Should be true if you want to provision an EBS endpoint to the VPC"

  1576.   type        = bool

  1577.   default     = false

  1578. }

  1579. 

  1580. variable "ebs_endpoint_security_group_ids" {

  1581.   description = "The ID of one or more security groups to associate with the network interface for EBS endpoint"

  1582.   type        = list(string)

  1583.   default     = []

  1584. }

  1585. 

  1586. variable "ebs_endpoint_subnet_ids" {

  1587.   description = "The ID of one or more subnets in which to create a network interface for EBS endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1588.   type        = list(string)

  1589.   default     = []

  1590. }

  1591. 

  1592. variable "ebs_endpoint_private_dns_enabled" {

  1593.   description = "Whether or not to associate a private hosted zone with the specified VPC for EBS endpoint"

  1594.   type        = bool

  1595.   default     = false

  1596. }

  1597. 

  1598. variable "enable_datasync_endpoint" {

  1599.   description = "Should be true if you want to provision an Data Sync endpoint to the VPC"

  1600.   type        = bool

  1601.   default     = false

  1602. }

  1603. 

  1604. variable "datasync_endpoint_security_group_ids" {

  1605.   description = "The ID of one or more security groups to associate with the network interface for Data Sync endpoint"

  1606.   type        = list(string)

  1607.   default     = []

  1608. }

  1609. 

  1610. variable "datasync_endpoint_subnet_ids" {

  1611.   description = "The ID of one or more subnets in which to create a network interface for Data Sync endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1612.   type        = list(string)

  1613.   default     = []

  1614. }

  1615. 

  1616. variable "datasync_endpoint_private_dns_enabled" {

  1617.   description = "Whether or not to associate a private hosted zone with the specified VPC for Data Sync endpoint"

  1618.   type        = bool

  1619.   default     = false

  1620. }

  1621. 

  1622. variable "enable_elastic_inference_runtime_endpoint" {

  1623.   description = "Should be true if you want to provision an Elastic Inference Runtime endpoint to the VPC"

  1624.   type        = bool

  1625.   default     = false

  1626. }

  1627. 

  1628. variable "elastic_inference_runtime_endpoint_security_group_ids" {

  1629.   description = "The ID of one or more security groups to associate with the network interface for Elastic Inference Runtime endpoint"

  1630.   type        = list(string)

  1631.   default     = []

  1632. }

  1633. 

  1634. variable "elastic_inference_runtime_endpoint_subnet_ids" {

  1635.   description = "The ID of one or more subnets in which to create a network interface for Elastic Inference Runtime endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1636.   type        = list(string)

  1637.   default     = []

  1638. }

  1639. 

  1640. variable "elastic_inference_runtime_endpoint_private_dns_enabled" {

  1641.   description = "Whether or not to associate a private hosted zone with the specified VPC for Elastic Inference Runtime endpoint"

  1642.   type        = bool

  1643.   default     = false

  1644. }

  1645. 

  1646. variable "enable_sms_endpoint" {

  1647.   description = "Should be true if you want to provision an SMS endpoint to the VPC"

  1648.   type        = bool

  1649.   default     = false

  1650. }

  1651. 

  1652. variable "sms_endpoint_security_group_ids" {

  1653.   description = "The ID of one or more security groups to associate with the network interface for SMS endpoint"

  1654.   type        = list(string)

  1655.   default     = []

  1656. }

  1657. 

  1658. variable "sms_endpoint_subnet_ids" {

  1659.   description = "The ID of one or more subnets in which to create a network interface for SMS endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1660.   type        = list(string)

  1661.   default     = []

  1662. }

  1663. 

  1664. variable "sms_endpoint_private_dns_enabled" {

  1665.   description = "Whether or not to associate a private hosted zone with the specified VPC for SMS endpoint"

  1666.   type        = bool

  1667.   default     = false

  1668. }

  1669. 

  1670. variable "enable_emr_endpoint" {

  1671.   description = "Should be true if you want to provision an EMR endpoint to the VPC"

  1672.   type        = bool

  1673.   default     = false

  1674. }

  1675. 

  1676. variable "emr_endpoint_security_group_ids" {

  1677.   description = "The ID of one or more security groups to associate with the network interface for EMR endpoint"

  1678.   type        = list(string)

  1679.   default     = []

  1680. }

  1681. 

  1682. variable "emr_endpoint_subnet_ids" {

  1683.   description = "The ID of one or more subnets in which to create a network interface for EMR endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1684.   type        = list(string)

  1685.   default     = []

  1686. }

  1687. 

  1688. variable "emr_endpoint_private_dns_enabled" {

  1689.   description = "Whether or not to associate a private hosted zone with the specified VPC for EMR endpoint"

  1690.   type        = bool

  1691.   default     = false

  1692. }

  1693. 

