X EC2 (or 1 ASG X:X); X external volumes; X network interfaces; KMS key for volumes; Key pair
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1061 lines
50KB

  1. ####
  2. # Global
  3. ####
  4. variable "tags" {
  5. description = "Tags to be used for all this module resources. Will be merged with specific tags for each kind of resource."
  6. default = {}
  7. }
  8. variable "use_autoscaling_group" {
  9. description = "Whether or not to create an AutoScaling Group instead of an EC2 instance. If `true`, use look at `autoscaling_group` prefixed variables."
  10. type = bool
  11. default = false
  12. }
  13. variable "use_num_suffix" {
  14. description = "Whether or not to append numerical suffix when multiple same resources need to be created like extra EBS volumes."
  15. type = bool
  16. default = true
  17. }
  18. variable "num_suffix_digits" {
  19. description = "Number of significant digits to append to multiple same resources of the module. For example, a `var.num_suffix_digits` of `3` would produce `-001`, `-002`… suffixes. Ignored if `var.use_num_suffix` is `false`."
  20. type = number
  21. default = 2
  22. validation {
  23. condition = 1 <= var.num_suffix_digits && var.num_suffix_digits <= 10
  24. error_message = "The var.num_suffix_digits must be between 1 and 10."
  25. }
  26. }
  27. variable "num_suffix_offset" {
  28. description = "The starting point of the numerical suffix. An offset of 1 would mean resources suffixes will starts at 2. Ignored if `var.use_num_suffix` is `false`."
  29. type = number
  30. default = 0
  31. validation {
  32. condition = 0 <= var.num_suffix_offset && var.num_suffix_offset <= 9900
  33. error_message = "The var.num_suffix_offset must be between 0 and 9900."
  34. }
  35. }
  36. variable "prefix" {
  37. description = "Prefix to be added to with all resource's names of the module. Prefix is mainly used for tests and should remain empty in normal circumstances."
  38. default = ""
  39. validation {
  40. condition = can(regex("^[a-z0-9-]{0,16}$", var.prefix))
  41. error_message = "The var.prefix should match “^[a-z0-9-]{0,16}$”."
  42. }
  43. }
  44. ####
  45. # AutoScaling Group & EC2
  46. ####
  47. variable "ami" {
  48. description = "AMI to use for the EC2 instance (or the launch template). Default: latest AWS linux AMI - CAREFUL: when using the default, the AMI ID could get updated, thus triggering a destroy/recreate of your instances. Besides testing, it's recommended to set a value."
  49. default = null
  50. validation {
  51. condition = var.ami == null || can(regex("^ami-([a-z0-9]{8}|[a-z0-9]{17})$", var.ami))
  52. error_message = "The var.ami must match “^ami-([a-z0-9]{8}|[a-z0-9]{17})$”."
  53. }
  54. }
  55. variable "associate_public_ip_address" {
  56. description = "Whether or not to associate a public ip address for the EC2 instance (or launch template) main network interface."
  57. type = bool
  58. default = false
  59. }
  60. variable "cpu_credits" {
  61. description = "The credit option for CPU usage. Can be `standard` or `unlimited`. For T type instances. T3 instances are launched as unlimited by default. T2 instances are launched as standard by default."
  62. type = string
  63. default = null
  64. validation {
  65. condition = var.cpu_credits != null ? contains(["standard", "unlimited"], var.cpu_credits) : true
  66. error_message = "The var.cpu_credits must be “standard” or “unlimited”."
  67. }
  68. }
  69. variable "cpu_core_count" {
  70. description = "Sets the number of CPU cores for an instance (or launch template). This option is only supported on creation of instance type that support CPU Options CPU Cores and Threads Per CPU Core Per Instance Type - specifying this option for unsupported instance types will return an error from the EC2 API."
  71. type = number
  72. default = null
  73. }
  74. variable "cpu_threads_per_core" {
  75. description = "If set to to 1, hyperthreading is disabled on the launched instance (or launch template). Defaults to 2 if not set. See Optimizing CPU Options for more information (has no effect unless `var.cpu_core_count` is also set)."
  76. type = number
  77. default = null
  78. validation {
  79. condition = var.cpu_threads_per_core == null || var.cpu_threads_per_core == 1 || var.cpu_threads_per_core == 2
  80. error_message = "The var.cpu_threads_per_core must be “1” or “2”."
  81. }
  82. }
  83. variable "ebs_optimized" {
  84. description = "If true, the launched EC2 instance (or launch template) will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it."
  85. type = bool
  86. default = null
  87. }
  88. variable "disable_api_termination" {
  89. description = "If true, enables EC2 Instance (or launch template) termination protection. **This is NOT recommended** as it will prevent Terraform to destroy and block your pipeline."
  90. type = bool
  91. default = false
  92. }
  93. variable "ephemeral_block_devices" {
  94. description = <<-DOCUMENTATION
  95. Customize Ephemeral (also known as Instance Store) volumes on the EC2 instance (or launch template):
  96. * device_name (required, string): The name of the block device to mount on the instance.
  97. * virtual_name (optional, string): The Instance Store Device Name (e.g. "ephemeral0").
  98. * no_device (optional, string): Suppresses the specified device included in the AMI's block device mapping.
  99. DOCUMENTATION
  100. type = list
  101. default = []
  102. }
  103. variable "host_id" {
  104. description = "The Id of a dedicated host that the instance will be assigned to. Use when an instance (or launch template) is to be launched on a specific dedicated host."
  105. type = string
  106. default = null
  107. validation {
  108. condition = var.host_id == null || can(regex("^h-([a-z0-9]{8}|[a-z0-9]{17})$", var.host_id))
  109. error_message = "The var.host_id must match “^h-([a-z0-9]{8}|[a-z0-9]{17})$”."
  110. }
  111. }
  112. variable "instance_initiated_shutdown_behavior" {
  113. description = "Shutdown behavior for the EC2 instance (or launch template). Amazon defaults this to `stop` for EBS-backed instances and `terminate` for instance-store instances. Cannot be set on instance-store instances."
  114. type = string
  115. default = null
  116. validation {
  117. condition = var.instance_initiated_shutdown_behavior == null || var.instance_initiated_shutdown_behavior == "stop" || var.instance_initiated_shutdown_behavior == "terminate"
  118. error_message = "The var.instance_initiated_shutdown_behavior must be “stop” or “terminate”."
  119. }
  120. }
  121. variable "instance_tags" {
  122. description = "Tags that will be shared with all the instances (or instances launched by the AutoScaling Group). Will be merged with `var.tags`."
  123. default = {}
  124. }
  125. variable "instance_type" {
  126. description = "The type of instance (or launch template) to start. Updates to this field will trigger a stop/start of the EC2 instance, except with launch template."
