add column 'verified' to cloud-resources-list.md (#553)
* add column 'valid' to cloud-resources-list.md Signed-off-by: Nicola115 <2225992901@qq.com> * update current definitions to v-1.2 Signed-off-by: Nicola115 <2225992901@qq.com> * change Valid to Verified Signed-off-by: Nicola115 <2225992901@qq.com> * sort provider name and resource name by alphabetical order Signed-off-by: Nicola115 <2225992901@qq.com>
This commit is contained in:
Avery
GitHub
parent
eb25bbd340
commit
62da024433
|
|
@ -2,181 +2,181 @@
|
||||||
title: Supported Cloud Resource list
|
title: Supported Cloud Resource list
|
||||||
---
|
---
|
||||||
|
|
||||||
| Orchestration Type | Cloud Provider | Cloud Resource | Description |
|
| Orchestration Type | Cloud Provider | Cloud Resource | Description | Verified |
|
||||||
|--------------------|-----------------------|-----------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
|--------------------|-----------------------|-----------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------|
|
||||||
| Terraform | Alibaba Cloud | [ack](./terraform/alibaba-ack.md) | Terraform configuration for Alibaba Cloud ACK cluster |
|
|Terraform|AWS| [acm](./terraform/aws-acm.md) | Terraform module which creates and validates ACM certificate | false |
|
||||||
| | | [amqp](./terraform/alibaba-amqp.md) | Terraform configuration for Alibaba Cloud AMQP(RabbitMQ) |
|
| | | [alb](./terraform/aws-alb.md) | Terraform module to create an AWS Application/Network Load Balancer (ALB/NLB) and associated resources | false |
|
||||||
| | | [ask](./terraform/alibaba-ask.md) | Terraform configuration for Alibaba Cloud Serverless Kubernetes (ASK) |
|
| | | [autoscaling](./terraform/aws-autoscaling.md) | Terraform module which creates Auto Scaling resources on AWS | false |
|
||||||
| | | [deploy website](./terraform/alibaba-deploy-website.md) | Deploy a Static Website in object stroage, like S3 and OSS |
|
| | | [bridgecrew read only](./terraform/aws-bridgecrew-read-only.md) | Bridgecrew READ ONLY integration module | false |
|
||||||
| | | [dns](./terraform/alibaba-dns.md) | Terraform configuration for Alibaba Cloud DNS |
|
| | | [cis alarms](./terraform/aws-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS | false |
|
||||||
| | | [eip slb ecs rds](./terraform/alibaba-eip-slb-ecs-rds.md) | Create a lightweight web service based on Terraform under AliCloud's VPC, including: EIP, SLB, ECS, RDS |
|
| | | [cloudfront](./terraform/aws-cloudfront.md) | Terraform module which creates CloudFront resources on AWS | false |
|
||||||
| | | [eip](./terraform/alibaba-eip.md) | Terraform configuration for Alibaba Cloud Elastic IP |
|
| | | [cloudfront s3 cdn](./terraform/aws-cloudfront-s3-cdn.md) | Terraform module to easily provision CloudFront CDN backed by an S3 origin | false |
|
||||||
| | | [kms](./terraform/alibaba-kms.md) | Create KMS on AliCloud based on Terraform module |
|
| | | [cloudwatch cis alarms](./terraform/aws-cloudwatch-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS | false |
|
||||||
| | | [kubernetes networking](./terraform/alibaba-kubernetes-networking.md) | Create a set of network environment related resources for Kubernetes clusters on AliCloud based on Terraform module |
|
| | | [cloudwatch log group](./terraform/aws-cloudwatch-log-group.md) | | false |
|
||||||
| | | [market tensorflow](./terraform/alibaba-market-tensorflow.md) | Based on Terraform module, create ECS instances on Ali cloud to achieve one-click deployment of cloud marketplace Tensorflow |
|
| | | [cloudwatch log metric filter](./terraform/aws-cloudwatch-log-metric-filter.md) | | false |
|
||||||
| | | [mns queue](./terraform/alibaba-mns-queue.md) | Create a queue instance based on the Terraform module |
|
| | | [cloudwatch metric alarm](./terraform/aws-cloudwatch-metric-alarm.md) | | false |
|
||||||
| | | [mns topic](./terraform/alibaba-mns-topic.md) | Create a topic and a subscription based on Terraform module |
|
| | | [cloudwatch metric alarms](./terraform/aws-cloudwatch-metric-alarms.md) | | false |
|
||||||
| | | [mongodb multi](./terraform/alibaba-mongodb-multi.md) | Terraform-based module for creating a MongoDB cloud database under AliCloud VPC |
|
| | | [cloudwatch metric alarms by multiple dimensions](./terraform/aws-cloudwatch-metric-alarms-by-multiple-dimensions.md) | | false |
|
||||||
| | | [mongodb](./terraform/alibaba-mongodb.md) | Alibaba Cloud MongoDB |
|
| | | [config](./terraform/aws-config.md) | This module configures AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. | false |
|
||||||
| | | [mse](./terraform/alibaba-mse.md) | Terraform configuration for Alibaba Cloud MSE |
|
| | | [delegation sets](./terraform/aws-delegation-sets.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [nas](./terraform/alibaba-nas.md) | Terraform configuration for Alicloud NAS |
|
| | | [dynamodb table](./terraform/aws-dynamodb-table.md) | Terraform module which creates DynamoDB table on AWS | false |
|
||||||
| | | [network with nat](./terraform/alibaba-network-with-nat.md) | Build VPC and Nat gateway network environment and bind EIP, add SNAT and DNAT entries on AliCloud based on Terraform module |
|
| | | [ec2 instance](./terraform/aws-ec2-instance.md) | Terraform module which creates EC2 instance(s) on AWS | false |
|
||||||
| | | [oss website](./terraform/alibaba-oss-website.md) | Alibaba Cloud OSS static webstie bucket |
|
| | | [ecs](./terraform/aws-ecs.md) | Terraform module which creates AWS ECS resources | false |
|
||||||
| | | [oss](./terraform/alibaba-oss.md) | Terraform configuration for Alibaba Cloud OSS |
|
| | | [ecs container definition](./terraform/aws-ecs-container-definition.md) | Terraform module to generate well-formed JSON documents (container definitions) that are passed to the aws_ecs_task_definition Terraform resource | false |
|
||||||
| | | [private zone](./terraform/alibaba-private-zone.md) | Terraform-based modules are used to create a Private Zone on AliCloud, while you can add records to the Zone and associate it with a VPC |
|
| | | [eks](./terraform/aws-eks.md) | Terraform module to create an Elastic Kubernetes (EKS) cluster and associated worker instances on AWS | false |
|
||||||
| | | [rabbitmq](./terraform/alibaba-rabbitmq.md) | Create a RabbitMQ based on Terraform module in Ali cloud |
|
| | | [eks cluster autoscaler](./terraform/aws-eks-cluster-autoscaler.md) | AWS Eks-Cluster-Autoscaler | false |
|
||||||
| | | [ram fc](./terraform/alibaba-ram-fc.md) | Create a functional computing service based on Terraform under AliCloud's RAM role |
|
| | | [eks external dns](./terraform/aws-eks-external-dns.md) | AWS Eks-External-Dns | false |
|
||||||
| | | [ram](./terraform/alibaba-ram.md) | Create RAM User instances on AliCloud based on Terraform module |
|
| | | [eks kube state metrics](./terraform/aws-eks-kube-state-metrics.md) | AWS Eks-Kube-State-Metrics | false |
|
||||||
| | | [rds preview](./terraform/alibaba-rds-preview.md) | Alibaba RDS in a preview mode |
|
| | | [eks node problem detector](./terraform/aws-eks-node-problem-detector.md) | A terraform module to deploy a node problem detector on Amazon EKS cluster | false |
|
||||||
| | | [rds](./terraform/alibaba-rds.md) | Terraform configuration for Alibaba Cloud RDS |
|
| | | [elasticache redis](./terraform/aws-elasticache-redis.md) | Terraform module to provision an ElastiCache Redis Cluster | false |
|
||||||
| | | [redis](./terraform/alibaba-redis.md) | Terraform configuration for Alibaba Cloud Redis |
|
| | | [elb](./terraform/aws-elb.md) | Terraform module which creates ELB resources on AWS | false |
|
||||||
| | | [remote backend](./terraform/alibaba-remote-backend.md) | Deploy remote backend storage in Aliyun based on Terraform module |
|
| | | [emr](./terraform/aws-emr.md) | Terraform module which creates EMR on AWS | false |
|
||||||
| | | [rocketmq](./terraform/alibaba-rocketmq.md) | Terraform configuration for Alibaba Cloud RocketMQ |
|
| | | [guardduty](./terraform/aws-guardduty.md) | Terraform module to provision AWS Guard Duty | false |
|
||||||
| | | [sae application](./terraform/alibaba-sae-application.md) | Alibaba SAE application |
|
| | | [iam account](./terraform/aws-iam-account.md) | Terraform module which creates IAM resources on AWS | false |
|
||||||
| | | [sae auto config application](./terraform/alibaba-sae-auto-config-application.md) | Alibaba SAE application to be deployed in auto-config mode |
|
| | | [iam assumable role](./terraform/aws-iam-assumable-role.md) | | false |
|
||||||
| | | [sae namespace](./terraform/alibaba-sae-namespace.md) | Alibaba SAE namespace |
|
| | | [iam assumable role with oidc](./terraform/aws-iam-assumable-role-with-oidc.md) | | false |
|
||||||
| | | [security group](./terraform/alibaba-security-group.md) | Terraform configuration for Alicloud SecurityGroup |
|
| | | [iam assumable role with saml](./terraform/aws-iam-assumable-role-with-saml.md) | | false |
|
||||||
| | | [slb acl](./terraform/alibaba-slb-acl.md) | Terraform-based module supports creating access control lists for load balancers |
|
| | | [iam assumable roles](./terraform/aws-iam-assumable-roles.md) | | false |
|
||||||
| | | [slb listener](./terraform/alibaba-slb-listener.md) | Quickly create slb listeners resources on AliCloud based on Terraform module |
|
| | | [iam assumable roles with saml](./terraform/aws-iam-assumable-roles-with-saml.md) | | false |
|
||||||