  1694. variable "enable_qldb_session_endpoint" {

  1695.   description = "Should be true if you want to provision an QLDB Session endpoint to the VPC"

  1696.   type        = bool

  1697.   default     = false

  1698. }

  1699. 

  1700. variable "qldb_session_endpoint_security_group_ids" {

  1701.   description = "The ID of one or more security groups to associate with the network interface for QLDB Session endpoint"

  1702.   type        = list(string)

  1703.   default     = []

  1704. }

  1705. 

  1706. variable "qldb_session_endpoint_subnet_ids" {

  1707.   description = "The ID of one or more subnets in which to create a network interface for QLDB Session endpoint. Only a single subnet within an AZ is supported. Ifomitted, private subnets will be used."

  1708.   type        = list(string)

  1709.   default     = []

  1710. }

  1711. 

  1712. variable "qldb_session_endpoint_private_dns_enabled" {

  1713.   description = "Whether or not to associate a private hosted zone with the specified VPC for QLDB Session endpoint"

  1714.   type        = bool

  1715.   default     = false

  1716. }

  1717. 

  1718. variable "enable_elasticbeanstalk_endpoint" {

  1719.   description = "Should be true if you want to provision a Elastic Beanstalk endpoint to the VPC"

  1720.   type        = bool

  1721.   default     = false

  1722. }

  1723. 

  1724. variable "elasticbeanstalk_endpoint_security_group_ids" {

  1725.   description = "The ID of one or more security groups to associate with the network interface for Elastic Beanstalk endpoint"

  1726.   type        = list(string)

  1727.   default     = []

  1728. }

  1729. 

  1730. variable "elasticbeanstalk_endpoint_subnet_ids" {

  1731.   description = "The ID of one or more subnets in which to create a network interface for Elastic Beanstalk endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1732.   type        = list(string)

  1733.   default     = []

  1734. }

  1735. 

  1736. variable "elasticbeanstalk_endpoint_private_dns_enabled" {

  1737.   description = "Whether or not to associate a private hosted zone with the specified VPC for Elastic Beanstalk endpoint"

  1738.   type        = bool

  1739.   default     = false

  1740. }

  1741. 

  1742. variable "enable_elasticbeanstalk_health_endpoint" {

  1743.   description = "Should be true if you want to provision a Elastic Beanstalk Health endpoint to the VPC"

  1744.   type        = bool

  1745.   default     = false

  1746. }

  1747. 

  1748. variable "elasticbeanstalk_health_endpoint_security_group_ids" {

  1749.   description = "The ID of one or more security groups to associate with the network interface for Elastic Beanstalk Health endpoint"

  1750.   type        = list(string)

  1751.   default     = []

  1752. }

  1753. 

  1754. variable "elasticbeanstalk_health_endpoint_subnet_ids" {

  1755.   description = "The ID of one or more subnets in which to create a network interface for Elastic Beanstalk Health endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1756.   type        = list(string)

  1757.   default     = []

  1758. }

  1759. 

  1760. variable "elasticbeanstalk_health_endpoint_private_dns_enabled" {

  1761.   description = "Whether or not to associate a private hosted zone with the specified VPC for Elastic Beanstalk Health endpoint"

  1762.   type        = bool

  1763.   default     = false

  1764. }

  1765. 

  1766. variable "enable_states_endpoint" {

  1767.   description = "Should be true if you want to provision a Step Function endpoint to the VPC"

  1768.   type        = bool

  1769.   default     = false

  1770. }

  1771. 

  1772. variable "states_endpoint_security_group_ids" {

  1773.   description = "The ID of one or more security groups to associate with the network interface for Step Function endpoint"

  1774.   type        = list(string)

  1775.   default     = []

  1776. }

  1777. 

  1778. variable "states_endpoint_subnet_ids" {

  1779.   description = "The ID of one or more subnets in which to create a network interface for Step Function endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1780.   type        = list(string)

  1781.   default     = []

  1782. }

  1783. 

  1784. variable "states_endpoint_private_dns_enabled" {

  1785.   description = "Whether or not to associate a private hosted zone with the specified VPC for Step Function endpoint"

  1786.   type        = bool

  1787.   default     = false

  1788. }

  1789. 

  1790. variable "enable_acm_pca_endpoint" {

  1791.   description = "Should be true if you want to provision an ACM PCA endpoint to the VPC"

  1792.   type        = bool

  1793.   default     = false

  1794. }

  1795. 

  1796. variable "enable_rds_endpoint" {

  1797.   description = "Should be true if you want to provision an RDS endpoint to the VPC"

  1798.   type        = bool

  1799.   default     = false

  1800. }

  1801. 