  127. default = "t3.nano"
  128. validation {
  129. condition = can(regex("^(u-)?[a-z0-9]{2,4}\\.(nano|micro|small|medium|metal|(2|4|8|16|24)?x?large)$", var.instance_type))
  130. error_message = "The var.instance_type must match “^(u-)?[a-z0-9]{2,4}\\.(nano|micro|small|medium|metal|(2|4|8|16|24)?x?large)$”."
  131. }
  132. }
  133. variable "ipv4_address_count" {
  134. description = "A number of IPv4 addresses to associate with the primary network interface of the EC2 instance (or launch template). The total number of private IPs will be 1 + `var.ipv4_address_count`, as a primary private IP will be assigned to an ENI by default."
  135. type = number
  136. default = 0
  137. validation {
  138. condition = 0 <= var.ipv4_address_count && var.ipv4_address_count <= 50
  139. error_message = "The var.ipv4_address_count must be between 0 and 50."
  140. }
  141. }
  142. variable "monitoring" {
  143. description = "If `true`, the launched EC2 instance (or launch template) will have detailed monitoring enabled: 1 minute granularity instead of 5 minutes. Incurs additional costs."
  144. type = bool
  145. default = false
  146. }
  147. variable "name" {
  148. description = "Name (tag:Name) of the instance(s) themselves, whether or not AutoScaling group is used."
  149. default = "ec2"
  150. }
  151. variable "placement_group" {
  152. description = "ID of the Placement Group to start the EC2 instance (or launch template) in."
  153. type = string
  154. default = null
  155. validation {
  156. condition = var.placement_group == null || can(regex("^pg-([a-z0-9]{8}|[a-z0-9]{17})$", var.placement_group))
  157. error_message = "The var.placement_group must match “^pg-([a-z0-9]{8}|[a-z0-9]{17})$”."
  158. }
  159. }
  160. variable "primary_network_interface_name" {
  161. description = "Name (tag:Name) of the primary network interface to be attached to the EC2 instance (or launch template)."
  162. default = "nic"
  163. }
  164. variable "root_block_device_delete_on_termination" {
  165. description = "Whether or not to delete the root block device on termination. **It's is strongly discouraged** to set this to `false`: only change this value if you have no other choice as this will leave a volume that will not be managed by terraform (even if the tag says it does) and you may end up building up costs."
  166. type = bool
  167. default = true
  168. }
  169. variable "root_block_device_volume_type" {
  170. description = "Customize details about the root block device of the instance or launch template root volume: The type of volume. Can be `standard`, `gp2`, `io1`, `sc1` or `st1`. (Default: `gp2`)."
  171. type = string
  172. default = null
  173. validation {
  174. condition = var.root_block_device_volume_type != null ? contains(["standard", "gp2", "io1", "sc1", "st1"], var.root_block_device_volume_type) : true
  175. error_message = "The var.root_block_device_volume_type must be “standard”, “gp2”, “io1”, “sc1” or “st1”."
  176. }
  177. }
  178. variable "root_block_device_volume_device" {
  179. description = "Device name of the root volume of the AMI. Only used for Launch Template. This value cannot be found by the AWS Terraform provider from the AMI ID alone. If this value is wrong, Terraform will create an extra volume, failing to setup root volume correctly. Can be `/dev/sda1` or `/dev/xdva`."
  180. type = string
  181. default = "/dev/xvda"
  182. validation {
  183. condition = contains(["/dev/xvda", "/dev/sda1"], var.root_block_device_volume_device)
  184. error_message = "The var.root_block_device_volume_device must be “/dev/xvda” or “/dev/sda1”."
  185. }
  186. }
  187. variable "root_block_device_volume_size" {
  188. description = "Customize details about the root block device of the instance or launch template root volume: The size of the volume in gibibytes (GiB)."
  189. type = number
  190. default = 8
  191. validation {
  192. condition = var.root_block_device_volume_size == null || 1 <= tonumber(var.root_block_device_volume_size != null ? var.root_block_device_volume_size : 1) && tonumber(var.root_block_device_volume_size != null ? var.root_block_device_volume_size : 1) <= 20000
  193. error_message = "The var.root_block_device_volume_size must be between 1 and 20000."
  194. }
  195. }
  196. variable "root_block_device_iops" {
  197. description = "The amount of provisioned IOPS. This must be set when `var.root_block_device_volume_type` is `io1`."
  198. type = number
  199. default = null
  200. validation {
  201. condition = var.root_block_device_iops == null || 10 <= tonumber(var.root_block_device_iops != null ? var.root_block_device_iops : 10) && tonumber(var.root_block_device_iops != null ? var.root_block_device_iops : 10) <= 64000
  202. error_message = "The var.root_block_device_iops must be between 10 and 64000."
  203. }
  204. }
  205. variable "root_block_device_encrypted" {
  206. description = "Customize details about the root block device of the EC2 instance (or launch template) root volume: enables EBS encryption on the volume. Cannot be used with snapshot_id. Must be configured to perform drift detection."
  207. type = bool
  208. default = true
  209. }
  210. variable "tenancy" {
  211. description = "The tenancy of the EC2 instance (if the instance or launch template will be running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for the import-instance command."
  212. default = null
  213. validation {
  214. condition = var.tenancy == null || contains(["dedicated", "default", "host"], flatten([var.tenancy]))
  215. error_message = "The var.tenancy must be “dedicated”, “default” or “host”."
  216. }
  217. }
  218. variable "user_data" {
  219. description = "The user data to provide when launching the EC2 instance (or launch template)."
  220. type = string
  221. default = null
  222. }
  223. variable "vpc_security_group_ids" {
  224. description = "List of security group IDs to associate with the main ENI of the EC2 instance (or launch template). If not defined, default the VPC security group will be used."
  225. type = list(string)
  226. default = null
  227. validation {
  228. condition = var.vpc_security_group_ids != null ? ! contains([for i in var.vpc_security_group_ids : can(regex("^sg-([a-z0-9]{8}|[a-z0-9]{17})$", i))], false) : true
  229. error_message = "One or more of the “var.vpc_security_group_ids” does not match '^sg-([a-z0-9]{8}|[a-z0-9]{17})$'."
  230. }
  231. }
  232. ####
  233. # Launch Template
  234. ####
  235. variable "launch_template_name" {
  236. description = "The name of the launch template. If you leave this blank, Terraform will auto-generate a unique name."
  237. type = string
  238. default = ""
  239. validation {
  240. condition = var.launch_template_name == "" || (3 <= length(var.launch_template_name) && length(var.launch_template_name) <= 128 && can(regex("^[a-zA-Z0-9\\(\\)\\.\\-/_]+$", var.launch_template_name)))
  241. error_message = "The var.launch_template_name length must be between 3 and 128 characters and match “^[a-zA-Z0-9\\(\\)\\.\\-/_]+$”."