| | | [slb rule](./terraform/alibaba-slb-rule.md) | Terraform-based module creates an SLB instance under AliCloud's VPC and configures rules |
|
| | | [iam eks role](./terraform/aws-iam-eks-role.md) | | false |
|
||||||
| | | [slb](./terraform/alibaba-slb.md) | Terraform configuration for Alicloud SLB |
|
| | | [iam group with assumable roles policy](./terraform/aws-iam-group-with-assumable-roles-policy.md) | | false |
|
||||||
| | | [sls project](./terraform/alibaba-sls-project.md) | Terraform configuration for Alibaba Cloud SLS Project |
|
| | | [iam group with policies](./terraform/aws-iam-group-with-policies.md) | | false |
|
||||||
| | | [sls store](./terraform/alibaba-sls-store.md) | Terraform configuration for Alibaba Cloud SLS Store |
|
| | | [iam nofile](./terraform/aws-iam-nofile.md) | Terraform module Terraform module for creating AWS IAM Roles with heredocs | false |
|
||||||
| | | [vpc ecs eip](./terraform/alibaba-vpc-ecs-eip.md) | Create a lightweight WEB service based on Terraform under AliCloud's VPC, including: VPC, ECS, EIP |
|
| | | [iam policy](./terraform/aws-iam-policy.md) | Terraform module which creates IAM resources on AWS | false |
|
||||||
| | | [vpc privatelink connection](./terraform/alibaba-vpc-privatelink-connection.md) | Terraform-based for creating VPC networks in AliCloud and creating private network links |
|
| | | [iam policy document aggregator](./terraform/aws-iam-policy-document-aggregator.md) | Terraform module to aggregate multiple IAM policy documents into single policy document. | false |
|
||||||
| | | [vpc](./terraform/alibaba-vpc.md) | Terraform configuration for Alibaba Cloud VPC |
|
| | | [iam read only policy](./terraform/aws-iam-read-only-policy.md) | | false |
|
||||||
| | | [vpn gateway](./terraform/alibaba-vpn-gateway.md) | Create VPN resources on AliCloud based on Terraform module |
|
| | | [iam role](./terraform/aws-iam-role.md) | A Terraform module that creates IAM role with provided JSON IAM polices documents. | false |
|
||||||
| | | [vswitch](./terraform/alibaba-vswitch.md) | Terraform configuration for Alibaba Cloud VSwitch |
|
| | | [iam s3 user](./terraform/aws-iam-s3-user.md) | Terraform module to provision a basic IAM user with permissions to access S3 resources, e.g. to give the user read/write/delete access to the objects in an S3 bucket | false |
|
||||||
| | AWS | [acm](./terraform/aws-acm.md) | Terraform module which creates and validates ACM certificate |
|
| | | [iam system user](./terraform/aws-iam-system-user.md) | Terraform Module to Provision a Basic IAM System User Suitable for CI/CD Systems (E.g. TravisCI, CircleCI) | false |
|
||||||
| | | [alb](./terraform/aws-alb.md) | Terraform module to create an AWS Application/Network Load Balancer (ALB/NLB) and associated resources |
|
| | | [iam user](./terraform/aws-iam-user.md) | Terraform module which creates IAM resources on AWS | false |
|
||||||
| | | [autoscaling](./terraform/aws-autoscaling.md) | Terraform module which creates Auto Scaling resources on AWS |
|
| | | [key pair](./terraform/aws-key-pair.md) | Terraform module which creates EC2 key pair on AWS | false |
|
||||||
| | | [bridgecrew read only](./terraform/aws-bridgecrew-read-only.md) | Bridgecrew READ ONLY integration module |
|
| | | [kms key](./terraform/aws-kms-key.md) | Terraform module to provision a KMS key with alias | false |
|
||||||
| | | [cis alarms](./terraform/aws-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS |
|
| | | [lambda](./terraform/aws-lambda.md) | Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations | false |
|
||||||
| | | [cloudfront s3 cdn](./terraform/aws-cloudfront-s3-cdn.md) | Terraform module to easily provision CloudFront CDN backed by an S3 origin |
|
| | | [lambda do it all](./terraform/aws-lambda-do-it-all.md) | Terraform module to provision a lambda with full permissions | false |
|
||||||
| | | [cloudfront](./terraform/aws-cloudfront.md) | Terraform module which creates CloudFront resources on AWS |
|
| | | [lambda with inline code](./terraform/aws-lambda-with-inline-code.md) | Terraform module creating a Lambda function with inline code | false |
|
||||||
| | | [cloudwatch cis alarms](./terraform/aws-cloudwatch-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS |
|
| | | [log group](./terraform/aws-log-group.md) | Terraform module which creates Cloudwatch resources on AWS | false |
|
||||||
| | | [cloudwatch log group](./terraform/aws-cloudwatch-log-group.md) | |
|
| | | [log metric filter](./terraform/aws-log-metric-filter.md) | | false |
|
||||||
| | | [cloudwatch log metric filter](./terraform/aws-cloudwatch-log-metric-filter.md) | |
|
| | | [metric alarm](./terraform/aws-metric-alarm.md) | | false |
|
||||||
| | | [cloudwatch metric alarm](./terraform/aws-cloudwatch-metric-alarm.md) | |
|
| | | [metric alarms by multiple dimensions](./terraform/aws-metric-alarms-by-multiple-dimensions.md) | | false |
|
||||||
| | | [cloudwatch metric alarms by multiple dimensions](./terraform/aws-cloudwatch-metric-alarms-by-multiple-dimensions.md) | |
|
| | | [mq](./terraform/aws-mq.md) | AWS MQ | false |
|
||||||
| | | [cloudwatch metric alarms](./terraform/aws-cloudwatch-metric-alarms.md) | |
|
| | | [notify slack](./terraform/aws-notify-slack.md) | Terraform module which creates SNS topic and Lambda function which sends notifications to Slack | false |
|
||||||
| | | [config](./terraform/aws-config.md) | This module configures AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. |
|
| | | [rds](./terraform/aws-rds.md) | AWS RDS | false |
|
||||||
| | | [delegation sets](./terraform/aws-delegation-sets.md) | Terraform module which creates Route53 resources on AWS |
|
| | | [rds aurora](./terraform/aws-rds-aurora.md) | Terraform module which creates RDS Aurora resources on AWS | false |
|
||||||
| | | [dynamodb table](./terraform/aws-dynamodb-table.md) | Terraform module which creates DynamoDB table on AWS |
|
| | | [records](./terraform/aws-records.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [ec2 instance](./terraform/aws-ec2-instance.md) | Terraform module which creates EC2 instance(s) on AWS |
|
| | | [route53 alias](./terraform/aws-route53-alias.md) | Terraform Module to Define Vanity Host/Domain (e.g. ) as an ALIAS record | false |
|
||||||
| | | [ecs container definition](./terraform/aws-ecs-container-definition.md) | Terraform module to generate well-formed JSON documents (container definitions) that are passed to the aws_ecs_task_definition Terraform resource |
|
| | | [route53 cluster hostname](./terraform/aws-route53-cluster-hostname.md) | Terraform module to define a consistent AWS Route53 hostname | false |
|
||||||
| | | [ecs](./terraform/aws-ecs.md) | Terraform module which creates AWS ECS resources |
|
| | | [route53 delegation sets](./terraform/aws-route53-delegation-sets.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [eks cluster autoscaler](./terraform/aws-eks-cluster-autoscaler.md) | AWS Eks-Cluster-Autoscaler |
|
| | | [route53 records](./terraform/aws-route53-records.md) | | false |
|
||||||
| | | [eks external dns](./terraform/aws-eks-external-dns.md) | AWS Eks-External-Dns |
|
| | | [route53 zones](./terraform/aws-route53-zones.md) | | false |
|
||||||
| | | [eks kube state metrics](./terraform/aws-eks-kube-state-metrics.md) | AWS Eks-Kube-State-Metrics |
|
| | | [s3](./terraform/aws-s3.md) | Terraform configuration for AWS S3 | false |
|
||||||
| | | [eks node problem detector](./terraform/aws-eks-node-problem-detector.md) | A terraform module to deploy a node problem detector on Amazon EKS cluster |
|
| | | [s3 log storage](./terraform/aws-s3-log-storage.md) | This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrail | false |
|
||||||
| | | [eks](./terraform/aws-eks.md) | Terraform module to create an Elastic Kubernetes (EKS) cluster and associated worker instances on AWS |
|
| | | [secretsmanager for rollbar access tokens](./terraform/aws-secretsmanager-for-rollbar-access-tokens.md) | Terraform module creating a SecretsManager for Rollbar project access tokens | false |
|
||||||
| | | [elasticache redis](./terraform/aws-elasticache-redis.md) | Terraform module to provision an ElastiCache Redis Cluster |
|
| | | [security group](./terraform/aws-security-group.md) | Terraform module which creates EC2-VPC security groups on AWS | false |
|
||||||
| | | [elb](./terraform/aws-elb.md) | Terraform module which creates ELB resources on AWS |
|
| | | [security hub](./terraform/aws-security-hub.md) | Terraform module to provision AWS Security Hub | false |
|
||||||
| | | [emr](./terraform/aws-emr.md) | Terraform module which creates EMR on AWS |
|
| | | [sns topic](./terraform/aws-sns-topic.md) | Terraform Module to Provide an Amazon Simple Notification Service (SNS) | false |
|
||||||
| | | [guardduty](./terraform/aws-guardduty.md) | Terraform module to provision AWS Guard Duty |
|
| | | [sqs](./terraform/aws-sqs.md) | Terraform module which creates SQS resources on AWS | false |
|
||||||
| | | [iam account](./terraform/aws-iam-account.md) | Terraform module which creates IAM resources on AWS |
|
| | | [ssm parameter store](./terraform/aws-ssm-parameter-store.md) | Terraform module to populate AWS Systems Manager (SSM) Parameter Store with values from Terraform. Works great with Chamber. | false |
|
||||||
| | | [iam assumable role with oidc](./terraform/aws-iam-assumable-role-with-oidc.md) | |
|