  1802. variable "rds_endpoint_security_group_ids" {

  1803.   description = "The ID of one or more security groups to associate with the network interface for RDS endpoint"

  1804.   type        = list(string)

  1805.   default     = []

  1806. }

  1807. 

  1808. variable "rds_endpoint_subnet_ids" {

  1809.   description = "The ID of one or more subnets in which to create a network interface for RDS endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1810.   type        = list(string)

  1811.   default     = []

  1812. }

  1813. 

  1814. variable "rds_endpoint_private_dns_enabled" {

  1815.   description = "Whether or not to associate a private hosted zone with the specified VPC for RDS endpoint"

  1816.   type        = bool

  1817.   default     = false

  1818. }

  1819. 

  1820. variable "enable_codedeploy_endpoint" {

  1821.   description = "Should be true if you want to provision an CodeDeploy endpoint to the VPC"

  1822.   type        = bool

  1823.   default     = false

  1824. }

  1825. 

  1826. variable "codedeploy_endpoint_security_group_ids" {

  1827.   description = "The ID of one or more security groups to associate with the network interface for CodeDeploy endpoint"

  1828.   type        = list(string)

  1829.   default     = []

  1830. }

  1831. 

  1832. variable "codedeploy_endpoint_subnet_ids" {

  1833.   description = "The ID of one or more subnets in which to create a network interface for CodeDeploy endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1834.   type        = list(string)

  1835.   default     = []

  1836. }

  1837. 

  1838. variable "codedeploy_endpoint_private_dns_enabled" {

  1839.   description = "Whether or not to associate a private hosted zone with the specified VPC for CodeDeploy endpoint"

  1840.   type        = bool

  1841.   default     = false

  1842. }

  1843. 

  1844. variable "enable_codedeploy_commands_secure_endpoint" {

  1845.   description = "Should be true if you want to provision an CodeDeploy Commands Secure endpoint to the VPC"

  1846.   type        = bool

  1847.   default     = false

  1848. }

  1849. 

  1850. variable "codedeploy_commands_secure_endpoint_security_group_ids" {

  1851.   description = "The ID of one or more security groups to associate with the network interface for CodeDeploy Commands Secure endpoint"

  1852.   type        = list(string)

  1853.   default     = []

  1854. }

  1855. 

  1856. variable "codedeploy_commands_secure_endpoint_subnet_ids" {

  1857.   description = "The ID of one or more subnets in which to create a network interface for CodeDeploy Commands Secure endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1858.   type        = list(string)

  1859.   default     = []

  1860. }

  1861. 

  1862. variable "codedeploy_commands_secure_endpoint_private_dns_enabled" {

  1863.   description = "Whether or not to associate a private hosted zone with the specified VPC for CodeDeploy Commands Secure endpoint"

  1864.   type        = bool

  1865.   default     = false

  1866. }

  1867. 

  1868. variable "acm_pca_endpoint_security_group_ids" {

  1869.   description = "The ID of one or more security groups to associate with the network interface for ACM PCA endpoint"

  1870.   type        = list(string)

  1871.   default     = []

  1872. }

  1873. 

  1874. variable "acm_pca_endpoint_subnet_ids" {

  1875.   description = "The ID of one or more subnets in which to create a network interface for ACM PCA endpoint. Only a single subnet within an AZ is supported. If omitted, private subnets will be used."

  1876.   type        = list(string)

  1877.   default     = []

  1878. }

  1879. 

  1880. variable "acm_pca_endpoint_private_dns_enabled" {

  1881.   description = "Whether or not to associate a private hosted zone with the specified VPC for ACM PCA endpoint"

  1882.   type        = bool

  1883.   default     = false

  1884. }

  1885. 

  1886. variable "map_public_ip_on_launch" {

  1887.   description = "Should be false if you do not want to auto-assign public IP on launch"

  1888.   type        = bool

  1889.   default     = true

  1890. }

  1891. 

  1892. variable "customer_gateways" {

  1893.   description = "Maps of Customer Gateway's attributes (BGP ASN and Gateway's Internet-routable external IP address)"

  1894.   type        = map(map(any))

  1895.   default     = {}

  1896. }

  1897. 

  1898. variable "enable_vpn_gateway" {

  1899.   description = "Should be true if you want to create a new VPN Gateway resource and attach it to the VPC"

  1900.   type        = bool

  1901.   default     = false

  1902. }

  1903. 

  1904. variable "vpn_gateway_id" {

  1905.   description = "ID of VPN Gateway to attach to the VPC"

  1906.   type        = string

  1907.   default     = ""

  1908. }

  1909. 

  1910. variable "amazon_side_asn" {

  1911.   description = "The Autonomous System Number (ASN) for the Amazon side of the gateway. By default the virtual private gateway is created with the current default Amazon ASN."