  242. }
  243. }
  244. variable "launch_template_tags" {
  245. description = "Tags to be used by the launch template. Will be merge with var.tags."
  246. default = {}
  247. }
  248. variable "launch_template_ipv6_address_count" {
  249. description = "A number of IPv6 addresses to associate with the primary network interface of the launch template."
  250. default = 0
  251. validation {
  252. condition = 0 <= var.launch_template_ipv6_address_count && var.launch_template_ipv6_address_count <= 50
  253. error_message = "The var.launch_template_ipv6_address_count must be between 0 and 50."
  254. }
  255. }
  256. ####
  257. # AutoScaling Group
  258. ####
  259. variable "autoscaling_group_default_cooldown" {
  260. description = "The amount of time, in seconds, after a scaling activity completes before another scaling activity can start."
  261. type = number
  262. default = -1
  263. validation {
  264. condition = -1 <= tonumber(var.autoscaling_group_default_cooldown) && var.autoscaling_group_default_cooldown <= 99999999
  265. error_message = "The var.autoscaling_group_default_cooldown must be between -1 (default) and 99999999."
  266. }
  267. }
  268. variable "autoscaling_group_enabled_metrics" {
  269. description = "A list of metrics to collect. The allowed values are `GroupDesiredCapacity`, `GroupInServiceCapacity`, `GroupPendingCapacity`, `GroupMinSize`, `GroupMaxSize`, `GroupInServiceInstances`, `GroupPendingInstances`, `GroupStandbyInstances`, `GroupStandbyCapacity`, `GroupTerminatingCapacity`, `GroupTerminatingInstances`, `GroupTotalCapacity` and `GroupTotalInstances`."
  270. type = set(string)
  271. default = []
  272. validation {
  273. condition = 0 == length(setsubtract(var.autoscaling_group_enabled_metrics, ["GroupDesiredCapacity", "GroupInServiceCapacity", "GroupPendingCapacity", "GroupMinSize", "GroupMaxSize", "GroupInServiceInstances", "GroupInServiceInstances", "GroupPendingInstances", "GroupStandbyInstances", "GroupStandbyCapacity", "GroupTerminatingCapacity", "GroupTerminatingInstances", "GroupTotalCapacity", "GroupTotalInstances"]))
  274. error_message = "The var.autoscaling_group_enabled_metrics contains unsupported values (see: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group)."
  275. }
  276. }
  277. variable "autoscaling_group_health_check_grace_period" {
  278. description = "Time (in seconds) after instance comes into service before checking health."
  279. type = number
  280. default = -1
  281. validation {
  282. condition = -1 <= tonumber(var.autoscaling_group_health_check_grace_period) && var.autoscaling_group_health_check_grace_period <= 99999999
  283. error_message = "The var.autoscaling_group_health_check_grace_period must be between -1 (default) and 99999999."
  284. }
  285. }
  286. variable "autoscaling_group_health_check_type" {
  287. description = "Controls how health checking is done on `EC2` level or on `ELB` level. When using a load balancer `ELB` is recommended."
  288. type = string
  289. default = null
  290. validation {
  291. condition = var.autoscaling_group_health_check_type == null || var.autoscaling_group_health_check_type == "EC2" || var.autoscaling_group_health_check_type == "ELB"
  292. error_message = "The var.autoscaling_group_health_check_type must be “EC2” or “ELB”."
  293. }
  294. }
  295. variable "autoscaling_group_desired_capacity" {
  296. description = "Number of instances to immediately launch in the AutoScaling Group. If not specified, defaults to `var.autoscaling_group_min_size`."
  297. type = number
  298. default = null
  299. validation {
  300. condition = var.autoscaling_group_desired_capacity != null ? 0 <= var.autoscaling_group_desired_capacity && var.autoscaling_group_desired_capacity <= 250 : true
  301. error_message = "The var.autoscaling_group_desired_capacity must be between 0 and 250."
  302. }
  303. }
  304. variable "autoscaling_group_max_instance_lifetime" {
  305. description = "The maximum amount of time, in seconds, that an instance can be in service, values must be either equal to `0` or between `604800` and `31536000` seconds."
  306. type = number
  307. default = 0
  308. validation {
  309. condition = var.autoscaling_group_max_instance_lifetime == 0 || (604800 <= var.autoscaling_group_max_instance_lifetime && var.autoscaling_group_max_instance_lifetime <= 31536000)
  310. error_message = "The var.autoscaling_group_max_instance_lifetime must be 0 or between 604800 and 31536000."
  311. }
  312. }
  313. variable "autoscaling_group_max_size" {
  314. description = "The maximum size of the AutoScaling Group."
  315. type = number
  316. default = 1
  317. validation {
  318. condition = 1 <= var.autoscaling_group_max_size && var.autoscaling_group_max_size <= 250
  319. error_message = "The var.autoscaling_group_max_size must be between 1 and 250."
  320. }
  321. }
  322. variable "autoscaling_group_metrics_granularity" {
  323. description = "The granularity to associate with the metrics to collect. The only valid value is `1Minute`. Default is `1Minute`."
  324. type = string
  325. default = null
  326. validation {
  327. condition = var.autoscaling_group_metrics_granularity == null || var.autoscaling_group_metrics_granularity == "1Minute"
  328. error_message = "The var.autoscaling_group_metrics_granularity must be “1Minute”, it is the only supported value for now."
  329. }
  330. }
  331. variable "autoscaling_group_min_size" {
  332. description = "The minimum size of the AutoScaling Group."
  333. type = number
  334. default = 1
  335. validation {
  336. condition = 0 <= var.autoscaling_group_min_size && var.autoscaling_group_min_size <= 250
  337. error_message = "The var.autoscaling_group_min_size must be between 0 and 250."
  338. }
  339. }
  340. variable "autoscaling_group_min_elb_capacity" {
  341. description = "Setting this causes Terraform to wait for this number of instances from this autoscaling group to show up healthy in the ELB only on creation. Updates will not wait on ELB instance number changes. [See documentation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group#waiting-for-capacity)."
  342. type = number
  343. default = null
  344. }
  345. variable "autoscaling_group_name" {
  346. description = "The name of the AutoScaling Group. By default generated by Terraform."
  347. type = string
  348. default = ""
  349. validation {
  350. condition = var.autoscaling_group_name == "" || (1 <= length(var.autoscaling_group_name) && length(var.autoscaling_group_name) <= 255 && can(regex("^[a-zA-Z0-9\\(\\)\\.\\-/_]+$", var.autoscaling_group_name)))
  351. error_message = "The var.autoscaling_group_name length must be between 1 and 255 characters and match “^[a-zA-Z0-9\\(\\)\\.\\-/_]+$”."