| | | [subnet](./terraform/aws-subnet.md) | AWS Subnet | false |
|
||||||
| | | [iam assumable role with saml](./terraform/aws-iam-assumable-role-with-saml.md) | |
|
| | | [utils](./terraform/aws-utils.md) | Utility functions for use with Terraform in the AWS environment | false |
|
||||||
| | | [iam assumable role](./terraform/aws-iam-assumable-role.md) | |
|
| | | [vpc](./terraform/aws-vpc.md) | AWS VPC | false |
|
||||||
| | | [iam assumable roles with saml](./terraform/aws-iam-assumable-roles-with-saml.md) | |
|
| | | [zones](./terraform/aws-zones.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [iam assumable roles](./terraform/aws-iam-assumable-roles.md) | |
|
| |Alibaba Cloud| [ack](./terraform/alibaba-ack.md) | Terraform configuration for Alibaba Cloud ACK cluster | true |
|
||||||
| | | [iam eks role](./terraform/aws-iam-eks-role.md) | |
|
| | | [amqp](./terraform/alibaba-amqp.md) | Terraform configuration for Alibaba Cloud AMQP(RabbitMQ) | false |
|
||||||
| | | [iam group with assumable roles policy](./terraform/aws-iam-group-with-assumable-roles-policy.md) | |
|
| | | [ask](./terraform/alibaba-ask.md) | Terraform configuration for Alibaba Cloud Serverless Kubernetes (ASK) | true |
|
||||||
| | | [iam group with policies](./terraform/aws-iam-group-with-policies.md) | |
|
| | | [deploy website](./terraform/alibaba-deploy-website.md) | Deploy a Static Website in object stroage, like S3 and OSS | false |
|
||||||
| | | [iam nofile](./terraform/aws-iam-nofile.md) | Terraform module Terraform module for creating AWS IAM Roles with heredocs |
|
| | | [dns](./terraform/alibaba-dns.md) | Terraform configuration for Alibaba Cloud DNS | false |
|
||||||
| | | [iam policy document aggregator](./terraform/aws-iam-policy-document-aggregator.md) | Terraform module to aggregate multiple IAM policy documents into single policy document. |
|
| | | [eip](./terraform/alibaba-eip.md) | Terraform configuration for Alibaba Cloud Elastic IP | true |
|
||||||
| | | [iam policy](./terraform/aws-iam-policy.md) | Terraform module which creates IAM resources on AWS |
|
| | | [eip slb ecs rds](./terraform/alibaba-eip-slb-ecs-rds.md) | Create a lightweight web service based on Terraform under AliCloud's VPC, including: EIP, SLB, ECS, RDS | false |
|
||||||
| | | [iam read only policy](./terraform/aws-iam-read-only-policy.md) | |
|
| | | [kms](./terraform/alibaba-kms.md) | Create KMS on AliCloud based on Terraform module | false |
|
||||||
| | | [iam role](./terraform/aws-iam-role.md) | A Terraform module that creates IAM role with provided JSON IAM polices documents. |
|
| | | [kubernetes networking](./terraform/alibaba-kubernetes-networking.md) | Create a set of network environment related resources for Kubernetes clusters on AliCloud based on Terraform module | false |
|
||||||
| | | [iam s3 user](./terraform/aws-iam-s3-user.md) | Terraform module to provision a basic IAM user with permissions to access S3 resources, e.g. to give the user read/write/delete access to the objects in an S3 bucket |
|
| | | [market tensorflow](./terraform/alibaba-market-tensorflow.md) | Based on Terraform module, create ECS instances on Ali cloud to achieve one-click deployment of cloud marketplace Tensorflow | false |
|
||||||
| | | [iam system user](./terraform/aws-iam-system-user.md) | Terraform Module to Provision a Basic IAM System User Suitable for CI/CD Systems (E.g. TravisCI, CircleCI) |
|
| | | [mns queue](./terraform/alibaba-mns-queue.md) | Create a queue instance based on the Terraform module | false |
|
||||||
| | | [iam user](./terraform/aws-iam-user.md) | Terraform module which creates IAM resources on AWS |
|
| | | [mns topic](./terraform/alibaba-mns-topic.md) | Create a topic and a subscription based on Terraform module | false |
|
||||||
| | | [key pair](./terraform/aws-key-pair.md) | Terraform module which creates EC2 key pair on AWS |
|
| | | [mongodb](./terraform/alibaba-mongodb.md) | Alibaba Cloud MongoDB | false |
|
||||||
| | | [kms key](./terraform/aws-kms-key.md) | Terraform module to provision a KMS key with alias |
|
| | | [mongodb multi](./terraform/alibaba-mongodb-multi.md) | Terraform-based module for creating a MongoDB cloud database under AliCloud VPC | false |
|
||||||
| | | [lambda do it all](./terraform/aws-lambda-do-it-all.md) | Terraform module to provision a lambda with full permissions |
|
| | | [mse](./terraform/alibaba-mse.md) | Terraform configuration for Alibaba Cloud MSE | false |
|
||||||
| | | [lambda with inline code](./terraform/aws-lambda-with-inline-code.md) | Terraform module creating a Lambda function with inline code |
|
| | | [nas](./terraform/alibaba-nas.md) | Terraform configuration for Alicloud NAS | false |
|
||||||
| | | [lambda](./terraform/aws-lambda.md) | Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations |
|
| | | [network with nat](./terraform/alibaba-network-with-nat.md) | Build VPC and Nat gateway network environment and bind EIP, add SNAT and DNAT entries on AliCloud based on Terraform module | false |
|
||||||
| | | [log group](./terraform/aws-log-group.md) | Terraform module which creates Cloudwatch resources on AWS |
|
| | | [oss](./terraform/alibaba-oss.md) | Terraform configuration for Alibaba Cloud OSS | true |
|
||||||
| | | [log metric filter](./terraform/aws-log-metric-filter.md) | |
|
| | | [oss website](./terraform/alibaba-oss-website.md) | Alibaba Cloud OSS static webstie bucket | false |
|
||||||
| | | [metric alarm](./terraform/aws-metric-alarm.md) | |
|
| | | [private zone](./terraform/alibaba-private-zone.md) | Terraform-based modules are used to create a Private Zone on AliCloud, while you can add records to the Zone and associate it with a VPC | false |
|
||||||
| | | [metric alarms by multiple dimensions](./terraform/aws-metric-alarms-by-multiple-dimensions.md) | |
|
| | | [rabbitmq](./terraform/alibaba-rabbitmq.md) | Create a RabbitMQ based on Terraform module in Ali cloud | false |
|
||||||
| | | [mq](./terraform/aws-mq.md) | AWS MQ |
|
| | | [ram](./terraform/alibaba-ram.md) | Create RAM User instances on AliCloud based on Terraform module | false |
|
||||||
| | | [notify slack](./terraform/aws-notify-slack.md) | Terraform module which creates SNS topic and Lambda function which sends notifications to Slack |
|
| | | [ram fc](./terraform/alibaba-ram-fc.md) | Create a functional computing service based on Terraform under AliCloud's RAM role | false |
|
||||||
| | | [rds aurora](./terraform/aws-rds-aurora.md) | Terraform module which creates RDS Aurora resources on AWS |
|
| | | [rds](./terraform/alibaba-rds.md) | Terraform configuration for Alibaba Cloud RDS | true |
|
||||||
| | | [rds](./terraform/aws-rds.md) | AWS RDS |
|
| | | [rds preview](./terraform/alibaba-rds-preview.md) | Alibaba RDS in a preview mode | true |
|
||||||
| | | [records](./terraform/aws-records.md) | Terraform module which creates Route53 resources on AWS |
|
| | | [redis](./terraform/alibaba-redis.md) | Terraform configuration for Alibaba Cloud Redis | true |
|
||||||
| | | [route53 alias](./terraform/aws-route53-alias.md) | Terraform Module to Define Vanity Host/Domain (e.g. ) as an ALIAS record |
|
| | | [remote backend](./terraform/alibaba-remote-backend.md) | Deploy remote backend storage in Aliyun based on Terraform module | false |
|
||||||
| | | [route53 cluster hostname](./terraform/aws-route53-cluster-hostname.md) | Terraform module to define a consistent AWS Route53 hostname |
|
| | | [rocketmq](./terraform/alibaba-rocketmq.md) | Terraform configuration for Alibaba Cloud RocketMQ | false |
|
||||||
| | | [route53 delegation sets](./terraform/aws-route53-delegation-sets.md) | Terraform module which creates Route53 resources on AWS |
|
| | | [sae application](./terraform/alibaba-sae-application.md) | Alibaba SAE application | false |
|
||||||
| | | [route53 records](./terraform/aws-route53-records.md) | |
|
| | | [sae auto config application](./terraform/alibaba-sae-auto-config-application.md) | Alibaba SAE application to be deployed in auto-config mode | false |
|
||||||
| | | [route53 zones](./terraform/aws-route53-zones.md) | |
|
| | | [sae namespace](./terraform/alibaba-sae-namespace.md) | Alibaba SAE namespace | false |
|
||||||
| | | [s3 log storage](./terraform/aws-s3-log-storage.md) | This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrail |
|
| | | [security group](./terraform/alibaba-security-group.md) | Terraform configuration for Alicloud SecurityGroup | false |
|
||||||
| | | [s3](./terraform/aws-s3.md) | Terraform configuration for AWS S3 |
|
| | | [slb](./terraform/alibaba-slb.md) | Terraform configuration for Alicloud SLB | false |
|
||||||
| | | [secretsmanager for rollbar access tokens](./terraform/aws-secretsmanager-for-rollbar-access-tokens.md) | Terraform module creating a SecretsManager for Rollbar project access tokens |
|
| | | [slb acl](./terraform/alibaba-slb-acl.md) | Terraform-based module supports creating access control lists for load balancers | false |
|
||||||
| | | [security group](./terraform/aws-security-group.md) | Terraform module which creates EC2-VPC security groups on AWS |
|
| | | [slb listener](./terraform/alibaba-slb-listener.md) | Quickly create slb listeners resources on AliCloud based on Terraform module | false |
|
||||||
| | | [security hub](./terraform/aws-security-hub.md) | Terraform module to provision AWS Security Hub |
|
| | | [slb rule](./terraform/alibaba-slb-rule.md) | Terraform-based module creates an SLB instance under AliCloud's VPC and configures rules | false |
