diff --git a/examples/vpc-transit-gateway-attachment/variables.vpc-transit-gateway.tf b/examples/vpc-transit-gateway-attachment/variables.vpc-transit-gateway.tf index 7f89608..ef6d8a3 100644 --- a/examples/vpc-transit-gateway-attachment/variables.vpc-transit-gateway.tf +++ b/examples/vpc-transit-gateway-attachment/variables.vpc-transit-gateway.tf @@ -1,3 +1,96 @@ +variable "tgw_environment" { + description = "Transit Gateway environment route table (services, dev, test, stage, prod, cre)" + type = string + default = null + + validation { + condition = contains(["services", "dev", "test", "stage", "prod", "cre"], var.tgw_environment) + error_message = "The tgw_environment must contain one of the legal values: services, dev, test, stage, prod, cre" + } +} + +variable "tgw_environment_exists" { + description = "Transit Gateway environment already setup in another VPC (say, for multiple test enviroments but diff vpc like test,ite,qa)" + type = bool + default = false +} + +# example: site=hq, environment=services, sequence=1, bgp_asn_id=asn, ip_address=endpoint-ip-on-prem, tunnel_ips=169.254.x.1/30,169.254.x.2/30, preshared_keys=bob,alice +variable "tgw_vpn_settings" { + description = "Transit Gateway VPN Connection details array of objects" + type = list(object( + { + site = string + environment = string + sequence = number + # region = optional(string) + region = string + bgp_asn_id = number + ip_address = string + tunnel_ips = list(string) + preshared_keys = list(string) + tunnel_interfaces = optional(list(number), [0, 0]) + tunnel_track = optional(list(number), [0, 0]) + tunnel_loopback = optional(number, 0) + # tunnel_interfaces = optional(list(number)) + # tunnel_track = optional(list(number)) + # tunnel_loopback = optional(number) + } + )) + default = [] +} + +variable "tgw_routing_prefix_list" { + description = "Managed prefix list for TGW routing" + type = string + default = "" +} + +variable "tgw_vpn_routing_prefix_list" { + description = "Managed prefix list for TGW VPN routing" + type = string + default = "" +} + +variable "tgw_enable_vpn" { + description = "Enable AWS VPN Configuration on the Transit Gateway (default: false)" + type = bool + default = false +} + +variable "tgw_routing_cidr_blocks" { + description = "List of CIDR blocks for which TGW routing will apply. This would include all of the AWS CIDR blocks, possibly only a 0.0.0.0/0 route, but not any on-prem routes" + type = list(string) + default = [] +} + +variable "tgw_vpn_routing_cidr_blocks" { + description = "List of CIDR blocks for which TGW routing will apply for the VPN learned blocks, specifically on-prem routes. This may be replaced by a 0/0 route in the future" + type = list(string) + default = [] +} + +## # to use the optional(), you have to enable experiments. Probably do not need this at this time +## # see the docs: https://www.terraform.io/language/expressions/type-constraints +## +## terraform { +## experiments = [module_variable_optional_attrs] +## } +## + + +variable "generate_yaml_files" { + description = "Flag to enable or disable generation of YAML file from VPN information" + type = bool + default = true +} + +variable "use_single_cgw" { + description = "Flag to enable or disable the use of a single customer gateway per site vs one per site and VPN" + type = bool + default = false +} + variable "network_account_profile" { description = "AWS profile of the source account sharing the VPC resources" type = string