  352. }
  353. }
  354. variable "autoscaling_group_subnet_ids" {
  355. description = "IDs of the subnets to be used by the AutoScaling Group. If empty, all the default subnets of the current region will be used. This must have as many elements as the count: `var.autoscaling_group_subnet_ids_count`."
  356. type = list(string)
  357. default = [""]
  358. validation {
  359. condition = length(compact(var.autoscaling_group_subnet_ids)) == 0 || ! contains([for i in var.autoscaling_group_subnet_ids : can(regex("^subnet-([a-z0-9]{8}|[a-z0-9]{17})$", i))], false)
  360. error_message = "One or more of the “var.autoscaling_group_subnet_ids” does not match “^subnet-([a-z0-9]{8}|[a-z0-9]{17})$”."
  361. }
  362. }
  363. variable "autoscaling_group_subnet_ids_count" {
  364. description = "How many subnets IDs to be used by the AutoScaling Group in the `var.autoscaling_group_subnet_ids`. If the value is “0”, default subnets will be used. Cannot be computed automatically from other variables in Terraform 0.13.X."
  365. type = number
  366. default = 0
  367. validation {
  368. condition = var.autoscaling_group_subnet_ids_count <= 6 && var.autoscaling_group_subnet_ids_count >= 0
  369. error_message = "The var.autoscaling_group_subnet_ids_count must be between 0 and 6."
  370. }
  371. }
  372. variable "autoscaling_group_suspended_processes" {
  373. description = "A list of processes to suspend for the AutoScaling Group. The allowed values are `Launch`, `Terminate`, `HealthCheck`, `ReplaceUnhealthy`, `AZRebalance`, `AlarmNotification`, `ScheduledActions`, `AddToLoadBalancer`. Note that if you suspend either the Launch or Terminate process types, it can prevent your autoscaling group from functioning properly."
  374. type = set(string)
  375. default = []
  376. validation {
  377. condition = 0 == length(setsubtract(var.autoscaling_group_suspended_processes, ["Launch", "Terminate", "HealthCheck", "ReplaceUnhealthy", "AZRebalance", "AlarmNotification", "ScheduledActions", "ScheduledActions", "AddToLoadBalancer"]))
  378. error_message = "The var.autoscaling_group_suspended_processes contains unsupported values (see: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group)."
  379. }
  380. }
  381. variable "autoscaling_group_target_group_arns" {
  382. description = "A list of aws_alb_target_group ARNs, for use with Application or Network Load Balancing."
  383. type = list(string)
  384. default = []
  385. }
  386. variable "autoscaling_group_termination_policies" {
  387. description = "A list of policies to decide how the instances in the auto scale group should be terminated. The allowed values are `OldestInstance`, `NewestInstance`, `OldestLaunchConfiguration`, `ClosestToNextInstanceHour`, `OldestLaunchTemplate`, `AllocationStrategy`, `Default`."
  388. type = list(string)
  389. default = []
  390. validation {
  391. condition = 0 == length(setsubtract(var.autoscaling_group_termination_policies, ["OldestInstance", "NewestInstance", "OldestLaunchConfiguration", "ClosestToNextInstanceHour", "OldestLaunchTemplate", "AllocationStrategy", "Default"]))
  392. error_message = "The var.autoscaling_group_termination_policies contains unsupported values (see: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group)."
  393. }
  394. }
  395. variable "autoscaling_group_tags" {
  396. description = "Tags specific to the AutoScaling Group. Will be merged with var.tags."
  397. default = {}
  398. }
  399. variable "autoscaling_group_wait_for_capacity_timeout" {
  400. description = "A maximum duration that Terraform should wait for ASG instances to be healthy before timing out. Setting this to '0' causes Terraform to skip all Capacity Waiting behavior."
  401. type = string
  402. default = null
  403. validation {
  404. condition = var.autoscaling_group_wait_for_capacity_timeout == null || can(regex("^[0-9]{0,3}m$", var.autoscaling_group_wait_for_capacity_timeout))
  405. error_message = "The var.autoscaling_group_wait_for_capacity_timeout match ”^[0-9]{0,3}m$“."
  406. }
  407. }
  408. variable "autoscaling_group_wait_for_elb_capacity" {
  409. description = "Setting this will cause Terraform to wait for exactly this number of healthy instances from this autoscaling group in all attached load balancers on both create and update operations. (Takes precedence over `var.min_elb_capacity` behavior.)."
  410. type = number
  411. default = null
  412. }
  413. ####
  414. # AutoScaling Group Schedule
  415. ####
  416. variable "autoscaling_schedule_count" {
  417. description = "How many AutoScaling Schedule actions to create on the AutoScaling Group. Ignored if `var.use_autoscaling_group` is `false`."
  418. type = number
  419. default = 0
  420. validation {
  421. condition = 0 <= var.autoscaling_schedule_count && var.autoscaling_schedule_count <= 125
  422. error_message = "The var.autoscaling_schedule_count must be between 0 and 125."
  423. }
  424. }
  425. variable "autoscaling_schedule_name" {
  426. description = "Name of the AutoScaling Schedule actions. Will be suffixed by numerical digits if `var.use_num_suffix` is `true`. If `var.use_num_suffix` is `false` maximum one Schedule must be created as name must be unique. Ignored if `var.use_autoscaling_group` or `var.autoscaling_schedule_enable` is `false`."
  427. type = string
  428. default = "asg-schedule"
  429. validation {
  430. condition = 1 <= length(var.autoscaling_schedule_name) && length(var.autoscaling_schedule_name) <= 256
  431. error_message = "One or more var.autoscaling_schedule_name length must be between 1 and 256 characters."
  432. }
  433. }
  434. variable "autoscaling_schedule_min_sizes" {
  435. description = "The minimum sizes for the AutoScaling Schedule actions. Set to -1 if you don't want to change the minimum size at the scheduled time. Ignored if `var.use_autoscaling_group` or `var.autoscaling_schedule_enable` is `false`."
  436. type = list(number)
  437. default = [0]
  438. validation {
  439. condition = ! contains([for i in var.autoscaling_schedule_min_sizes : (-1 <= i && i <= 250)], false)
  440. error_message = "One or more var.autoscaling_schedule_min_sizes aren't between -1 and 250."
  441. }
  442. }
  443. variable "autoscaling_schedule_max_sizes" {
  444. description = "The maximum sizes for the AutoScaling Schedule actions. Set to -1 if you don't want to change the maximum size at the scheduled time. Ignored if `var.use_autoscaling_group` or `var.autoscaling_schedule_enable` is `false`."