|
||||||
| | | [sns topic](./terraform/aws-sns-topic.md) | Terraform Module to Provide an Amazon Simple Notification Service (SNS) |
|
| | | [sls project](./terraform/alibaba-sls-project.md) | Terraform configuration for Alibaba Cloud SLS Project | true |
|
||||||
| | | [sqs](./terraform/aws-sqs.md) | Terraform module which creates SQS resources on AWS |
|
| | | [sls store](./terraform/alibaba-sls-store.md) | Terraform configuration for Alibaba Cloud SLS Store | true |
|
||||||
| | | [ssm parameter store](./terraform/aws-ssm-parameter-store.md) | Terraform module to populate AWS Systems Manager (SSM) Parameter Store with values from Terraform. Works great with Chamber. |
|
| | | [vpc](./terraform/alibaba-vpc.md) | Terraform configuration for Alibaba Cloud VPC | true |
|
||||||
| | | [subnet](./terraform/aws-subnet.md) | AWS Subnet |
|
| | | [vpc ecs eip](./terraform/alibaba-vpc-ecs-eip.md) | Create a lightweight WEB service based on Terraform under AliCloud's VPC, including: VPC, ECS, EIP | false |
|
||||||
| | | [utils](./terraform/aws-utils.md) | Utility functions for use with Terraform in the AWS environment |
|
| | | [vpc privatelink connection](./terraform/alibaba-vpc-privatelink-connection.md) | Terraform-based for creating VPC networks in AliCloud and creating private network links | false |
|
||||||
| | | [vpc](./terraform/aws-vpc.md) | AWS VPC |
|
| | | [vpn gateway](./terraform/alibaba-vpn-gateway.md) | Create VPN resources on AliCloud based on Terraform module | false |
|
||||||
| | | [zones](./terraform/aws-zones.md) | Terraform module which creates Route53 resources on AWS |
|
| | | [vswitch](./terraform/alibaba-vswitch.md) | Terraform configuration for Alibaba Cloud VSwitch | true |
|
||||||
| | Azure | [database mariadb](./terraform/azure-database-mariadb.md) | Terraform configuration for Azure Database Mariadb |
|
| |Azure| [database mariadb](./terraform/azure-database-mariadb.md) | Terraform configuration for Azure Database Mariadb | false |
|
||||||
| | | [resource group](./terraform/azure-resource-group.md) | Azure Resource Group |
|
| | | [resource group](./terraform/azure-resource-group.md) | Azure Resource Group | false |
|
||||||
| | | [storage account](./terraform/azure-storage-account.md) | Terraform configuration for Azure Blob Storage Account |
|
| | | [storage account](./terraform/azure-storage-account.md) | Terraform configuration for Azure Blob Storage Account | false |
|
||||||
| | | [subnet](./terraform/azure-subnet.md) | Azure Subnet |
|
| | | [subnet](./terraform/azure-subnet.md) | Azure Subnet | false |
|
||||||
| | | [virtual network](./terraform/azure-virtual-network.md) | Azure Virtual Network |
|
| | | [virtual network](./terraform/azure-virtual-network.md) | Azure Virtual Network | false |
|
||||||
| | Baidu Cloud | [vpc](./terraform/baidu-vpc.md) | Baidu Cloud VPC |
|
| |Baidu Cloud| [vpc](./terraform/baidu-vpc.md) | Baidu Cloud VPC | false |
|
||||||
| | Google Cloud Platform | [appengine](./terraform/gcp-appengine.md) | Get your container running, simply. |
|
| |Google Cloud Platform| [appengine](./terraform/gcp-appengine.md) | Get your container running, simply. | false |
|
||||||
| | | [audit log](./terraform/gcp-audit-log.md) | Terraform module for configuring an integration with Google Cloud Platform Organziations and Projects for Audit Logs analysis |
|
| | | [audit log](./terraform/gcp-audit-log.md) | Terraform module for configuring an integration with Google Cloud Platform Organziations and Projects for Audit Logs analysis | false |
|
||||||
| | | [backend service](./terraform/gcp-backend-service.md) | Create an ILB to be used for DC/OS for GCP |
|
| | | [backend service](./terraform/gcp-backend-service.md) | Create an ILB to be used for DC/OS for GCP | false |
|
||||||
| | | [basic vpc module](./terraform/gcp-basic-vpc-module.md) | GCP Basic_vpc_module |
|
| | | [basic vpc module](./terraform/gcp-basic-vpc-module.md) | GCP Basic_vpc_module | false |
|
||||||
| | | [bastion](./terraform/gcp-bastion.md) | Bastion for GCP |
|
| | | [bastion](./terraform/gcp-bastion.md) | Bastion for GCP | false |
|
||||||
| | | [bootstrap](./terraform/gcp-bootstrap.md) | Create a DC/OS Bootstrap instance and have conditional DC/OS prereqs for gcp |
|
| | | [bootstrap](./terraform/gcp-bootstrap.md) | Create a DC/OS Bootstrap instance and have conditional DC/OS prereqs for gcp | false |
|
||||||
| | | [cloudfunction](./terraform/gcp-cloudfunction.md) | For your cloud functions to GCP |
|
| | | [cloudfunction](./terraform/gcp-cloudfunction.md) | For your cloud functions to GCP | false |
|
||||||
| | | [cloudsql](./terraform/gcp-cloudsql.md) | A module to create a private database setup |
|
| | | [cloudsql](./terraform/gcp-cloudsql.md) | A module to create a private database setup | false |
|
||||||
| | | [cluster](./terraform/gcp-cluster.md) | Set up a GKE cluster connected as part of shared VPC |
|
| | | [cluster](./terraform/gcp-cluster.md) | Set up a GKE cluster connected as part of shared VPC | false |
|
||||||
| | | [compute firewall](./terraform/gcp-compute-firewall.md) | Create an ELB to be used for DC/OS for GCP |
|
| | | [compute firewall](./terraform/gcp-compute-firewall.md) | Create an ELB to be used for DC/OS for GCP | false |
|
||||||
| | | [compute forwarding rule dcos](./terraform/gcp-compute-forwarding-rule-dcos.md) | This module creates forwarding rules for DC/OS. |
|
| | | [compute forwarding rule](./terraform/gcp-compute-forwarding-rule.md) | GCP Compute-Forwarding-Rule | false |
|
||||||
| | | [compute forwarding rule masters](./terraform/gcp-compute-forwarding-rule-masters.md) | Creates an GCP forwarding rule for DC/OS masters |
|
| | | [compute forwarding rule dcos](./terraform/gcp-compute-forwarding-rule-dcos.md) | This module creates forwarding rules for DC/OS. | false |
|
||||||
| | | [compute forwarding rule public agents](./terraform/gcp-compute-forwarding-rule-public-agents.md) | This module creates an GCP forwarding rule for DC/OS public agents |
|
| | | [compute forwarding rule masters](./terraform/gcp-compute-forwarding-rule-masters.md) | Creates an GCP forwarding rule for DC/OS masters | false |
|
||||||
| | | [compute forwarding rule](./terraform/gcp-compute-forwarding-rule.md) | GCP Compute-Forwarding-Rule |
|
| | | [compute forwarding rule public agents](./terraform/gcp-compute-forwarding-rule-public-agents.md) | This module creates an GCP forwarding rule for DC/OS public agents | false |
|
||||||
| | | [config](./terraform/gcp-config.md) | Terraform module for integrating Google Cloud Platform Organziations and Projects with Lacework for cloud resource configuration assessment |
|
| | | [config](./terraform/gcp-config.md) | Terraform module for integrating Google Cloud Platform Organziations and Projects with Lacework for cloud resource configuration assessment | false |
|
||||||
| | | [custom role](./terraform/gcp-custom-role.md) | Base IAM role module to create GCP IAM Role from other roles and adhoc permissions |
|
| | | [custom role](./terraform/gcp-custom-role.md) | Base IAM role module to create GCP IAM Role from other roles and adhoc permissions | false |
|
||||||
| | | [dcos](./terraform/gcp-dcos.md) | Creates a DC/OS Cluster on GCP | Convenience Wrapper for GCP |
|
| | | [dcos](./terraform/gcp-dcos.md) | Creates a DC/OS Cluster on GCP Convenience Wrapper for GCP | false |
|
||||||
| | | [dns module](./terraform/gcp-dns-module.md) | GCP Dns-Module |
|
| | | [dns module](./terraform/gcp-dns-module.md) | GCP Dns-Module | false |
|
||||||
| | | [elasticsearch](./terraform/gcp-elasticsearch.md) | Terraform module for deploying Elasticsearch cluster on GCP |
|
| | | [elasticsearch](./terraform/gcp-elasticsearch.md) | Terraform module for deploying Elasticsearch cluster on GCP | false |
|
||||||
| | | [environment setup](./terraform/gcp-environment-setup.md) | IAC for provisioning Infrastructure component like network, subnetworks, route |
|
| | | [environment setup](./terraform/gcp-environment-setup.md) | IAC for provisioning Infrastructure component like network, subnetworks, route | false |
|
||||||
| | | [firewall rules](./terraform/gcp-firewall-rules.md) | Terraform module for creating Firewall rules on Google Cloud |
|
| | | [firewall rules](./terraform/gcp-firewall-rules.md) | Terraform module for creating Firewall rules on Google Cloud | false |
|
||||||
| | | [gci](./terraform/gcp-gci.md) | Manages GCP compute engine instance |
|
| | | [gci](./terraform/gcp-gci.md) | Manages GCP compute engine instance | false |
|
||||||
| | | [gcs](./terraform/gcp-gcs.md) | GCP Gcs |
|
| | | [gcs](./terraform/gcp-gcs.md) | GCP Gcs | false |
|
||||||
| | | [gke ecommerce](./terraform/gcp-gke-ecommerce.md) | Google Kubernetes Engine starter kit to bootstrap an e-commerce site based on microservices |
|
| | | [gke ecommerce](./terraform/gcp-gke-ecommerce.md) | Google Kubernetes Engine starter kit to bootstrap an e-commerce site based on microservices | false |
|
||||||
| | | [gke regional](./terraform/gcp-gke-regional.md) | Using Terraform to create a regional GKE cluster (Hosted Kubernetes offering of GCP) |
|
| | | [gke regional](./terraform/gcp-gke-regional.md) | Using Terraform to create a regional GKE cluster (Hosted Kubernetes offering of GCP) | false |
|
||||||
| | | [googlecomputeinstance](./terraform/gcp-googlecomputeinstance.md) | First step using GCP and Terraform |
