This repository has been archived by the owner on Oct 19, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
216 lines (179 loc) · 6.66 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
# -----------------------------------------------------------------------------
# Variables: Common AWS Provider - Autoloaded from Terragrunt
# -----------------------------------------------------------------------------
variable "aws_region" {
description = "The AWS region (e.g. ap-southeast-2). Autoloaded from region.tfvars."
type = string
default = ""
}
variable "aws_account_id" {
description = "The AWS account id of the provider being deployed to (e.g. 12345678). Autoloaded from account.tfvars"
type = string
default = ""
}
variable "aws_assume_role_arn" {
description = "(Optional) - ARN of the IAM role when optionally connecting to AWS via assumed role. Autoloaded from account.tfvars."
type = string
default = ""
}
# -----------------------------------------------------------------------------
# Variables: TF-MOD-AWS-MSK-APACHE-KAFKA-CLUSTER
# -----------------------------------------------------------------------------
variable "cluster_name" {
type = string
description = "(Optional) Name of the MSK cluster. If not provided, will generate a name using the label module"
default = ""
}
variable "kms_key_arn" {
description = "The ARN of the KMS Key to use when encrypting log data. Please note, after the AWS KMS CMK is disassociated from the log group, AWS CloudWatch Logs stops encrypting newly ingested data for the log group. All previously ingested data remains encrypted, and AWS CloudWatch Logs requires permissions for the CMK whenever the encrypted data is requested."
default = ""
}
variable "retention_in_days" {
description = "Number of days you want to retain log events in the log group"
default = "30"
}
variable "number_of_broker_nodes" {
type = number
description = "The desired total number of broker nodes in the kafka cluster. It must be a multiple of the number of specified client subnets."
}
variable "kafka_version" {
type = string
description = "The desired Kafka software version"
}
variable "broker_instance_type" {
type = string
description = "The instance type to use for the Kafka brokers"
}
variable "broker_volume_size" {
type = number
default = 1000
description = "The size in GiB of the EBS volume for the data drive on each broker node"
}
variable "vpc_id" {
type = string
description = "VPC ID where subnets will be created (e.g. `vpc-aceb2723`)"
}
variable "subnet_ids" {
type = list(string)
description = "Subnet IDs for Client Broker"
}
variable "zone_id" {
type = string
description = "Route53 DNS Zone ID for MSK broker hostnames"
default = null
}
variable "use_existing_security_groups" {
type = bool
default = true
description = "Whether to use existing security groups to attach to the cluster"
}
variable "existing_security_groups" {
type = list(string)
default = []
description = "List of security group IDs to be allowed to connect to the cluster"
}
variable "additional_security_groups" {
type = list(string)
default = []
description = "List of additional security group IDs to be allowed to connect to the cluster"
}
variable "security_groups" {
type = list(string)
default = []
description = "List of security group IDs to be allowed to connect to the cluster"
}
variable "allowed_cidr_blocks" {
type = list(string)
default = []
description = "List of CIDR blocks to be allowed to connect to the cluster"
}
variable "client_broker" {
type = string
default = "TLS"
description = "Encryption setting for data in transit between clients and brokers. Valid values: `TLS`, `TLS_PLAINTEXT`, and `PLAINTEXT`"
}
variable "encryption_in_cluster" {
type = bool
default = true
description = "Whether data communication among broker nodes is encrypted"
}
variable "encryption_at_rest_kms_key_arn" {
type = string
default = ""
description = "You may specify a KMS key short ID or ARN (it will always output an ARN) to use for encrypting your data at rest"
}
variable "enhanced_monitoring" {
type = string
default = "DEFAULT"
description = "Specify the desired enhanced MSK CloudWatch monitoring level. Valid values: `DEFAULT`, `PER_BROKER`, and `PER_TOPIC_PER_BROKER`"
}
variable "certificate_authority_arns" {
type = list(string)
default = []
description = "List of ACM Certificate Authority Amazon Resource Names (ARNs) to be used for TLS client authentication"
}
variable "client_sasl_scram_enabled" {
type = bool
default = false
description = "Enables SCRAM client authentication via AWS Secrets Manager."
}
variable "client_sasl_scram_secret_association_arns" {
type = list(string)
default = []
description = "List of AWS Secrets Manager secret ARNs for scram authentication."
}
variable "client_tls_auth_enabled" {
type = bool
default = false
description = "Set `true` to enable the Client TLS Authentication"
}
variable "jmx_exporter_enabled" {
type = bool
default = false
description = "Set `true` to enable the JMX Exporter"
}
variable "node_exporter_enabled" {
type = bool
default = false
description = "Set `true` to enable the Node Exporter"
}
variable "cloudwatch_logs_enabled" {
type = bool
default = false
description = "Indicates whether you want to enable or disable streaming broker logs to Cloudwatch Logs"
}
variable "cloudwatch_logs_log_group" {
type = string
default = null
description = "Name of the Cloudwatch Log Group to deliver logs to"
}
variable "firehose_logs_enabled" {
type = bool
default = false
description = "Indicates whether you want to enable or disable streaming broker logs to Kinesis Data Firehose"
}
variable "firehose_delivery_stream" {
type = string
default = ""
description = "Name of the Kinesis Data Firehose delivery stream to deliver logs to"
}
variable "s3_logs_enabled" {
type = bool
default = false
description = " Indicates whether you want to enable or disable streaming broker logs to S3"
}
variable "s3_logs_bucket" {
type = string
default = ""
description = "Name of the S3 bucket to deliver logs to"
}
variable "s3_logs_prefix" {
type = string
default = ""
description = "Prefix to append to the S3 folder name logs are delivered to"
}
variable "properties" {
type = map(string)
default = {}
description = "Contents of the server.properties file. Supported properties are documented in the [MSK Developer Guide](https://docs.aws.amazon.com/msk/latest/developerguide/msk-configuration-properties.html)"
}