  445. type = list(number)
  446. default = [0]
  447. validation {
  448. condition = ! contains([for i in var.autoscaling_schedule_max_sizes : (-1 <= i && i <= 250)], false)
  449. error_message = "One or more var.autoscaling_schedule_max_sizes aren't between -1 and 250."
  450. }
  451. }
  452. variable "autoscaling_schedule_desired_capacities" {
  453. description = "Number of instances that should run in the AutoScaling Schedule actions. Set to -1 if you don't want to change the desired capacity at the scheduled time. Ignored if `var.use_autoscaling_group` or `var.autoscaling_schedule_enable` is `false`."
  454. type = list(number)
  455. default = [0]
  456. validation {
  457. condition = ! contains([for i in var.autoscaling_schedule_desired_capacities : (-1 <= i && i <= 250)], false)
  458. error_message = "One or more var.autoscaling_schedule_desired_capacities aren't between -1 and 250."
  459. }
  460. }
  461. variable "autoscaling_schedule_recurrences" {
  462. description = "Times when recurring future AutoScaling Schedule actions will start. Start time is specified by the user following the Unix cron syntax format. Ignored if `var.use_autoscaling_group` or `var.autoscaling_schedule_enable` is `false`."
  463. type = list(string)
  464. default = [null]
  465. validation {
  466. condition = var.autoscaling_schedule_recurrences[0] != null ? ! contains([for i in var.autoscaling_schedule_recurrences :
  467. can(regex(
  468. "^(@(annually|yearly|monthly|weekly|daily|hourly|reboot))|(@every (\\d+(ns|us|µs|ms|s|m|h))+)|((((\\d+,)+\\d+|(\\d+(\\/|-)\\d+)|\\d+|\\*) ?){5,7})$",
  469. i))], false) : true
  470. error_message = "One or more var.autoscaling_schedule_recurrences doesn't match https://regexr.com/4jp54."
  471. }
  472. }
  473. variable "autoscaling_schedule_start_times" {
  474. description = "Time for the AutoScaling Schedule actions to start, in `YYYY-MM-DDThh:mm:ssZ` format in UTC/GMT only (for example, `2021-06-01T00:00:00Z` ). Defaults to the next minute. If you try to schedule your action in the past, Auto Scaling returns an error message. Ignored if `var.use_autoscaling_group` or `var.autoscaling_schedule_enable` is `false`."
  475. type = list(string)
  476. default = [null]
  477. validation {
  478. condition = var.autoscaling_schedule_start_times[0] != null ? ! contains([for i in var.autoscaling_schedule_start_times : can(regex("^\\d{4}-\\d{2}-\\d{2}T[0-2]\\d:[0-5]\\d:[0-5]\\dZ$", i))], false) : true
  479. error_message = "One or more var.autoscaling_schedule_start_times doesn't match “^\\d{4}-\\d{2}-\\d{2}T[0-2]\\d:[0-5]\\d:[0-5]\\dZ$”."
  480. }
  481. }
  482. variable "autoscaling_schedule_end_times" {
  483. description = "Time for the AutoScaling Schedule actions to stop, in `YYYY-MM-DDThh:mm:ssZ` format in UTC/GMT only (for example, `2022-06-01T00:00:00Z` ). If you try to schedule your action in the past, Auto Scaling returns an error message. Ignored if `var.use_autoscaling_group` or `var.autoscaling_schedule_enable` is `false`."
  484. type = list(string)
  485. default = [null]
  486. validation {
  487. condition = var.autoscaling_schedule_end_times[0] != null ? ! contains([for i in var.autoscaling_schedule_end_times : can(regex("^\\d{4}-\\d{2}-\\d{2}T[0-2]\\d:[0-5]\\d:[0-5]\\dZ$", i))], false) : true
  488. error_message = "One or more var.autoscaling_schedule_end_times doesn't match “^\\d{4}-\\d{2}-\\d{2}T[0-2]\\d:[0-5]\\d:[0-5]\\dZ$”."
  489. }
  490. }
  491. ####
  492. # EC2
  493. ####
  494. variable "ec2_ipv6_addresses" {
  495. description = "Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface."
  496. type = list(string)
  497. default = []
  498. }
  499. variable "ec2_ipv4_addresses" {
  500. description = "Specify one or more IPv4 addresses from the range of the subnet to associate with the primary network interface."
  501. type = list(string)
  502. default = []
  503. validation {
  504. condition = ! contains([
  505. for i in var.ec2_ipv4_addresses : (
  506. can(regex("^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", i))
  507. )
  508. ], false)
  509. error_message = "One or more of the var.ec2_ipv4_addresses does not match “^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$”."
  510. }
  511. }
  512. variable "ec2_source_dest_check" {
  513. description = "Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs."
  514. type = bool
  515. default = true
  516. }
  517. variable "ec2_subnet_id" {
  518. description = "Subnet ID where to provision all the instance. Can be used instead or along with var.subnet_ids."
  519. default = null
  520. validation {
  521. condition = var.ec2_subnet_id != null ? can(regex("^subnet-([a-z0-9]{8}|[a-z0-9]{17})$", var.ec2_subnet_id)) : true
  522. error_message = "The var.ec2_subnet_id must match “^subnet-([a-z0-9]{8}|[a-z0-9]{17})$”."
  523. }
  524. }
  525. variable "ec2_use_default_subnet" {
  526. description = "Whether or not to use the VPC default subnet instead of `var.ec2_subnet_id`. Cannot be computed from `var.ec2_subnet_id` automatically in Terraform 0.13."
  527. type = bool
  528. default = true
  529. }
  530. variable "ec2_volume_name" {
  531. description = "Name (tag:Name) of the root block device of the instance."
  532. type = string
  533. default = "root-volume"
  534. validation {
  535. condition = 1 <= length(var.ec2_volume_name) && length(var.ec2_volume_name) <= 128
  536. error_message = "The var.ec2_volume_name length must be between 1 and 128."
  537. }
  538. }
  539. variable "ec2_volume_tags" {
  540. description = "Tags of the root volume of the instance. Will be merged with `var.tags`."
  541. default = {}
  542. }
  543. variable "ec2_primary_network_interface_create" {
  544. description = "Whether or not to create a primary Network Interface to be attached to EC2 instance. Ignored if `var.use_autoscaling_group` is `true`. If `false`, a value for `var.ec2_external_primary_network_interface_id` will be expected."
  545. type = bool
  546. default = true
  547. }
  548. variable "ec2_external_primary_network_interface_id" {
  549. description = "ID of the primary Network Interface to be attached to EC2 instance. This value must be given if `var.ec2_primary_network_interface_create` is `false`."