|
| | | [googlecomputeinstance](./terraform/gcp-googlecomputeinstance.md) | First step using GCP and Terraform | false |
|
||||||
| | | [hashicorp suite](./terraform/gcp-hashicorp-suite.md) | Terraform module to run Nomad on Google Cloud |
|
| | | [hashicorp suite](./terraform/gcp-hashicorp-suite.md) | Terraform module to run Nomad on Google Cloud | false |
|
||||||
| | | [helmrepo](./terraform/gcp-helmrepo.md) | A helm repository |
|
| | | [helmrepo](./terraform/gcp-helmrepo.md) | A helm repository | false |
|
||||||
| | | [infrastructure](./terraform/gcp-infrastructure.md) | Create DC/OS related GCP Infrastructure |
|
| | | [infrastructure](./terraform/gcp-infrastructure.md) | Create DC/OS related GCP Infrastructure | false |
|
||||||
| | | [instance module](./terraform/gcp-instance-module.md) | Lazy GCP instance via Terraform |
|
| | | [instance](./terraform/gcp-instance.md) | GCP Instance | false |
|
||||||
| | | [instance](./terraform/gcp-instance.md) | GCP Instance |
|
| | | [instance module](./terraform/gcp-instance-module.md) | Lazy GCP instance via Terraform | false |
|
||||||
| | | [kthw](./terraform/gcp-kthw.md) | Kubernetes Cluster On GCP with Terraform |
|
| | | [kthw](./terraform/gcp-kthw.md) | Kubernetes Cluster On GCP with Terraform | false |
|
||||||
| | | [masters](./terraform/gcp-masters.md) | Create DC/OS Master instance and have conditional DC/OS Prereqs for GCP |
|
| | | [masters](./terraform/gcp-masters.md) | Create DC/OS Master instance and have conditional DC/OS Prereqs for GCP | false |
|
||||||
| | | [memorystore redis](./terraform/gcp-memorystore-redis.md) | Terraform gcp memorystore redis example |
|
| | | [memorystore redis](./terraform/gcp-memorystore-redis.md) | Terraform gcp memorystore redis example | false |
|
||||||
| | | [mq](./terraform/gcp-mq.md) | GCP MQ |
|
| | | [mq](./terraform/gcp-mq.md) | GCP MQ | false |
|
||||||
| | | [network peering](./terraform/gcp-network-peering.md) | GCP Network-Peering |
|
| | | [network](./terraform/gcp-network.md) | Terraform configuration for GCP network | false |
|
||||||
| | | [network](./terraform/gcp-network.md) | Terraform configuration for GCP network |
|
| | | [network peering](./terraform/gcp-network-peering.md) | GCP Network-Peering | false |
|
||||||
| | | [openwisp](./terraform/gcp-openwisp.md) | Terraform files for deploying docker-openwisp infrastructure in Google Cloud. |
|
| | | [openwisp](./terraform/gcp-openwisp.md) | Terraform files for deploying docker-openwisp infrastructure in Google Cloud. | false |
|
||||||
| | | [private agents](./terraform/gcp-private-agents.md) | Create DC/OS Private Agents instance and have conditional DC/OS Prereqs for gcp |
|
| | | [private agents](./terraform/gcp-private-agents.md) | Create DC/OS Private Agents instance and have conditional DC/OS Prereqs for gcp | false |
|
||||||
| | | [public agents](./terraform/gcp-public-agents.md) | Create DC/OS Public Agents instance and have conditional DC/OS prereqs for gcp |
|
| | | [public agents](./terraform/gcp-public-agents.md) | Create DC/OS Public Agents instance and have conditional DC/OS prereqs for gcp | false |
|
||||||
| | | [service account](./terraform/gcp-service-account.md) | Terraform module that creates a service account to provide Lacework read-only access to Google Cloud Platform Organizations and Projects |
|
| | | [service](./terraform/gcp-service.md) | Creates a GCP service user | false |
|
||||||
| | | [service](./terraform/gcp-service.md) | Creates a GCP service user |
|
| | | [service account](./terraform/gcp-service-account.md) | Terraform module that creates a service account to provide Lacework read-only access to Google Cloud Platform Organizations and Projects | false |
|
||||||
| | | [sfabric](./terraform/gcp-sfabric.md) | Terraform module for launching a Service Fabric Dev Environment on GCP |
|
| | | [sfabric](./terraform/gcp-sfabric.md) | Terraform module for launching a Service Fabric Dev Environment on GCP | false |
|
||||||
| | | [statebucket](./terraform/gcp-statebucket.md) | Contains a module to create a statebucket for use with Terraform |
|
| | | [statebucket](./terraform/gcp-statebucket.md) | Contains a module to create a statebucket for use with Terraform | false |
|
||||||
| | | [staticip](./terraform/gcp-staticip.md) | A simple Terraform module to build an instance a static public IP |
|
| | | [staticip](./terraform/gcp-staticip.md) | A simple Terraform module to build an instance a static public IP | false |
|
||||||
| | | [storage](./terraform/gcp-storage.md) | A basic terraform module example, which the example uses for a helm repo |
|
| | | [storage](./terraform/gcp-storage.md) | A basic terraform module example, which the example uses for a helm repo | false |
|
||||||
| | | [subnet](./terraform/gcp-subnet.md) | Terraform module for creating Subnets on Google Cloud |
|
| | | [subnet](./terraform/gcp-subnet.md) | Terraform module for creating Subnets on Google Cloud | false |
|
||||||
| | | [tested oses](./terraform/gcp-tested-oses.md) | GCP Tested-Oses |
|
| | | [tested oses](./terraform/gcp-tested-oses.md) | GCP Tested-Oses | false |
|
||||||
| | | [vpc](./terraform/gcp-vpc.md) | Terraform module for creating VPCs on Google Cloud |
|
| | | [vpc](./terraform/gcp-vpc.md) | Terraform module for creating VPCs on Google Cloud | false |
|
||||||
| | Tencent Cloud | [subnet](./terraform/tencent-subnet.md) | Tencent Cloud Subnet |
|
| |Tencent Cloud| [subnet](./terraform/tencent-subnet.md) | Tencent Cloud Subnet | false |
|
||||||
| | | [vpc](./terraform/tencent-vpc.md) | Terraform configuration for Tencent Cloud VPC |
|
| | | [vpc](./terraform/tencent-vpc.md) | Terraform configuration for Tencent Cloud VPC | false |
|
||||||
|
|
|
||||||
|
|
@ -2,181 +2,181 @@
|
||||||
title: 云资源列表
|
title: 云资源列表
|
||||||
---
|
---
|
||||||
|
|
||||||
| 编排类型 | 云服务商 | 云资源 | 描述 |
|
| 编排类型 | 云服务商 | 云资源 | 描述 | 已验证 |
|
||||||
|-----------|-----------------------|-----------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
|--------------------|-----------------------|-----------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------|
|
||||||
| Terraform | 阿里云 | [ack](./terraform/alibaba-ack.md) | Terraform configuration for Alibaba Cloud ACK cluster |
|
|Terraform|AWS| [acm](./terraform/aws-acm.md) | Terraform module which creates and validates ACM certificate | false |
|
||||||
| | | [amqp](./terraform/alibaba-amqp.md) | Terraform configuration for Alibaba Cloud AMQP(RabbitMQ) |
|
| | | [alb](./terraform/aws-alb.md) | Terraform module to create an AWS Application/Network Load Balancer (ALB/NLB) and associated resources | false |
|
||||||
| | | [ask](./terraform/alibaba-ask.md) | Terraform configuration for Alibaba Cloud Serverless Kubernetes (ASK) |
|
| | | [autoscaling](./terraform/aws-autoscaling.md) | Terraform module which creates Auto Scaling resources on AWS | false |
|
||||||
| | | [deploy website](./terraform/alibaba-deploy-website.md) | Deploy a Static Website in object stroage, like S3 and OSS |
|
| | | [bridgecrew read only](./terraform/aws-bridgecrew-read-only.md) | Bridgecrew READ ONLY integration module | false |
|
||||||
| | | [dns](./terraform/alibaba-dns.md) | Terraform configuration for Alibaba Cloud DNS |
|
| | | [cis alarms](./terraform/aws-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS | false |
|
||||||
| | | [eip slb ecs rds](./terraform/alibaba-eip-slb-ecs-rds.md) | Create a lightweight web service based on Terraform under AliCloud's VPC, including: EIP, SLB, ECS, RDS |
|
| | | [cloudfront](./terraform/aws-cloudfront.md) | Terraform module which creates CloudFront resources on AWS | false |
|
||||||
| | | [eip](./terraform/alibaba-eip.md) | Terraform configuration for Alibaba Cloud Elastic IP |
|
| | | [cloudfront s3 cdn](./terraform/aws-cloudfront-s3-cdn.md) | Terraform module to easily provision CloudFront CDN backed by an S3 origin | false |
|
||||||
| | | [kms](./terraform/alibaba-kms.md) | Create KMS on AliCloud based on Terraform module |
|
| | | [cloudwatch cis alarms](./terraform/aws-cloudwatch-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS | false |
|
||||||
| | | [kubernetes networking](./terraform/alibaba-kubernetes-networking.md) | Create a set of network environment related resources for Kubernetes clusters on AliCloud based on Terraform module |
|
| | | [cloudwatch log group](./terraform/aws-cloudwatch-log-group.md) | | false |
|
||||||
| | | [market tensorflow](./terraform/alibaba-market-tensorflow.md) | Based on Terraform module, create ECS instances on Ali cloud to achieve one-click deployment of cloud marketplace Tensorflow |
|
| | | [cloudwatch log metric filter](./terraform/aws-cloudwatch-log-metric-filter.md) | | false |
|
||||||
| | | [mns queue](./terraform/alibaba-mns-queue.md) | Create a queue instance based on the Terraform module |
|
| | | [cloudwatch metric alarm](./terraform/aws-cloudwatch-metric-alarm.md) | | false |
|
||||||
| | | [mns topic](./terraform/alibaba-mns-topic.md) | Create a topic and a subscription based on Terraform module |
|
| | | [cloudwatch metric alarms](./terraform/aws-cloudwatch-metric-alarms.md) | | false |
|
||||||
| | | [mongodb multi](./terraform/alibaba-mongodb-multi.md) | Terraform-based module for creating a MongoDB cloud database under AliCloud VPC |
|
| | | [cloudwatch metric alarms by multiple dimensions](./terraform/aws-cloudwatch-metric-alarms-by-multiple-dimensions.md) | | false |