  1912.   type        = string

  1913.   default     = "64512"

  1914. }

  1915. 

  1916. variable "vpn_gateway_az" {

  1917.   description = "The Availability Zone for the VPN Gateway"

  1918.   type        = string

  1919.   default     = null

  1920. }

  1921. 

  1922. variable "propagate_intra_route_tables_vgw" {

  1923.   description = "Should be true if you want route table propagation"

  1924.   type        = bool

  1925.   default     = false

  1926. }

  1927. 

  1928. variable "propagate_private_route_tables_vgw" {

  1929.   description = "Should be true if you want route table propagation"

  1930.   type        = bool

  1931.   default     = false

  1932. }

  1933. 

  1934. variable "propagate_public_route_tables_vgw" {

  1935.   description = "Should be true if you want route table propagation"

  1936.   type        = bool

  1937.   default     = false

  1938. }

  1939. 

  1940. variable "tags" {

  1941.   description = "A map of tags to add to all resources"

  1942.   type        = map(string)

  1943.   default     = {}

  1944. }

  1945. 

  1946. variable "vpc_tags" {

  1947.   description = "Additional tags for the VPC"

  1948.   type        = map(string)

  1949.   default     = {}

  1950. }

  1951. 

  1952. variable "igw_tags" {

  1953.   description = "Additional tags for the internet gateway"

  1954.   type        = map(string)

  1955.   default     = {}

  1956. }

  1957. 

  1958. variable "public_subnet_tags" {

  1959.   description = "Additional tags for the public subnets"

  1960.   type        = map(string)

  1961.   default     = {}

  1962. }

  1963. 

  1964. variable "private_subnet_tags" {

  1965.   description = "Additional tags for the private subnets"

  1966.   type        = map(string)

  1967.   default     = {}

  1968. }

  1969. 

  1970. variable "public_route_table_tags" {

  1971.   description = "Additional tags for the public route tables"

  1972.   type        = map(string)

  1973.   default     = {}

  1974. }

  1975. 

  1976. variable "private_route_table_tags" {

  1977.   description = "Additional tags for the private route tables"

  1978.   type        = map(string)

  1979.   default     = {}

  1980. }

  1981. 

  1982. variable "database_route_table_tags" {

  1983.   description = "Additional tags for the database route tables"

  1984.   type        = map(string)

  1985.   default     = {}

  1986. }

  1987. 

  1988. variable "redshift_route_table_tags" {

  1989.   description = "Additional tags for the redshift route tables"

  1990.   type        = map(string)

  1991.   default     = {}

  1992. }

  1993. 

  1994. variable "elasticache_route_table_tags" {

  1995.   description = "Additional tags for the elasticache route tables"

  1996.   type        = map(string)

  1997.   default     = {}

  1998. }

  1999. 

  2000. variable "intra_route_table_tags" {

  2001.   description = "Additional tags for the intra route tables"

  2002.   type        = map(string)

  2003.   default     = {}

  2004. }

  2005. 

  2006. variable "database_subnet_tags" {

  2007.   description = "Additional tags for the database subnets"

  2008.   type        = map(string)

  2009.   default     = {}

  2010. }

  2011. 

  2012. variable "database_subnet_group_tags" {

  2013.   description = "Additional tags for the database subnet group"

  2014.   type        = map(string)

  2015.   default     = {}

  2016. }

  2017. 

  2018. variable "redshift_subnet_tags" {

  2019.   description = "Additional tags for the redshift subnets"

  2020.   type        = map(string)

  2021.   default     = {}

  2022. }

  2023. 

  2024. variable "redshift_subnet_group_tags" {

  2025.   description = "Additional tags for the redshift subnet group"

  2026.   type        = map(string)

  2027.   default     = {}

  2028. }

  2029. 

  2030. variable "elasticache_subnet_tags" {

  2031.   description = "Additional tags for the elasticache subnets"

  2032.   type        = map(string)

  2033.   default     = {}

  2034. }

  2035. 

  2036. variable "intra_subnet_tags" {

  2037.   description = "Additional tags for the intra subnets"

  2038.   type        = map(string)

  2039.   default     = {}

  2040. }

  2041. 

  2042. variable "public_acl_tags" {

  2043.   description = "Additional tags for the public subnets network ACL"

  2044.   type        = map(string)

  2045.   default     = {}

  2046. }

  2047. 

  2048. variable "private_acl_tags" {

  2049.   description = "Additional tags for the private subnets network ACL"

  2050.   type        = map(string)

  2051.   default     = {}

  2052. }

  2053. 

  2054. variable "intra_acl_tags" {

  2055.   description = "Additional tags for the intra subnets network ACL"

  2056.   type        = map(string)

  2057.   default     = {}

  2058. }

  2059. 

