-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathvariables.tf
More file actions
231 lines (192 loc) · 6.48 KB
/
variables.tf
File metadata and controls
231 lines (192 loc) · 6.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
##
# Basic Required Variables for tfscaffold Components
##
variable "project" {
type = string
description = "The name of the tfscaffold project"
}
variable "environment" {
type = string
description = "The name of the tfscaffold environment"
}
variable "aws_account_id" {
type = string
description = "The AWS Account ID (numeric)"
}
variable "region" {
type = string
description = "The AWS Region"
}
variable "group" {
type = string
description = "The group variables are being inherited from (often synonmous with account short-name)"
}
##
# tfscaffold variables specific to this component
##
# This is the only primary variable to have its value defined as
# a default within its declaration in this file, because the variables
# purpose is as an identifier unique to this component, rather
# then to the environment from where all other variables come.
variable "component" {
type = string
description = "The variable encapsulating the name of this component"
default = "supapi"
}
variable "default_tags" {
type = map(string)
description = "A map of default tags to apply to all taggable resources within the component"
default = {}
}
##
# Variables specific to the component
##
variable "ca_pem_filename" {
type = string
description = "Filename for the CA truststore file within the s3 bucket"
default = null
}
variable "commit_id" {
type = string
description = "The commit to deploy. Must be in the tree for branch_name"
default = "HEAD"
}
variable "force_destroy" {
type = bool
description = "Flag to force deletion of S3 buckets"
default = false
}
variable "force_lambda_code_deploy" {
type = bool
description = "If the lambda package in s3 has the same commit id tag as the terraform build branch, the lambda will not update automatically. Set to True if making changes to Lambda code from on the same commit for example during development"
default = false
}
variable "kms_deletion_window" {
type = string
description = "When a kms key is deleted, how long should it wait in the pending deletion state?"
default = "30"
}
variable "letter_table_ttl_hours" {
type = number
description = "Number of hours to set as TTL on letters table"
default = 24
}
variable "log_level" {
type = string
description = "The log level to be used in lambda functions within the component. Any log with a lower severity than the configured value will not be logged: https://docs.python.org/3/library/logging.html#levels"
default = "INFO"
}
variable "log_retention_in_days" {
type = number
description = "The retention period in days for the Cloudwatch Logs events to be retained, default of 0 is indefinite"
default = 0
}
variable "manually_configure_mtls_truststore" {
type = bool
description = "Manually manage the truststore used for API Gateway mTLS (e.g. for prod environment)"
default = false
}
variable "max_get_limit" {
type = number
description = "Default limit to apply to GET requests that support pagination"
default = 2500
}
variable "parent_acct_environment" {
type = string
description = "Name of the environment responsible for the acct resources used, affects things like DNS zone. Useful for named dev environments"
default = "main"
}
variable "shared_infra_account_id" {
type = string
description = "The AWS Account ID of the shared infrastructure account"
default = "000000000000"
}
variable "eventpub_data_plane_bus_arn" {
type = string
description = "ARN of the EventBridge data plane bus for eventpub"
default = ""
}
variable "eventpub_control_plane_bus_arn" {
type = string
description = "ARN of the EventBridge control plane bus for eventpub"
default = ""
}
variable "letter_variant_map" {
type = map(object({ supplierId = string, specId = string }))
default = {
"lv1" = { supplierId = "supplier1", specId = "spec1" },
"lv2" = { supplierId = "supplier1", specId = "spec2" },
"lv3" = { supplierId = "supplier2", specId = "spec3" }
}
}
variable "disable_gateway_execute_endpoint" {
type = bool
description = "Disable the execution endpoint for the API Gateway"
default = true
}
variable "core_account_id" {
type = string
description = "AWS Account ID for Core"
default = "000000000000"
}
variable "core_environment" {
type = string
description = "Environment of Core"
default = "prod"
}
variable "enable_backups" {
type = bool
description = "Enable backups"
default = false
}
# Event Pub/Sub cache settings
variable "enable_event_cache" {
type = bool
description = "Enable caching of events to an S3 bucket"
default = true
}
variable "enable_sns_delivery_logging" {
type = bool
description = "Enable SNS Delivery Failure Notifications"
default = true
}
variable "sns_success_logging_sample_percent" {
type = number
description = "Enable SNS Delivery Successful Sample Percentage"
default = 0
}
variable "letter_event_source" {
type = string
description = "Source value to use for the letter status event updates"
default = "/data-plane/supplier-api/nhs-supplier-api-prod/main/update-status"
}
variable "enable_api_data_trace" {
type = bool
description = "Enable API Gateway data trace logging"
default = false
}
variable "enable_alarms" {
type = bool
description = "Enable CloudWatch alarms for this deployed environment"
default = true
}
variable "enable_event_anomaly_detection" {
type = bool
description = "Enable CloudWatch anomaly detection alarm for SNS message Detects abnormal drops or spikes in event publishing volume."
default = true
}
variable "event_anomaly_evaluation_periods" {
type = number
description = "Number of evaluation periods for the anomaly alarm. Each period is defined by event_anomaly_period."
default = 3
}
variable "event_anomaly_period" {
type = number
description = "The period in seconds over which the specified statistic is applied for anomaly detection. Minimum 300 seconds (5 minutes). Recommended: 300-600."
default = 300
}
variable "event_anomaly_band_width" {
type = number
description = "The width of the anomaly detection band. Higher values (e.g. 4-6) reduce sensitivity and noise, lower values (e.g. 2-3) increase sensitivity. Recommended: 2-4."
default = 4
}