| aws_account_id |
The AWS Account ID (numeric) |
string |
n/a |
yes |
| ca_pem_filename |
Filename for the CA truststore file within the s3 bucket |
string |
null |
no |
| commit_id |
The commit to deploy. Must be in the tree for branch_name |
string |
"HEAD" |
no |
| component |
The variable encapsulating the name of this component |
string |
"supapi" |
no |
| core_account_id |
AWS Account ID for Core |
string |
"000000000000" |
no |
| core_environment |
Environment of Core |
string |
"prod" |
no |
| default_tags |
A map of default tags to apply to all taggable resources within the component |
map(string) |
{} |
no |
| disable_gateway_execute_endpoint |
Disable the execution endpoint for the API Gateway |
bool |
true |
no |
| enable_alarms |
Enable CloudWatch alarms for this deployed environment |
bool |
true |
no |
| enable_api_data_trace |
Enable API Gateway data trace logging |
bool |
false |
no |
| enable_backups |
Enable backups |
bool |
false |
no |
| enable_event_anomaly_detection |
Enable CloudWatch anomaly detection alarm for SNS message Detects abnormal drops or spikes in event publishing volume. |
bool |
true |
no |
| enable_event_cache |
Enable caching of events to an S3 bucket |
bool |
true |
no |
| enable_sns_delivery_logging |
Enable SNS Delivery Failure Notifications |
bool |
true |
no |
| environment |
The name of the tfscaffold environment |
string |
n/a |
yes |
| event_anomaly_band_width |
The width of the anomaly detection band. Higher values (e.g. 4-6) reduce sensitivity and noise, lower values (e.g. 2-3) increase sensitivity. Recommended: 2-4. |
number |
4 |
no |
| event_anomaly_evaluation_periods |
Number of evaluation periods for the anomaly alarm. Each period is defined by event_anomaly_period. |
number |
3 |
no |
| event_anomaly_period |
The period in seconds over which the specified statistic is applied for anomaly detection. Minimum 300 seconds (5 minutes). Recommended: 300-600. |
number |
300 |
no |
| eventpub_control_plane_bus_arn |
ARN of the EventBridge control plane bus for eventpub |
string |
"" |
no |
| eventpub_data_plane_bus_arn |
ARN of the EventBridge data plane bus for eventpub |
string |
"" |
no |
| force_destroy |
Flag to force deletion of S3 buckets |
bool |
false |
no |
| force_lambda_code_deploy |
If the lambda package in s3 has the same commit id tag as the terraform build branch, the lambda will not update automatically. Set to True if making changes to Lambda code from on the same commit for example during development |
bool |
false |
no |
| group |
The group variables are being inherited from (often synonmous with account short-name) |
string |
n/a |
yes |
| kms_deletion_window |
When a kms key is deleted, how long should it wait in the pending deletion state? |
string |
"30" |
no |
| letter_event_source |
Source value to use for the letter status event updates |
string |
"/data-plane/supplier-api/nhs-supplier-api-prod/main/update-status" |
no |
| letter_table_ttl_hours |
Number of hours to set as TTL on letters table |
number |
24 |
no |
| letter_variant_map |
n/a |
map(object({ supplierId = string, specId = string })) |
{
"lv1": {
"specId": "spec1",
"supplierId": "supplier1"
},
"lv2": {
"specId": "spec2",
"supplierId": "supplier1"
},
"lv3": {
"specId": "spec3",
"supplierId": "supplier2"
}
} |
no |
| log_level |
The log level to be used in lambda functions within the component. Any log with a lower severity than the configured value will not be logged: https://docs.python.org/3/library/logging.html#levels |
string |
"INFO" |
no |
| log_retention_in_days |
The retention period in days for the Cloudwatch Logs events to be retained, default of 0 is indefinite |
number |
0 |
no |
| manually_configure_mtls_truststore |
Manually manage the truststore used for API Gateway mTLS (e.g. for prod environment) |
bool |
false |
no |
| max_get_limit |
Default limit to apply to GET requests that support pagination |
number |
2500 |
no |
| parent_acct_environment |
Name of the environment responsible for the acct resources used, affects things like DNS zone. Useful for named dev environments |
string |
"main" |
no |
| project |
The name of the tfscaffold project |
string |
n/a |
yes |
| region |
The AWS Region |
string |
n/a |
yes |
| shared_infra_account_id |
The AWS Account ID of the shared infrastructure account |
string |
"000000000000" |
no |
| sns_success_logging_sample_percent |
Enable SNS Delivery Successful Sample Percentage |
number |
0 |
no |