  2060. variable "database_acl_tags" {

  2061.   description = "Additional tags for the database subnets network ACL"

  2062.   type        = map(string)

  2063.   default     = {}

  2064. }

  2065. 

  2066. variable "redshift_acl_tags" {

  2067.   description = "Additional tags for the redshift subnets network ACL"

  2068.   type        = map(string)

  2069.   default     = {}

  2070. }

  2071. 

  2072. variable "elasticache_acl_tags" {

  2073.   description = "Additional tags for the elasticache subnets network ACL"

  2074.   type        = map(string)

  2075.   default     = {}

  2076. }

  2077. 

  2078. variable "dhcp_options_tags" {

  2079.   description = "Additional tags for the DHCP option set (requires enable_dhcp_options set to true)"

  2080.   type        = map(string)

  2081.   default     = {}

  2082. }

  2083. 

  2084. variable "nat_gateway_tags" {

  2085.   description = "Additional tags for the NAT gateways"

  2086.   type        = map(string)

  2087.   default     = {}

  2088. }

  2089. 

  2090. variable "nat_eip_tags" {

  2091.   description = "Additional tags for the NAT EIP"

  2092.   type        = map(string)

  2093.   default     = {}

  2094. }

  2095. 

  2096. variable "customer_gateway_tags" {

  2097.   description = "Additional tags for the Customer Gateway"

  2098.   type        = map(string)

  2099.   default     = {}

  2100. }

  2101. 

  2102. variable "vpn_gateway_tags" {

  2103.   description = "Additional tags for the VPN gateway"

  2104.   type        = map(string)

  2105.   default     = {}

  2106. }

  2107. 

  2108. variable "vpc_endpoint_tags" {

  2109.   description = "Additional tags for the VPC Endpoints"

  2110.   type        = map(string)

  2111.   default     = {}

  2112. }

  2113. 

  2114. variable "vpc_flow_log_tags" {

  2115.   description = "Additional tags for the VPC Flow Logs"

  2116.   type        = map(string)

  2117.   default     = {}

  2118. }

  2119. 

  2120. variable "enable_dhcp_options" {

  2121.   description = "Should be true if you want to specify a DHCP options set with a custom domain name, DNS servers, NTP servers, netbios servers, and/or netbios server type"

  2122.   type        = bool

  2123.   default     = false

  2124. }

  2125. 

  2126. variable "dhcp_options_domain_name" {

  2127.   description = "Specifies DNS name for DHCP options set (requires enable_dhcp_options set to true)"

  2128.   type        = string

  2129.   default     = ""

  2130. }

  2131. 

  2132. variable "dhcp_options_domain_name_servers" {

  2133.   description = "Specify a list of DNS server addresses for DHCP options set, default to AWS provided (requires enable_dhcp_options set to true)"

  2134.   type        = list(string)

  2135.   default     = ["AmazonProvidedDNS"]

  2136. }

  2137. 

  2138. variable "dhcp_options_ntp_servers" {

  2139.   description = "Specify a list of NTP servers for DHCP options set (requires enable_dhcp_options set to true)"

  2140.   type        = list(string)

  2141.   default     = []

  2142. }

  2143. 

  2144. variable "dhcp_options_netbios_name_servers" {

  2145.   description = "Specify a list of netbios servers for DHCP options set (requires enable_dhcp_options set to true)"

  2146.   type        = list(string)

  2147.   default     = []

  2148. }

  2149. 

  2150. variable "dhcp_options_netbios_node_type" {

  2151.   description = "Specify netbios node_type for DHCP options set (requires enable_dhcp_options set to true)"

  2152.   type        = string

  2153.   default     = ""

  2154. }

  2155. 

  2156. variable "manage_default_vpc" {

  2157.   description = "Should be true to adopt and manage Default VPC"

  2158.   type        = bool

  2159.   default     = false

  2160. }

  2161. 

  2162. variable "default_vpc_name" {

  2163.   description = "Name to be used on the Default VPC"

  2164.   type        = string

  2165.   default     = ""

  2166. }

  2167. 

  2168. variable "default_vpc_enable_dns_support" {

  2169.   description = "Should be true to enable DNS support in the Default VPC"

  2170.   type        = bool

  2171.   default     = true

  2172. }

  2173. 

  2174. variable "default_vpc_enable_dns_hostnames" {

  2175.   description = "Should be true to enable DNS hostnames in the Default VPC"

  2176.   type        = bool

  2177.   default     = false

  2178. }

  2179. 

  2180. variable "default_vpc_enable_classiclink" {

  2181.   description = "Should be true to enable ClassicLink in the Default VPC"

  2182.   type        = bool

  2183.   default     = false

  2184. }

  2185. 