  550. type = string
  551. default = null
  552. validation {
  553. condition = var.ec2_external_primary_network_interface_id != null ? can(regex("^eni-([a-z0-9]{8}|[a-z0-9]{17})$", var.ec2_external_primary_network_interface_id)) : true
  554. error_message = "The var.ec2_external_primary_network_interface_id must match “^eni-([a-z0-9]{8}|[a-z0-9]{17})$”."
  555. }
  556. }
  557. variable "ec2_network_interface_tags" {
  558. description = "Tags of the primary Network Interface of the EC2 instance. Will be merged with `var.tags`."
  559. default = {}
  560. }
  561. ####
  562. # KMS
  563. ####
  564. variable "volume_kms_key_alias" {
  565. description = "Alias of the KMS key used to encrypt the root and extra volumes of the EC2 instance (or launch template). Do not prefix this value with `alias/` nor with a `/`."
  566. type = string
  567. default = "default/ec2"
  568. validation {
  569. condition = can(regex("^[a-zA-Z0-9/_-]{1,256}$", var.volume_kms_key_alias))
  570. error_message = "The var.volume_kms_key_alias must match “^[a-zA-Z0-9/_-]{1,256}$”."
  571. }
  572. }
  573. variable "volume_kms_key_arn" {
  574. description = "ARN of an external KMS key used to encrypt the root and extra volumes. To be used when `var.volume_kms_key_create` is set to `false` (if `true`, this ARN will be ignored). If this value is not null, also set `var.volume_kms_key_external_exist` to `true`."
  575. type = string
  576. default = null
  577. validation {
  578. condition = var.volume_kms_key_arn == null || can(regex("^arn:aws:kms:([a-z]{2}-[a-z]{4,10}-[1-9]{1})?:[0-9]{12}:key/[a-z0-9-]{36}$", var.volume_kms_key_arn))
  579. error_message = "The var.volume_kms_key_arn must match “^arn:aws:kms:([a-z0-9-]{6,16})?:[0-9]{12}:key/[a-z0-9]{36}$”."
  580. }
  581. }
  582. variable "volume_kms_key_create" {
  583. description = "Whether or not to create a KMS key to be used for root and extra volumes. If set to `false`, you can specify a `var.volume_kms_key_arn` as an external KMS key to use instead. If this value is `false` and `var.volume_kms_key_arn` empty, the default AWS KMS key for volumes will be used."
  584. type = bool
  585. default = false
  586. }
  587. variable "volume_kms_key_external_exist" {
  588. description = "Whether or not `var.volume_kms_key_arn` is empty`. Cannot be computed automatically in Terraform 0.13."
  589. type = bool
  590. default = false
  591. }
  592. variable "volume_kms_key_customer_master_key_spec" {
  593. description = "Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports for the KMS key to be used for volumes. Valid values: `SYMMETRIC_DEFAULT`, `RSA_2048`, `RSA_3072`, `RSA_4096`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, or `ECC_SECG_P256K1`. Defaults to `SYMMETRIC_DEFAULT`."
  594. type = string
  595. default = null
  596. validation {
  597. condition = var.volume_kms_key_customer_master_key_spec != null ? contains(["SYMMETRIC_DEFAULT", "RSA_2048", "RSA_3072", "RSA_4096", "ECC_NIST_P256", "ECC_NIST_P384", "ECC_NIST_P384", "ECC_NIST_P521", "ECC_SECG_P256K1"], var.volume_kms_key_customer_master_key_spec) : true
  598. error_message = "The var.volume_kms_key_customer_master_key_spec must be one of 'SYMMETRIC_DEFAULT', 'RSA_2048', 'RSA_3072', 'RSA_4096', 'ECC_NIST_P256', 'ECC_NIST_P384', 'ECC_NIST_P384', 'ECC_NIST_P521' or 'ECC_SECG_P256K1'."
  599. }
  600. }
  601. variable "volume_kms_key_name" {
  602. description = "Name (tag:Name) for the KMS key to be used for root and extra volumes of the EC2 instance (or launch template)."
  603. type = string
  604. default = "kms-for-vol"
  605. validation {
  606. condition = 1 <= length(var.volume_kms_key_name) && length(var.volume_kms_key_name) <= 128
  607. error_message = "The var.volume_kms_key_name length must be between 1 and 128."
  608. }
  609. }
  610. variable "volume_kms_key_policy" {
  611. description = "A valid policy JSON document for the KMS key to be used for root and extra volumes of the EC2 instance (or launch template). This document can give or restrict accesses for the key."
  612. type = string
  613. default = null
  614. validation {
  615. condition = var.volume_kms_key_policy != null ? (can(jsondecode(var.volume_kms_key_policy)) && length(var.volume_kms_key_policy) < 131072) : true
  616. error_message = "The var.volume_kms_key_policy must be a valid JSON string that does not exceed 131072 characters."
  617. }
  618. }
  619. variable "volume_kms_key_tags" {
  620. description = "Tags for the KMS key to be used for root and extra volumes. Will be merge with `var.tags`."
  621. default = {}
  622. }
  623. ####
  624. # Key Pair
  625. ####
  626. variable "key_pair_create" {
  627. description = "Whether or not to create a key pair. If `false`, use `var.key_pair_name` to inject an external key pair."
  628. type = bool
  629. default = false
  630. }
  631. variable "key_pair_name" {
  632. description = "The name for the key pair. If this is not empty and `var.key_pair_create` = `false`, this name will be used as an external key pair. If you don't want any key pair, set this to `null`."
  633. type = string
  634. default = null
  635. validation {
  636. condition = var.key_pair_name == null || can(regex("^[ -~]{0,255}$", var.key_pair_name))
  637. error_message = "The var.key_pair_name must be between 1 and 255 ASCII characters."
  638. }
  639. }
  640. variable "key_pair_public_key" {
  641. description = "The public key material. Ignored if `var.key_pair_create` is `false`."
  642. type = string
  643. default = null
  644. validation {
  645. condition = var.key_pair_public_key == null || can(regex("^^(ssh-rsa AAAAB3NzaC1yc2|ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNT|ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzOD|ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1Mj|ssh-ed25519 AAAAC3NzaC1lZDI1NTE5|ssh-dss AAAAB3NzaC1kc3)[0-9A-Za-z+/]+[=]{0,3}( .*)?$", var.key_pair_public_key))
  646. error_message = "The var.key_pair_public_key must be between a valid SSH public key."
  647. }
  648. }
  649. variable "key_pair_tags" {
  650. description = "Tags specific for the key pair. Will be merged with `var.tags`. Ignored if `var.key_pair_create` is `false`."
  651. default = {}
  652. }
  653. ####
  654. # Instance Profile
  655. ####
  656. variable "iam_instance_profile_create" {
  657. description = "Whether or not to create an Instance Profile (with its IAM Role) for the EC2 instance (or launch template). If `false`, you can use `var.iam_instance_profile_name` to use an external IAM Instance Profile."