|
||||||
| | | [mongodb](./terraform/alibaba-mongodb.md) | Alibaba Cloud MongoDB |
|
| | | [config](./terraform/aws-config.md) | This module configures AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. | false |
|
||||||
| | | [mse](./terraform/alibaba-mse.md) | Terraform configuration for Alibaba Cloud MSE |
|
| | | [delegation sets](./terraform/aws-delegation-sets.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [nas](./terraform/alibaba-nas.md) | Terraform configuration for Alicloud NAS |
|
| | | [dynamodb table](./terraform/aws-dynamodb-table.md) | Terraform module which creates DynamoDB table on AWS | false |
|
||||||
| | | [network with nat](./terraform/alibaba-network-with-nat.md) | Build VPC and Nat gateway network environment and bind EIP, add SNAT and DNAT entries on AliCloud based on Terraform module |
|
| | | [ec2 instance](./terraform/aws-ec2-instance.md) | Terraform module which creates EC2 instance(s) on AWS | false |
|
||||||
| | | [oss website](./terraform/alibaba-oss-website.md) | Alibaba Cloud OSS static webstie bucket |
|
| | | [ecs](./terraform/aws-ecs.md) | Terraform module which creates AWS ECS resources | false |
|
||||||
| | | [oss](./terraform/alibaba-oss.md) | Terraform configuration for Alibaba Cloud OSS |
|
| | | [ecs container definition](./terraform/aws-ecs-container-definition.md) | Terraform module to generate well-formed JSON documents (container definitions) that are passed to the aws_ecs_task_definition Terraform resource | false |
|
||||||
| | | [private zone](./terraform/alibaba-private-zone.md) | Terraform-based modules are used to create a Private Zone on AliCloud, while you can add records to the Zone and associate it with a VPC |
|
| | | [eks](./terraform/aws-eks.md) | Terraform module to create an Elastic Kubernetes (EKS) cluster and associated worker instances on AWS | false |
|
||||||
| | | [rabbitmq](./terraform/alibaba-rabbitmq.md) | Create a RabbitMQ based on Terraform module in Ali cloud |
|
| | | [eks cluster autoscaler](./terraform/aws-eks-cluster-autoscaler.md) | AWS Eks-Cluster-Autoscaler | false |
|
||||||
| | | [ram fc](./terraform/alibaba-ram-fc.md) | Create a functional computing service based on Terraform under AliCloud's RAM role |
|
| | | [eks external dns](./terraform/aws-eks-external-dns.md) | AWS Eks-External-Dns | false |
|
||||||
| | | [ram](./terraform/alibaba-ram.md) | Create RAM User instances on AliCloud based on Terraform module |
|
| | | [eks kube state metrics](./terraform/aws-eks-kube-state-metrics.md) | AWS Eks-Kube-State-Metrics | false |
|
||||||
| | | [rds preview](./terraform/alibaba-rds-preview.md) | Alibaba RDS in a preview mode |
|
| | | [eks node problem detector](./terraform/aws-eks-node-problem-detector.md) | A terraform module to deploy a node problem detector on Amazon EKS cluster | false |
|
||||||
| | | [rds](./terraform/alibaba-rds.md) | Terraform configuration for Alibaba Cloud RDS |
|
| | | [elasticache redis](./terraform/aws-elasticache-redis.md) | Terraform module to provision an ElastiCache Redis Cluster | false |
|
||||||
| | | [redis](./terraform/alibaba-redis.md) | Terraform configuration for Alibaba Cloud Redis |
|
| | | [elb](./terraform/aws-elb.md) | Terraform module which creates ELB resources on AWS | false |
|
||||||
| | | [remote backend](./terraform/alibaba-remote-backend.md) | Deploy remote backend storage in Aliyun based on Terraform module |
|
| | | [emr](./terraform/aws-emr.md) | Terraform module which creates EMR on AWS | false |
|
||||||
| | | [rocketmq](./terraform/alibaba-rocketmq.md) | Terraform configuration for Alibaba Cloud RocketMQ |
|
| | | [guardduty](./terraform/aws-guardduty.md) | Terraform module to provision AWS Guard Duty | false |
|
||||||
| | | [sae application](./terraform/alibaba-sae-application.md) | Alibaba SAE application |
|
| | | [iam account](./terraform/aws-iam-account.md) | Terraform module which creates IAM resources on AWS | false |
|
||||||
| | | [sae auto config application](./terraform/alibaba-sae-auto-config-application.md) | Alibaba SAE application to be deployed in auto-config mode |
|
| | | [iam assumable role](./terraform/aws-iam-assumable-role.md) | | false |
|
||||||
| | | [sae namespace](./terraform/alibaba-sae-namespace.md) | Alibaba SAE namespace |
|
| | | [iam assumable role with oidc](./terraform/aws-iam-assumable-role-with-oidc.md) | | false |
|
||||||
| | | [security group](./terraform/alibaba-security-group.md) | Terraform configuration for Alicloud SecurityGroup |
|
| | | [iam assumable role with saml](./terraform/aws-iam-assumable-role-with-saml.md) | | false |
|
||||||
| | | [slb acl](./terraform/alibaba-slb-acl.md) | Terraform-based module supports creating access control lists for load balancers |
|
| | | [iam assumable roles](./terraform/aws-iam-assumable-roles.md) | | false |
|
||||||
| | | [slb listener](./terraform/alibaba-slb-listener.md) | Quickly create slb listeners resources on AliCloud based on Terraform module |
|
| | | [iam assumable roles with saml](./terraform/aws-iam-assumable-roles-with-saml.md) | | false |
|
||||||
| | | [slb rule](./terraform/alibaba-slb-rule.md) | Terraform-based module creates an SLB instance under AliCloud's VPC and configures rules |
|
| | | [iam eks role](./terraform/aws-iam-eks-role.md) | | false |
|
||||||
| | | [slb](./terraform/alibaba-slb.md) | Terraform configuration for Alicloud SLB |
|
| | | [iam group with assumable roles policy](./terraform/aws-iam-group-with-assumable-roles-policy.md) | | false |
|
||||||
| | | [sls project](./terraform/alibaba-sls-project.md) | Terraform configuration for Alibaba Cloud SLS Project |
|
| | | [iam group with policies](./terraform/aws-iam-group-with-policies.md) | | false |
|
||||||
| | | [sls store](./terraform/alibaba-sls-store.md) | Terraform configuration for Alibaba Cloud SLS Store |
|
| | | [iam nofile](./terraform/aws-iam-nofile.md) | Terraform module Terraform module for creating AWS IAM Roles with heredocs | false |
|
||||||
| | | [vpc ecs eip](./terraform/alibaba-vpc-ecs-eip.md) | Create a lightweight WEB service based on Terraform under AliCloud's VPC, including: VPC, ECS, EIP |
|
| | | [iam policy](./terraform/aws-iam-policy.md) | Terraform module which creates IAM resources on AWS | false |
|
||||||
| | | [vpc privatelink connection](./terraform/alibaba-vpc-privatelink-connection.md) | Terraform-based for creating VPC networks in AliCloud and creating private network links |
|
| | | [iam policy document aggregator](./terraform/aws-iam-policy-document-aggregator.md) | Terraform module to aggregate multiple IAM policy documents into single policy document. | false |
|
||||||
| | | [vpc](./terraform/alibaba-vpc.md) | Terraform configuration for Alibaba Cloud VPC |
|
| | | [iam read only policy](./terraform/aws-iam-read-only-policy.md) | | false |
|
||||||
| | | [vpn gateway](./terraform/alibaba-vpn-gateway.md) | Create VPN resources on AliCloud based on Terraform module |
|
| | | [iam role](./terraform/aws-iam-role.md) | A Terraform module that creates IAM role with provided JSON IAM polices documents. | false |
|
||||||
| | | [vswitch](./terraform/alibaba-vswitch.md) | Terraform configuration for Alibaba Cloud VSwitch |
|
| | | [iam s3 user](./terraform/aws-iam-s3-user.md) | Terraform module to provision a basic IAM user with permissions to access S3 resources, e.g. to give the user read/write/delete access to the objects in an S3 bucket | false |
|
||||||
| | AWS | [acm](./terraform/aws-acm.md) | Terraform module which creates and validates ACM certificate |
|
| | | [iam system user](./terraform/aws-iam-system-user.md) | Terraform Module to Provision a Basic IAM System User Suitable for CI/CD Systems (E.g. TravisCI, CircleCI) | false |
|
||||||
| | | [alb](./terraform/aws-alb.md) | Terraform module to create an AWS Application/Network Load Balancer (ALB/NLB) and associated resources |
|
| | | [iam user](./terraform/aws-iam-user.md) | Terraform module which creates IAM resources on AWS | false |
|
||||||
| | | [autoscaling](./terraform/aws-autoscaling.md) | Terraform module which creates Auto Scaling resources on AWS |
|
| | | [key pair](./terraform/aws-key-pair.md) | Terraform module which creates EC2 key pair on AWS | false |
|
||||||
| | | [bridgecrew read only](./terraform/aws-bridgecrew-read-only.md) | Bridgecrew READ ONLY integration module |
|
| | | [kms key](./terraform/aws-kms-key.md) | Terraform module to provision a KMS key with alias | false |
|
||||||
| | | [cis alarms](./terraform/aws-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS |
|
| | | [lambda](./terraform/aws-lambda.md) | Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations | false |
|
||||||
| | | [cloudfront s3 cdn](./terraform/aws-cloudfront-s3-cdn.md) | Terraform module to easily provision CloudFront CDN backed by an S3 origin |
|
| | | [lambda do it all](./terraform/aws-lambda-do-it-all.md) | Terraform module to provision a lambda with full permissions | false |
|
||||||
| | | [cloudfront](./terraform/aws-cloudfront.md) | Terraform module which creates CloudFront resources on AWS |
|
| | | [lambda with inline code](./terraform/aws-lambda-with-inline-code.md) | Terraform module creating a Lambda function with inline code | false |
|
||||||
| | | [cloudwatch cis alarms](./terraform/aws-cloudwatch-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS |
|
| | | [log group](./terraform/aws-log-group.md) | Terraform module which creates Cloudwatch resources on AWS | false |