  2186. variable "default_vpc_tags" {

  2187.   description = "Additional tags for the Default VPC"

  2188.   type        = map(string)

  2189.   default     = {}

  2190. }

  2191. 

  2192. variable "manage_default_network_acl" {

  2193.   description = "Should be true to adopt and manage Default Network ACL"

  2194.   type        = bool

  2195.   default     = false

  2196. }

  2197. 

  2198. variable "default_network_acl_name" {

  2199.   description = "Name to be used on the Default Network ACL"

  2200.   type        = string

  2201.   default     = ""

  2202. }

  2203. 

  2204. variable "default_network_acl_tags" {

  2205.   description = "Additional tags for the Default Network ACL"

  2206.   type        = map(string)

  2207.   default     = {}

  2208. }

  2209. 

  2210. variable "public_dedicated_network_acl" {

  2211.   description = "Whether to use dedicated network ACL (not default) and custom rules for public subnets"

  2212.   type        = bool

  2213.   default     = false

  2214. }

  2215. 

  2216. variable "private_dedicated_network_acl" {

  2217.   description = "Whether to use dedicated network ACL (not default) and custom rules for private subnets"

  2218.   type        = bool

  2219.   default     = false

  2220. }

  2221. 

  2222. variable "intra_dedicated_network_acl" {

  2223.   description = "Whether to use dedicated network ACL (not default) and custom rules for intra subnets"

  2224.   type        = bool

  2225.   default     = false

  2226. }

  2227. 

  2228. variable "database_dedicated_network_acl" {

  2229.   description = "Whether to use dedicated network ACL (not default) and custom rules for database subnets"

  2230.   type        = bool

  2231.   default     = false

  2232. }

  2233. 

  2234. variable "redshift_dedicated_network_acl" {

  2235.   description = "Whether to use dedicated network ACL (not default) and custom rules for redshift subnets"

  2236.   type        = bool

  2237.   default     = false

  2238. }

  2239. 

  2240. variable "elasticache_dedicated_network_acl" {

  2241.   description = "Whether to use dedicated network ACL (not default) and custom rules for elasticache subnets"

  2242.   type        = bool

  2243.   default     = false

  2244. }

  2245. 

  2246. variable "default_network_acl_ingress" {

  2247.   description = "List of maps of ingress rules to set on the Default Network ACL"

  2248.   type        = list(map(string))

  2249. 

  2250.   default = [

  2251.     {

  2252.       rule_no    = 100

  2253.       action     = "allow"

  2254.       from_port  = 0

  2255.       to_port    = 0

  2256.       protocol   = "-1"

  2257.       cidr_block = "0.0.0.0/0"

  2258.     },

  2259.     {

  2260.       rule_no         = 101

  2261.       action          = "allow"

  2262.       from_port       = 0

  2263.       to_port         = 0

  2264.       protocol        = "-1"

  2265.       ipv6_cidr_block = "::/0"

  2266.     },

  2267.   ]

  2268. }

  2269. 

  2270. variable "default_network_acl_egress" {

  2271.   description = "List of maps of egress rules to set on the Default Network ACL"

  2272.   type        = list(map(string))

  2273. 

  2274.   default = [

  2275.     {

  2276.       rule_no    = 100

  2277.       action     = "allow"

  2278.       from_port  = 0

  2279.       to_port    = 0

  2280.       protocol   = "-1"

  2281.       cidr_block = "0.0.0.0/0"

  2282.     },

  2283.     {

  2284.       rule_no         = 101

  2285.       action          = "allow"

  2286.       from_port       = 0

  2287.       to_port         = 0

  2288.       protocol        = "-1"

  2289.       ipv6_cidr_block = "::/0"

  2290.     },

  2291.   ]

  2292. }

  2293. 

  2294. variable "public_inbound_acl_rules" {

  2295.   description = "Public subnets inbound network ACLs"

  2296.   type        = list(map(string))

  2297. 

  2298.   default = [

  2299.     {

  2300.       rule_number = 100

  2301.       rule_action = "allow"

  2302.       from_port   = 0

  2303.       to_port     = 0

  2304.       protocol    = "-1"

  2305.       cidr_block  = "0.0.0.0/0"

  2306.     },

  2307.   ]

  2308. }

  2309. 

  2310. variable "public_outbound_acl_rules" {

  2311.   description = "Public subnets outbound network ACLs"

  2312.   type        = list(map(string))

  2313. 

  2314.   default = [

  2315.     {

  2316.       rule_number = 100

  2317.       rule_action = "allow"

  2318.       from_port   = 0

  2319.       to_port     = 0

  2320.       protocol    = "-1"

  2321.       cidr_block  = "0.0.0.0/0"

  2322.     },

  2323.   ]

  2324. }

  2325. 

  2326. variable "private_inbound_acl_rules" {

  2327.   description = "Private subnets inbound network ACLs"

  2328.   type        = list(map(string))

  2329. 