  658. type = bool
  659. default = false
  660. }
  661. variable "iam_instance_profile_name" {
  662. description = "The IAM profile's name for the EC2 instance (or launch template). If `var.iam_instance_profile_create` is `true` and this is null, Terraform will assign a random, unique name. If `var.iam_instance_profile_create` is `false` this value should be the name of an external IAM Instance Profile (keep it `null` to disable Instance Profile altogether)."
  663. type = string
  664. default = null
  665. validation {
  666. condition = var.iam_instance_profile_name == null || can(regex("^[\\w+=,.@-]{1,128}$", var.iam_instance_profile_name))
  667. error_message = "The var.iam_instance_profile_name must match “^[\\w+=,.@-]{1,128}$”."
  668. }
  669. }
  670. variable "iam_instance_profile_path" {
  671. description = "Path in which to create the Instance Profile for the EC2 instance (or launch template). Instance Profile IAM Role will share the same path. Ignored if `var.iam_instance_profile_create` is `false`."
  672. default = null
  673. validation {
  674. condition = var.iam_instance_profile_path != null ? can(regex("^(\\x2F$)|(\\x2F[\\x21-\\x7F]+\\x2F)*$", var.iam_instance_profile_path)) : true
  675. error_message = "The var.iam_instance_profile_path must match “^(\\x2F$)|(\\x2F[\\x21-\\x7F]+\\x2F)*$”."
  676. }
  677. }
  678. variable "iam_instance_profile_iam_role_tags" {
  679. description = "Tags to be used for the Instance Profile Role. Will be merged with `var.tags`. Ignored if `var.iam_instance_profile_create` is `false`."
  680. default = {}
  681. }
  682. variable "iam_instance_profile_iam_role_policy_arns" {
  683. description = "ARNs of the IAM Policies to be applied to the IAM Role of the Instance Profile. Ignored if `var.iam_instance_profile_create` is `false`."
  684. type = list(string)
  685. default = []
  686. validation {
  687. condition = ! contains([for i in var.iam_instance_profile_iam_role_policy_arns : can(regex("^arn:aws:iam:([a-z]{2}-[a-z]{4,10}-[1-9]{1})?:([0-9]{12}|aws):policy/[a-zA-Z0-9+=,\\./@-]+$", i))], false)
  688. error_message = "One or more var.iam_instance_profile_iam_role_policy_arns don't match “^arn:aws:iam:([a-z]{2}-[a-z]{4,10}-[1-9]{1})?:([0-9]{12}|aws):policy/[a-zA-Z0-9+=,\\./@-]+$”."
  689. }
  690. }
  691. variable "iam_instance_profile_iam_role_policy_count" {
  692. description = "How many IAM Policy ARNs there are in `var.iam_instance_profile_iam_role_policy_arns`. This value cannot be computed automatically in Terraform 0.13."
  693. type = number
  694. default = 0
  695. validation {
  696. condition = 0 <= var.iam_instance_profile_iam_role_policy_count && var.iam_instance_profile_iam_role_policy_count <= 20
  697. error_message = "The var.iam_instance_profile_iam_role_policy_count must be between 0 and 20."
  698. }
  699. }
  700. variable "iam_instance_profile_iam_role_description" {
  701. description = "Description of the IAM Role to be used by the Instance Profile. Ignored if `var.iam_instance_profile_create` is `false`."
  702. type = string
  703. default = "Instance Profile Role"
  704. validation {
  705. condition = can(regex("^[\\p{L}\\p{M}\\p{Z}\\p{S}\\p{N}\\p{P}]{0,1000}$", var.iam_instance_profile_iam_role_description))
  706. error_message = "The var.iam_instance_profile_iam_role_description must match “^[\\p{L}\\p{M}\\p{Z}\\p{S}\\p{N}\\p{P}]{0,1000}$”."
  707. }
  708. }
  709. variable "iam_instance_profile_iam_role_name" {
  710. description = "Name of the IAM Role to be used by the Instance Profile. If omitted, Terraform will assign a random, unique name. Ignored if `var.iam_instance_profile_create` is `false`."
  711. type = string
  712. default = null
  713. validation {
  714. condition = var.iam_instance_profile_iam_role_name == null || can(regex("^[_+=,\\.@a-zA-Z0-9-]{1,128}$", var.iam_instance_profile_iam_role_name))
  715. error_message = "The var.iam_instance_profile_iam_role_name must match “^[_+=,\\.@a-zA-Z0-9-]{1,128}$”."
  716. }
  717. }
  718. ####
  719. # Elastic IP
  720. ####
  721. variable "extra_network_interface_eips_count" {
  722. description = "How many extra Network Interfaces will have a public Elastic IP. Should be the exact number of `true`s in the `var.extra_network_interface_eips_enabled` list. Ignored if `var.use_autoscaling_group` is `true`."
  723. type = number
  724. default = 0
  725. validation {
  726. condition = 0 <= var.extra_network_interface_eips_count && var.extra_network_interface_eips_count <= 15
  727. error_message = "The var.extra_network_interface_eips_count must be between 0 and 15."
  728. }
  729. }
  730. variable "extra_network_interface_eips_enabled" {
  731. description = "List of boolean that indicates whether or not the extra Network Interface should have an Elastic IP or not. To disable/enable the EIP for specific NICs, use `false`/`true` respectively of the order of extra Network Interfaces. Should have as many `true`s as the number define in `var.extra_network_interface_eips_count`. Ignored if `var.use_autoscaling_group` is `true`."
  732. type = list(bool)
  733. default = []
  734. validation {
  735. condition = 0 <= length(var.extra_network_interface_eips_enabled) && length(var.extra_network_interface_eips_enabled) <= 15
  736. error_message = "The var.extra_network_interface_eips_enabled length must be between 0 and 15."
  737. }
  738. }
  739. ####
  740. # Extra EBS
  741. ####
  742. variable "extra_volume_count" {
  743. description = "Number of extra volumes to create for the EC2 instance (or the launch template)."
  744. default = 0
  745. validation {
  746. condition = var.extra_volume_count <= 11 && var.extra_volume_count >= 0
  747. error_message = "The var.extra_volume_count must be between 0 and 11."
  748. }
  749. }
  750. variable "extra_volume_device_names" {
  751. description = "Device names for the extra volumes to attached to the EC2 instance (or the launch template)."
  752. type = list(string)
  753. default = ["/dev/xvdf1"]
  754. validation {
  755. condition = ! contains([for i in var.extra_volume_device_names : can(regex("^/dev/(sd|xvd|hd)[f-p][1-6]?$", i))], false)
  756. error_message = "One or more of the “var.extra_volume_device_names” does not match “^/dev/(sd|xvd)[f-p][1-6]?$”."