|
||||||
| | | [cloudwatch log group](./terraform/aws-cloudwatch-log-group.md) | |
|
| | | [log metric filter](./terraform/aws-log-metric-filter.md) | | false |
|
||||||
| | | [cloudwatch log metric filter](./terraform/aws-cloudwatch-log-metric-filter.md) | |
|
| | | [metric alarm](./terraform/aws-metric-alarm.md) | | false |
|
||||||
| | | [cloudwatch metric alarm](./terraform/aws-cloudwatch-metric-alarm.md) | |
|
| | | [metric alarms by multiple dimensions](./terraform/aws-metric-alarms-by-multiple-dimensions.md) | | false |
|
||||||
| | | [cloudwatch metric alarms by multiple dimensions](./terraform/aws-cloudwatch-metric-alarms-by-multiple-dimensions.md) | |
|
| | | [mq](./terraform/aws-mq.md) | AWS MQ | false |
|
||||||
| | | [cloudwatch metric alarms](./terraform/aws-cloudwatch-metric-alarms.md) | |
|
| | | [notify slack](./terraform/aws-notify-slack.md) | Terraform module which creates SNS topic and Lambda function which sends notifications to Slack | false |
|
||||||
| | | [config](./terraform/aws-config.md) | This module configures AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. |
|
| | | [rds](./terraform/aws-rds.md) | AWS RDS | false |
|
||||||
| | | [delegation sets](./terraform/aws-delegation-sets.md) | Terraform module which creates Route53 resources on AWS |
|
| | | [rds aurora](./terraform/aws-rds-aurora.md) | Terraform module which creates RDS Aurora resources on AWS | false |
|
||||||
| | | [dynamodb table](./terraform/aws-dynamodb-table.md) | Terraform module which creates DynamoDB table on AWS |
|
| | | [records](./terraform/aws-records.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [ec2 instance](./terraform/aws-ec2-instance.md) | Terraform module which creates EC2 instance(s) on AWS |
|
| | | [route53 alias](./terraform/aws-route53-alias.md) | Terraform Module to Define Vanity Host/Domain (e.g. ) as an ALIAS record | false |
|
||||||
| | | [ecs container definition](./terraform/aws-ecs-container-definition.md) | Terraform module to generate well-formed JSON documents (container definitions) that are passed to the aws_ecs_task_definition Terraform resource |
|
| | | [route53 cluster hostname](./terraform/aws-route53-cluster-hostname.md) | Terraform module to define a consistent AWS Route53 hostname | false |
|
||||||
| | | [ecs](./terraform/aws-ecs.md) | Terraform module which creates AWS ECS resources |
|
| | | [route53 delegation sets](./terraform/aws-route53-delegation-sets.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [eks cluster autoscaler](./terraform/aws-eks-cluster-autoscaler.md) | AWS Eks-Cluster-Autoscaler |
|
| | | [route53 records](./terraform/aws-route53-records.md) | | false |
|
||||||
| | | [eks external dns](./terraform/aws-eks-external-dns.md) | AWS Eks-External-Dns |
|
| | | [route53 zones](./terraform/aws-route53-zones.md) | | false |
|
||||||
| | | [eks kube state metrics](./terraform/aws-eks-kube-state-metrics.md) | AWS Eks-Kube-State-Metrics |
|
| | | [s3](./terraform/aws-s3.md) | Terraform configuration for AWS S3 | false |
|
||||||
| | | [eks node problem detector](./terraform/aws-eks-node-problem-detector.md) | A terraform module to deploy a node problem detector on Amazon EKS cluster |
|
| | | [s3 log storage](./terraform/aws-s3-log-storage.md) | This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrail | false |
|
||||||
| | | [eks](./terraform/aws-eks.md) | Terraform module to create an Elastic Kubernetes (EKS) cluster and associated worker instances on AWS |
|
| | | [secretsmanager for rollbar access tokens](./terraform/aws-secretsmanager-for-rollbar-access-tokens.md) | Terraform module creating a SecretsManager for Rollbar project access tokens | false |
|
||||||
| | | [elasticache redis](./terraform/aws-elasticache-redis.md) | Terraform module to provision an ElastiCache Redis Cluster |
|
| | | [security group](./terraform/aws-security-group.md) | Terraform module which creates EC2-VPC security groups on AWS | false |
|
||||||
| | | [elb](./terraform/aws-elb.md) | Terraform module which creates ELB resources on AWS |
|
| | | [security hub](./terraform/aws-security-hub.md) | Terraform module to provision AWS Security Hub | false |
|
||||||
| | | [emr](./terraform/aws-emr.md) | Terraform module which creates EMR on AWS |
|
| | | [sns topic](./terraform/aws-sns-topic.md) | Terraform Module to Provide an Amazon Simple Notification Service (SNS) | false |
|
||||||
| | | [guardduty](./terraform/aws-guardduty.md) | Terraform module to provision AWS Guard Duty |
|
| | | [sqs](./terraform/aws-sqs.md) | Terraform module which creates SQS resources on AWS | false |
|
||||||
| | | [iam account](./terraform/aws-iam-account.md) | Terraform module which creates IAM resources on AWS |
|
| | | [ssm parameter store](./terraform/aws-ssm-parameter-store.md) | Terraform module to populate AWS Systems Manager (SSM) Parameter Store with values from Terraform. Works great with Chamber. | false |
|
||||||
| | | [iam assumable role with oidc](./terraform/aws-iam-assumable-role-with-oidc.md) | |
|
| | | [subnet](./terraform/aws-subnet.md) | AWS Subnet | false |
|
||||||
| | | [iam assumable role with saml](./terraform/aws-iam-assumable-role-with-saml.md) | |
|
| | | [utils](./terraform/aws-utils.md) | Utility functions for use with Terraform in the AWS environment | false |
|
||||||
| | | [iam assumable role](./terraform/aws-iam-assumable-role.md) | |
|
| | | [vpc](./terraform/aws-vpc.md) | AWS VPC | false |
|
||||||
| | | [iam assumable roles with saml](./terraform/aws-iam-assumable-roles-with-saml.md) | |
|
| | | [zones](./terraform/aws-zones.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [iam assumable roles](./terraform/aws-iam-assumable-roles.md) | |
|
| |Azure| [database mariadb](./terraform/azure-database-mariadb.md) | Terraform configuration for Azure Database Mariadb | false |
|
||||||
| | | [iam eks role](./terraform/aws-iam-eks-role.md) | |
|
| | | [resource group](./terraform/azure-resource-group.md) | Azure Resource Group | false |
|
||||||
| | | [iam group with assumable roles policy](./terraform/aws-iam-group-with-assumable-roles-policy.md) | |
|
| | | [storage account](./terraform/azure-storage-account.md) | Terraform configuration for Azure Blob Storage Account | false |
|
||||||
| | | [iam group with policies](./terraform/aws-iam-group-with-policies.md) | |
|
| | | [subnet](./terraform/azure-subnet.md) | Azure Subnet | false |
|
||||||
| | | [iam nofile](./terraform/aws-iam-nofile.md) | Terraform module Terraform module for creating AWS IAM Roles with heredocs |
|
| | | [virtual network](./terraform/azure-virtual-network.md) | Azure Virtual Network | false |
|
||||||
| | | [iam policy document aggregator](./terraform/aws-iam-policy-document-aggregator.md) | Terraform module to aggregate multiple IAM policy documents into single policy document. |
|
| |Google Cloud Platform| [appengine](./terraform/gcp-appengine.md) | Get your container running, simply. | false |
|
||||||
| | | [iam policy](./terraform/aws-iam-policy.md) | Terraform module which creates IAM resources on AWS |
|
| | | [audit log](./terraform/gcp-audit-log.md) | Terraform module for configuring an integration with Google Cloud Platform Organziations and Projects for Audit Logs analysis | false |
|
||||||
| | | [iam read only policy](./terraform/aws-iam-read-only-policy.md) | |
|
| | | [backend service](./terraform/gcp-backend-service.md) | Create an ILB to be used for DC/OS for GCP | false |
|
||||||
| | | [iam role](./terraform/aws-iam-role.md) | A Terraform module that creates IAM role with provided JSON IAM polices documents. |
|
| | | [basic vpc module](./terraform/gcp-basic-vpc-module.md) | GCP Basic_vpc_module | false |
|
||||||
| | | [iam s3 user](./terraform/aws-iam-s3-user.md) | Terraform module to provision a basic IAM user with permissions to access S3 resources, e.g. to give the user read/write/delete access to the objects in an S3 bucket |
|
| | | [bastion](./terraform/gcp-bastion.md) | Bastion for GCP | false |
|
||||||
| | | [iam system user](./terraform/aws-iam-system-user.md) | Terraform Module to Provision a Basic IAM System User Suitable for CI/CD Systems (E.g. TravisCI, CircleCI) |
|
| | | [bootstrap](./terraform/gcp-bootstrap.md) | Create a DC/OS Bootstrap instance and have conditional DC/OS prereqs for gcp | false |
|
||||||
| | | [iam user](./terraform/aws-iam-user.md) | Terraform module which creates IAM resources on AWS |
|
| | | [cloudfunction](./terraform/gcp-cloudfunction.md) | For your cloud functions to GCP | false |
|
||||||
| | | [key pair](./terraform/aws-key-pair.md) | Terraform module which creates EC2 key pair on AWS |
|
| | | [cloudsql](./terraform/gcp-cloudsql.md) | A module to create a private database setup | false |
|
||||||
| | | [kms key](./terraform/aws-kms-key.md) | Terraform module to provision a KMS key with alias |
|
| | | [cluster](./terraform/gcp-cluster.md) | Set up a GKE cluster connected as part of shared VPC | false |
|
||||||
| | | [lambda do it all](./terraform/aws-lambda-do-it-all.md) | Terraform module to provision a lambda with full permissions |
|
| | | [compute firewall](./terraform/gcp-compute-firewall.md) | Create an ELB to be used for DC/OS for GCP | false |
|
||||||
| | | [lambda with inline code](./terraform/aws-lambda-with-inline-code.md) | Terraform module creating a Lambda function with inline code |
|