  2330.   default = [

  2331.     {

  2332.       rule_number = 100

  2333.       rule_action = "allow"

  2334.       from_port   = 0

  2335.       to_port     = 0

  2336.       protocol    = "-1"

  2337.       cidr_block  = "0.0.0.0/0"

  2338.     },

  2339.   ]

  2340. }

  2341. 

  2342. variable "private_outbound_acl_rules" {

  2343.   description = "Private subnets outbound network ACLs"

  2344.   type        = list(map(string))

  2345. 

  2346.   default = [

  2347.     {

  2348.       rule_number = 100

  2349.       rule_action = "allow"

  2350.       from_port   = 0

  2351.       to_port     = 0

  2352.       protocol    = "-1"

  2353.       cidr_block  = "0.0.0.0/0"

  2354.     },

  2355.   ]

  2356. }

  2357. 

  2358. variable "intra_inbound_acl_rules" {

  2359.   description = "Intra subnets inbound network ACLs"

  2360.   type        = list(map(string))

  2361. 

  2362.   default = [

  2363.     {

  2364.       rule_number = 100

  2365.       rule_action = "allow"

  2366.       from_port   = 0

  2367.       to_port     = 0

  2368.       protocol    = "-1"

  2369.       cidr_block  = "0.0.0.0/0"

  2370.     },

  2371.   ]

  2372. }

  2373. 

  2374. variable "intra_outbound_acl_rules" {

  2375.   description = "Intra subnets outbound network ACLs"

  2376.   type        = list(map(string))

  2377. 

  2378.   default = [

  2379.     {

  2380.       rule_number = 100

  2381.       rule_action = "allow"

  2382.       from_port   = 0

  2383.       to_port     = 0

  2384.       protocol    = "-1"

  2385.       cidr_block  = "0.0.0.0/0"

  2386.     },

  2387.   ]

  2388. }

  2389. 

  2390. variable "database_inbound_acl_rules" {

  2391.   description = "Database subnets inbound network ACL rules"

  2392.   type        = list(map(string))

  2393. 

  2394.   default = [

  2395.     {

  2396.       rule_number = 100

  2397.       rule_action = "allow"

  2398.       from_port   = 0

  2399.       to_port     = 0

  2400.       protocol    = "-1"

  2401.       cidr_block  = "0.0.0.0/0"

  2402.     },

  2403.   ]

  2404. }

  2405. 

  2406. variable "database_outbound_acl_rules" {

  2407.   description = "Database subnets outbound network ACL rules"

  2408.   type        = list(map(string))

  2409. 

  2410.   default = [

  2411.     {

  2412.       rule_number = 100

  2413.       rule_action = "allow"

  2414.       from_port   = 0

  2415.       to_port     = 0

  2416.       protocol    = "-1"

  2417.       cidr_block  = "0.0.0.0/0"

  2418.     },

  2419.   ]

  2420. }

  2421. 

  2422. variable "redshift_inbound_acl_rules" {

  2423.   description = "Redshift subnets inbound network ACL rules"

  2424.   type        = list(map(string))

  2425. 

  2426.   default = [

  2427.     {

  2428.       rule_number = 100

  2429.       rule_action = "allow"

  2430.       from_port   = 0

  2431.       to_port     = 0

  2432.       protocol    = "-1"

  2433.       cidr_block  = "0.0.0.0/0"

  2434.     },

  2435.   ]

  2436. }

  2437. 

  2438. variable "redshift_outbound_acl_rules" {

  2439.   description = "Redshift subnets outbound network ACL rules"

  2440.   type        = list(map(string))

  2441. 

  2442.   default = [

  2443.     {

  2444.       rule_number = 100

  2445.       rule_action = "allow"

  2446.       from_port   = 0

  2447.       to_port     = 0

  2448.       protocol    = "-1"

  2449.       cidr_block  = "0.0.0.0/0"

  2450.     },

  2451.   ]

  2452. }

  2453. 

  2454. variable "elasticache_inbound_acl_rules" {

  2455.   description = "Elasticache subnets inbound network ACL rules"

  2456.   type        = list(map(string))

  2457. 

  2458.   default = [

  2459.     {

  2460.       rule_number = 100

  2461.       rule_action = "allow"

  2462.       from_port   = 0

  2463.       to_port     = 0

  2464.       protocol    = "-1"

  2465.       cidr_block  = "0.0.0.0/0"

  2466.     },

  2467.   ]

  2468. }

  2469. 

  2470. variable "elasticache_outbound_acl_rules" {

  2471.   description = "Elasticache subnets outbound network ACL rules"

  2472.   type        = list(map(string))

  2473. 