  757. }
  758. }
  759. variable "extra_volume_name" {
  760. description = "Name (tag:Name) of the extra volumes to create. Will be suffixed by numerical digits if `var.use_num_suffix` is `true`. Otherwise, all the extra volumes will share the same name."
  761. type = string
  762. default = "vol"
  763. validation {
  764. condition = 1 <= length(var.extra_volume_name) && length(var.extra_volume_name) <= 128
  765. error_message = "The var.extra_volume_name length must be between 0 and 128."
  766. }
  767. }
  768. variable "extra_volume_sizes" {
  769. description = "Size of the extra volumes for the EC2 instance (or launch template)."
  770. type = list(number)
  771. default = [1]
  772. validation {
  773. condition = ! contains([for i in var.extra_volume_sizes : (i <= 16000 && i >= 1)], false)
  774. error_message = "One or more of the “var.extra_volume_sizes” is not between 1GB and 16TB."
  775. }
  776. }
  777. variable "extra_volume_tags" {
  778. description = "Tags shared by all the extra volumes of the instance or **all** the volumes of a launch template. Will be merged with `var.tags`."
  779. default = {}
  780. }
  781. variable "extra_volume_types" {
  782. description = "The volume types of extra volumes to attach to the EC2 instance (or launch template). Can be `standard`, `gp2`, `io1`, `sc1` or `st1` (Default: `standard`)."
  783. type = list(string)
  784. default = ["gp2"]
  785. validation {
  786. condition = ! contains([for i in var.extra_volume_types : (i == "standard" || i == "gp2" || i == "io1" || i == "sc1" || i == "st1")], false)
  787. error_message = "One or more of the “var.extra_volume_types” is not 'standard', 'gp2', 'io1', 'sc1' or 'st1'."
  788. }
  789. }
  790. ####
  791. # Network Interface
  792. ####
  793. variable "extra_network_interface_count" {
  794. description = "How many extra network interface to create for the EC2 instance. This has no influence on the primary Network Interface. Ignored if `var.use_autoscaling_group` is `true`."
  795. type = number
  796. default = 0
  797. validation {
  798. condition = 0 <= var.extra_network_interface_count && var.extra_network_interface_count <= 15
  799. error_message = "The var.extra_network_interface_count must be between 0 and 15."
  800. }
  801. }
  802. variable "extra_network_interface_name" {
  803. description = "Name (tag:Name) of the extra Network Interfaces for the EC2 instance. Will be suffixed by numerical digits if `var.use_num_suffix` is `true`, otherwise all extra Network Interfaces will have the same name."
  804. default = "nic"
  805. validation {
  806. condition = 1 <= length(var.extra_network_interface_name) && length(var.extra_network_interface_name) <= 128
  807. error_message = "The var.extra_network_interface_name length must be between 0 and 128."
  808. }
  809. }
  810. variable "extra_network_interface_num_suffix_offset" {
  811. description = "The starting point of the numerical suffix for extra Network Interfaces for the EC2 instance. Will combine with `var.num_suffix_offset`. An offset of `1` here and `var.num_suffix_offset` of `2` would mean `var.extra_network_interface_name` suffix starts at `4`. Default value is `1` to let the primary Network Interface have the starting suffix."
  812. type = number
  813. default = 1
  814. validation {
  815. condition = 0 <= var.extra_network_interface_num_suffix_offset && var.extra_network_interface_num_suffix_offset <= 9900
  816. error_message = "The var.extra_network_interface_num_suffix_offset must be between 0 and 9900."
  817. }
  818. }
  819. variable "extra_network_interface_private_ips" {
  820. description = "List of lists containing private IPs to assign to the extra Network Interfaces for the EC2 instance. Each list must correspond to an extra Network Interface, in order."
  821. type = list(list(string))
  822. default = [null]
  823. validation {
  824. condition = var.extra_network_interface_private_ips[0] != null ? ! contains([
  825. for i in flatten(var.extra_network_interface_private_ips) : (
  826. can(regex("^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", i))
  827. )
  828. ], false) : true
  829. error_message = "One or more of the var.extra_network_interface_private_ips does not match “^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$”."
  830. }
  831. }
  832. variable "extra_network_interface_private_ips_counts" {
  833. description = "Number of secondary private IPs to assign to the ENI. The total number of private IPs will be 1 + private_ips_count, as a primary private IP will be assigned to an ENI by default. Make sure you have as many element in the list as ENIs times the number of instances."
  834. type = list(number)
  835. default = [null]
  836. validation {
  837. condition = var.extra_network_interface_private_ips_counts[0] != null ? ! contains([
  838. for i in var.extra_network_interface_private_ips_counts : (0 <= i && i <= 50)
  839. ], false) : true
  840. error_message = "One or more of the var.extra_network_interface_private_ips_counts isn't between 0 and 50."
  841. }
  842. }
  843. variable "extra_network_interface_security_group_count" {
  844. description = "How many Security Groups to attach per extra Network Interface. Must be the number of element of `var.extra_network_interface_security_group_ids`. This cannot be computed automatically in Terraform 0.13."
  845. type = number
  846. default = 0
  847. validation {
  848. condition = 0 <= var.extra_network_interface_security_group_count && var.extra_network_interface_security_group_count <= 16
  849. error_message = "The var.extra_network_interface_security_group_count must be between 0 and 16."
  850. }
  851. }
  852. variable "extra_network_interface_security_group_ids" {
  853. description = "List of Security Group IDs to assign to the extra Network Interfaces for the EC2 instance. All extra Network Interfaces will have the same Security Groups. If not specified, all ENI will have the `default` Security Group of the VPC."
  854. type = list(string)
  855. default = null
  856. validation {
  857. condition = var.extra_network_interface_security_group_ids != null ? ! contains([for i in var.extra_network_interface_security_group_ids : can(regex("^sg-([a-z0-9]{8}|[a-z0-9]{17})$", i))], false) : true
  858. error_message = "One or more of the “var.extra_network_interface_security_group_ids” does not match '^sg-([a-z0-9]{8}|[a-z0-9]{17})$'."
  859. }
  860. }
  861. variable "extra_network_interface_source_dest_checks" {
  862. description = "Whether or not to enable source destination checking for the extra Network Interfaces for the EC2 instance. Default to `true`."
  863. type = list(bool)
  864. default = [null]
  865. }
  866. variable "extra_network_interface_tags" {
  867. description = "Tags for the extra Network Interfaces for the EC2 instance. Will be merged with `var.tags`. These tags will be shared among all extra ENIs."
  868. default = {}
  869. }