-
Notifications
You must be signed in to change notification settings - Fork 29
/
Copy pathvariables-function.tf
169 lines (144 loc) · 5.82 KB
/
variables-function.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
variable "function_app_version" {
description = "Version of the function app runtime to use."
type = number
default = 3
nullable = false
}
variable "application_settings" {
description = "Function App application settings."
type = map(string)
default = {}
nullable = false
}
variable "application_settings_drift_ignore" {
description = "Ignore drift from settings manually set."
type = bool
default = true
nullable = false
}
variable "identity_type" {
description = "Add a Managed Identity (MSI) to the function app. Possible values are `SystemAssigned`, `UserAssigned` and `SystemAssigned, UserAssigned` which assigns both a system managed identity as well as the specified user assigned identities."
type = string
default = "SystemAssigned"
}
variable "identity_ids" {
description = "User Assigned Identities IDs to add to Function App. Mandatory if type is `UserAssigned`."
type = list(string)
default = null
}
variable "allowed_ips" {
description = "IPs restriction for Function in CIDR format. [See documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#ip_restriction)."
type = list(string)
default = []
nullable = false
}
variable "allowed_subnet_ids" {
description = "Subnets restriction for Function App. [See documentation](https://www.terraform.io/docs/providers/azurerm/r/function_app.html#ip_restriction)."
type = list(string)
default = []
nullable = false
}
variable "ip_restriction_headers" {
description = "IPs restriction headers for Function. [See documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#headers)."
type = map(list(string))
default = null
}
variable "allowed_service_tags" {
description = "Service Tags restriction for Function App. [See documentation](https://www.terraform.io/docs/providers/azurerm/r/function_app.html#ip_restriction)."
type = list(string)
default = []
nullable = false
}
variable "vnet_integration_subnet_id" {
description = "ID of the subnet to associate with the Function App (Virtual Network integration)."
type = string
default = null
}
variable "site_config" {
description = "Site config for Function App. [See documentation](https://www.terraform.io/docs/providers/azurerm/r/app_service.html#site_config). IP restriction attribute is not managed in this block."
type = any
default = {}
nullable = false
}
variable "sticky_settings" {
description = "Lists of connection strings and app settings to prevent from swapping between slots."
type = object({
app_setting_names = optional(list(string))
connection_string_names = optional(list(string))
})
default = null
}
variable "https_only" {
description = "Whether HTTPS traffic only is enabled."
type = bool
default = true
nullable = false
}
variable "builtin_logging_enabled" {
description = "Whether built-in logging is enabled."
type = bool
default = true
nullable = false
}
variable "client_certificate_enabled" {
description = "Whether the Function App uses client certificates."
type = bool
default = null
}
variable "client_certificate_mode" {
description = "The mode of the Function App's client certificates requirement for incoming requests. Possible values are `Required`, `Optional`, and `OptionalInteractiveUser`."
type = string
default = null
}
variable "application_zip_package_path" {
description = "Local or remote path of a zip package to deploy on the Function App."
type = string
default = null
}
variable "staging_slot_enabled" {
description = "Create a staging slot alongside the Function App for blue/green deployment purposes."
type = bool
default = false
nullable = false
}
variable "staging_slot_custom_application_settings" {
description = "Override staging slot with custom application settings."
type = map(string)
default = null
}
variable "auth_settings_v2" {
description = "Authentication settings V2. [See documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_web_app#auth_settings_v2)."
type = any
default = {}
nullable = false
}
# SCM parameters
variable "scm_allowed_ips" {
description = "SCM IPs restriction for Function App. [See documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#scm_ip_restriction)."
type = list(string)
default = []
nullable = false
}
variable "scm_allowed_subnet_ids" {
description = "SCM subnets restriction for Function App. [See documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#scm_ip_restriction)."
type = list(string)
default = []
nullable = false
}
variable "scm_ip_restriction_headers" {
description = "IPs restriction headers for Function App. [See documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#scm_ip_restriction)."
type = map(list(string))
default = null
}
variable "scm_allowed_service_tags" {
description = "SCM Service Tags restriction for Function App. [See documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#scm_ip_restriction)."
type = list(string)
default = []
nullable = false
}
variable "storage_uses_managed_identity" {
description = "Whether the Function App use Managed Identity to access the Storage Account. **Caution** This disable the storage keys on the Storage Account if created within the module."
type = bool
default = false
nullable = false
}