  2474.   default = [

  2475.     {

  2476.       rule_number = 100

  2477.       rule_action = "allow"

  2478.       from_port   = 0

  2479.       to_port     = 0

  2480.       protocol    = "-1"

  2481.       cidr_block  = "0.0.0.0/0"

  2482.     },

  2483.   ]

  2484. }

  2485. 

  2486. variable "manage_default_security_group" {

  2487.   description = "Should be true to adopt and manage default security group"

  2488.   type        = bool

  2489.   default     = false

  2490. }

  2491. 

  2492. variable "default_security_group_name" {

  2493.   description = "Name to be used on the default security group"

  2494.   type        = string

  2495.   default     = "default"

  2496. }

  2497. 

  2498. variable "default_security_group_ingress" {

  2499.   description = "List of maps of ingress rules to set on the default security group"

  2500.   type        = list(map(string))

  2501.   default     = null

  2502. }

  2503. 

  2504. variable "enable_flow_log" {

  2505.   description = "Whether or not to enable VPC Flow Logs"

  2506.   type        = bool

  2507.   default     = false

  2508. }

  2509. 

  2510. variable "default_security_group_egress" {

  2511.   description = "List of maps of egress rules to set on the default security group"

  2512.   type        = list(map(string))

  2513.   default     = null

  2514. }

  2515. 

  2516. variable "default_security_group_tags" {

  2517.   description = "Additional tags for the default security group"

  2518.   type        = map(string)

  2519.   default     = {}

  2520. }

  2521. 

  2522. variable "create_flow_log_cloudwatch_log_group" {

  2523.   description = "Whether to create CloudWatch log group for VPC Flow Logs"

  2524.   type        = bool

  2525.   default     = false

  2526. }

  2527. 

  2528. variable "create_flow_log_cloudwatch_iam_role" {

  2529.   description = "Whether to create IAM role for VPC Flow Logs"

  2530.   type        = bool

  2531.   default     = false

  2532. }

  2533. 

  2534. variable "flow_log_traffic_type" {

  2535.   description = "The type of traffic to capture. Valid values: ACCEPT, REJECT, ALL."

  2536.   type        = string

  2537.   default     = "ALL"

  2538. }

  2539. 

  2540. variable "flow_log_destination_type" {

  2541.   description = "Type of flow log destination. Can be s3 or cloud-watch-logs."

  2542.   type        = string

  2543.   default     = "cloud-watch-logs"

  2544. }

  2545. 

  2546. variable "flow_log_log_format" {

  2547.   description = "The fields to include in the flow log record, in the order in which they should appear."

  2548.   type        = string

  2549.   default     = null

  2550. }

  2551. 

  2552. variable "flow_log_destination_arn" {

  2553.   description = "The ARN of the CloudWatch log group or S3 bucket where VPC Flow Logs will be pushed. If this ARN is a S3 bucket the appropriate permissions need to be set on that bucket's policy. When create_flow_log_cloudwatch_log_group is set to false this argument must be provided."

  2554.   type        = string

  2555.   default     = ""

  2556. }

  2557. 

  2558. variable "flow_log_cloudwatch_iam_role_arn" {

  2559.   description = "The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group. When flow_log_destination_arn is set to ARN of Cloudwatch Logs, this argument needs to be provided."

  2560.   type        = string

  2561.   default     = ""

  2562. }

  2563. 

  2564. variable "flow_log_cloudwatch_log_group_name_prefix" {

  2565.   description = "Specifies the name prefix of CloudWatch Log Group for VPC flow logs."

  2566.   type        = string

  2567.   default     = "/aws/vpc-flow-log/"

  2568. }

  2569. 

  2570. variable "flow_log_cloudwatch_log_group_retention_in_days" {

  2571.   description = "Specifies the number of days you want to retain log events in the specified log group for VPC flow logs."

  2572.   type        = number

  2573.   default     = null

  2574. }

  2575. 

  2576. variable "flow_log_cloudwatch_log_group_kms_key_id" {

  2577.   description = "The ARN of the KMS Key to use when encrypting log data for VPC flow logs."

  2578.   type        = string

  2579.   default     = null

  2580. }

  2581. 

  2582. variable "flow_log_max_aggregation_interval" {

  2583.   description = "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. Valid Values: `60` seconds or `600` seconds."

  2584.   type        = number

  2585.   default     = 600

  2586. }

  2587. 

  2588. variable "create_igw" {

  2589.   description = "Controls if an Internet Gateway is created for public subnets and the related routes that connect them."

  2590.   type        = bool

  2591.   default     = true

  2592. }

  2593. 

  2594. variable "create_egress_only_igw" {

  2595.   description = "Controls if an Egress Only Internet Gateway is created and its related routes."

  2596.   type        = bool

  2597.   default     = true

  2598. }