-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
154 lines (129 loc) · 3.56 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
# Basics
variable "resource_group_name"{
description = "Resource group name"
type = string
}
variable "location" {
description = "Azure Region"
type = string
}
variable "names" {
description = "names to be applied to resources"
type = map(string)
}
variable "tags" {
description = "tags to be applied to resources"
type = map(string)
}
# Kubernetes
variable "kubernetes_namespace" {
description = "kubernetes namespace where vault will be installed"
type = string
default = "default"
}
variable "kubernetes_node_selector" {
description = "kubernetes node selector labels"
type = map(string)
default = {}
}
# AAD
variable "identity_name" {
description = "name for Azure identity to be used by AAD"
type = string
default = "aks-aad"
}
variable "vault_helm_chart_version" {
description = "version of vault helm chart to use"
type = string
default = "0.6.0"
}
variable "vault_version" {
description = "version of Vault to install"
type = string
default = "1.4.2"
}
variable "vault_agent_injector_enabled" {
description = "enable Vault Agent Injector"
type = bool
default = true
}
variable "vault_agent_injector_version" {
description = "version of Vault Agent Injector to install"
type = string
default = "0.3.0"
}
variable "vault_agent_injector_sidecar_version" {
description = "version of Vault Agent Injectort sidecar to install (defaults to <vault_version>)"
type = string
default = ""
}
variable "vault_enable_ha" {
description = "enable ha (clustering)"
type = bool
default = true
}
variable "vault_enable_raft_backend" {
description = "enable raft storage backend"
type = bool
default = true
}
variable "vault_enable_ui" {
description = "enable vault ui"
type = bool
default = true
}
variable "vault_enable_data_storage" {
description = "enable data storage for raft/file storage backend"
type = bool
default = true
}
variable "vault_data_storage_class" {
description = "kubernetes storage class to use for vault data"
type = string
default = "null"
}
variable "vault_data_storage_size" {
description = "vault data storage size"
type = string
default = "10Gi"
}
variable "vault_enable_audit_storage" {
description = "kubernetes storage class to use for vault audit logs"
type = string
default = false
}
variable "vault_audit_storage_class" {
description = "kubernetes storage class to use for vault audit logs"
type = string
default = "null"
}
variable "vault_audit_storage_size" {
description = "vault audit storage size"
type = string
default = "10Gi"
}
variable "vault_audit_data_storage_size" {
description = "vault audit logs storage size"
type = string
default = "10Gi"
}
variable "vault_ingress_enabled" {
description = "enable ingress controller"
type = bool
default = false
}
variable "vault_ingress_hostname" {
description = "hostname for the ingress controller"
type = string
default = ""
}
variable "vault_ingress_tls_secret_name" {
description = "enable ingress controller"
type = string
default = ""
}
variable "additional_yaml_config" {
description = "yaml config for helm chart to be processed last"
type = string
default = ""
}