| | | [compute forwarding rule](./terraform/gcp-compute-forwarding-rule.md) | GCP Compute-Forwarding-Rule | false |
|
||||||
| | | [lambda](./terraform/aws-lambda.md) | Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations |
|
| | | [compute forwarding rule dcos](./terraform/gcp-compute-forwarding-rule-dcos.md) | This module creates forwarding rules for DC/OS. | false |
|
||||||
| | | [log group](./terraform/aws-log-group.md) | Terraform module which creates Cloudwatch resources on AWS |
|
| | | [compute forwarding rule masters](./terraform/gcp-compute-forwarding-rule-masters.md) | Creates an GCP forwarding rule for DC/OS masters | false |
|
||||||
| | | [log metric filter](./terraform/aws-log-metric-filter.md) | |
|
| | | [compute forwarding rule public agents](./terraform/gcp-compute-forwarding-rule-public-agents.md) | This module creates an GCP forwarding rule for DC/OS public agents | false |
|
||||||
| | | [metric alarm](./terraform/aws-metric-alarm.md) | |
|
| | | [config](./terraform/gcp-config.md) | Terraform module for integrating Google Cloud Platform Organziations and Projects with Lacework for cloud resource configuration assessment | false |
|
||||||
| | | [metric alarms by multiple dimensions](./terraform/aws-metric-alarms-by-multiple-dimensions.md) | |
|
| | | [custom role](./terraform/gcp-custom-role.md) | Base IAM role module to create GCP IAM Role from other roles and adhoc permissions | false |
|
||||||
| | | [mq](./terraform/aws-mq.md) | AWS MQ |
|
| | | [dcos](./terraform/gcp-dcos.md) | Creates a DC/OS Cluster on GCP Convenience Wrapper for GCP | false |
|
||||||
| | | [notify slack](./terraform/aws-notify-slack.md) | Terraform module which creates SNS topic and Lambda function which sends notifications to Slack |
|
| | | [dns module](./terraform/gcp-dns-module.md) | GCP Dns-Module | false |
|
||||||
| | | [rds aurora](./terraform/aws-rds-aurora.md) | Terraform module which creates RDS Aurora resources on AWS |
|
| | | [elasticsearch](./terraform/gcp-elasticsearch.md) | Terraform module for deploying Elasticsearch cluster on GCP | false |
|
||||||
| | | [rds](./terraform/aws-rds.md) | AWS RDS |
|
| | | [environment setup](./terraform/gcp-environment-setup.md) | IAC for provisioning Infrastructure component like network, subnetworks, route | false |
|
||||||
| | | [records](./terraform/aws-records.md) | Terraform module which creates Route53 resources on AWS |
|
| | | [firewall rules](./terraform/gcp-firewall-rules.md) | Terraform module for creating Firewall rules on Google Cloud | false |
|
||||||
| | | [route53 alias](./terraform/aws-route53-alias.md) | Terraform Module to Define Vanity Host/Domain (e.g. ) as an ALIAS record |
|
| | | [gci](./terraform/gcp-gci.md) | Manages GCP compute engine instance | false |
|
||||||
| | | [route53 cluster hostname](./terraform/aws-route53-cluster-hostname.md) | Terraform module to define a consistent AWS Route53 hostname |
|
| | | [gcs](./terraform/gcp-gcs.md) | GCP Gcs | false |
|
||||||
| | | [route53 delegation sets](./terraform/aws-route53-delegation-sets.md) | Terraform module which creates Route53 resources on AWS |
|
| | | [gke ecommerce](./terraform/gcp-gke-ecommerce.md) | Google Kubernetes Engine starter kit to bootstrap an e-commerce site based on microservices | false |
|
||||||
| | | [route53 records](./terraform/aws-route53-records.md) | |
|
| | | [gke regional](./terraform/gcp-gke-regional.md) | Using Terraform to create a regional GKE cluster (Hosted Kubernetes offering of GCP) | false |
|
||||||
| | | [route53 zones](./terraform/aws-route53-zones.md) | |
|
| | | [googlecomputeinstance](./terraform/gcp-googlecomputeinstance.md) | First step using GCP and Terraform | false |
|
||||||
| | | [s3 log storage](./terraform/aws-s3-log-storage.md) | This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrail |
|
| | | [hashicorp suite](./terraform/gcp-hashicorp-suite.md) | Terraform module to run Nomad on Google Cloud | false |
|
||||||
| | | [s3](./terraform/aws-s3.md) | Terraform configuration for AWS S3 |
|
| | | [helmrepo](./terraform/gcp-helmrepo.md) | A helm repository | false |
|
||||||
| | | [secretsmanager for rollbar access tokens](./terraform/aws-secretsmanager-for-rollbar-access-tokens.md) | Terraform module creating a SecretsManager for Rollbar project access tokens |
|
| | | [infrastructure](./terraform/gcp-infrastructure.md) | Create DC/OS related GCP Infrastructure | false |
|
||||||
| | | [security group](./terraform/aws-security-group.md) | Terraform module which creates EC2-VPC security groups on AWS |
|
| | | [instance](./terraform/gcp-instance.md) | GCP Instance | false |
|
||||||
| | | [security hub](./terraform/aws-security-hub.md) | Terraform module to provision AWS Security Hub |
|
| | | [instance module](./terraform/gcp-instance-module.md) | Lazy GCP instance via Terraform | false |
|
||||||
| | | [sns topic](./terraform/aws-sns-topic.md) | Terraform Module to Provide an Amazon Simple Notification Service (SNS) |
|
| | | [kthw](./terraform/gcp-kthw.md) | Kubernetes Cluster On GCP with Terraform | false |
|
||||||
| | | [sqs](./terraform/aws-sqs.md) | Terraform module which creates SQS resources on AWS |
|
| | | [masters](./terraform/gcp-masters.md) | Create DC/OS Master instance and have conditional DC/OS Prereqs for GCP | false |
|
||||||
| | | [ssm parameter store](./terraform/aws-ssm-parameter-store.md) | Terraform module to populate AWS Systems Manager (SSM) Parameter Store with values from Terraform. Works great with Chamber. |
|
| | | [memorystore redis](./terraform/gcp-memorystore-redis.md) | Terraform gcp memorystore redis example | false |
|
||||||
| | | [subnet](./terraform/aws-subnet.md) | AWS Subnet |
|
| | | [mq](./terraform/gcp-mq.md) | GCP MQ | false |
|
||||||
| | | [utils](./terraform/aws-utils.md) | Utility functions for use with Terraform in the AWS environment |
|
| | | [network](./terraform/gcp-network.md) | Terraform configuration for GCP network | false |
|
||||||
| | | [vpc](./terraform/aws-vpc.md) | AWS VPC |
|
| | | [network peering](./terraform/gcp-network-peering.md) | GCP Network-Peering | false |
|
||||||
| | | [zones](./terraform/aws-zones.md) | Terraform module which creates Route53 resources on AWS |
|
| | | [openwisp](./terraform/gcp-openwisp.md) | Terraform files for deploying docker-openwisp infrastructure in Google Cloud. | false |
|
||||||
| | Azure | [database mariadb](./terraform/azure-database-mariadb.md) | Terraform configuration for Azure Database Mariadb |
|
| | | [private agents](./terraform/gcp-private-agents.md) | Create DC/OS Private Agents instance and have conditional DC/OS Prereqs for gcp | false |
|
||||||
| | | [resource group](./terraform/azure-resource-group.md) | Azure Resource Group |
|
| | | [public agents](./terraform/gcp-public-agents.md) | Create DC/OS Public Agents instance and have conditional DC/OS prereqs for gcp | false |
|
||||||
| | | [storage account](./terraform/azure-storage-account.md) | Terraform configuration for Azure Blob Storage Account |
|
| | | [service](./terraform/gcp-service.md) | Creates a GCP service user | false |
|
||||||
| | | [subnet](./terraform/azure-subnet.md) | Azure Subnet |
|
| | | [service account](./terraform/gcp-service-account.md) | Terraform module that creates a service account to provide Lacework read-only access to Google Cloud Platform Organizations and Projects | false |
|
||||||
| | | [virtual network](./terraform/azure-virtual-network.md) | Azure Virtual Network |
|
| | | [sfabric](./terraform/gcp-sfabric.md) | Terraform module for launching a Service Fabric Dev Environment on GCP | false |
|
||||||
| | 百度云 | [vpc](./terraform/baidu-vpc.md) | Baidu Cloud VPC |
|
| | | [statebucket](./terraform/gcp-statebucket.md) | Contains a module to create a statebucket for use with Terraform | false |
|
||||||
| | Google Cloud Platform | [appengine](./terraform/gcp-appengine.md) | Get your container running, simply. |
|
| | | [staticip](./terraform/gcp-staticip.md) | A simple Terraform module to build an instance a static public IP | false |
|
||||||
| | | [audit log](./terraform/gcp-audit-log.md) | Terraform module for configuring an integration with Google Cloud Platform Organziations and Projects for Audit Logs analysis |
|
| | | [storage](./terraform/gcp-storage.md) | A basic terraform module example, which the example uses for a helm repo | false |
|
||||||
| | | [backend service](./terraform/gcp-backend-service.md) | Create an ILB to be used for DC/OS for GCP |
|
| | | [subnet](./terraform/gcp-subnet.md) | Terraform module for creating Subnets on Google Cloud | false |
|
||||||
| | | [basic vpc module](./terraform/gcp-basic-vpc-module.md) | GCP Basic_vpc_module |
|
| | | [tested oses](./terraform/gcp-tested-oses.md) | GCP Tested-Oses | false |
|
||||||
| | | [bastion](./terraform/gcp-bastion.md) | Bastion for GCP |
|
| | | [vpc](./terraform/gcp-vpc.md) | Terraform module for creating VPCs on Google Cloud | false |
|
||||||
| | | [bootstrap](./terraform/gcp-bootstrap.md) | Create a DC/OS Bootstrap instance and have conditional DC/OS prereqs for gcp |
|
| |百度云| [vpc](./terraform/baidu-vpc.md) | Baidu Cloud VPC | false |
|
||||||
| | | [cloudfunction](./terraform/gcp-cloudfunction.md) | For your cloud functions to GCP |
|
| |腾讯云| [subnet](./terraform/tencent-subnet.md) | Tencent Cloud Subnet | false |
|
||||||
| | | [cloudsql](./terraform/gcp-cloudsql.md) | A module to create a private database setup |
|
| | | [vpc](./terraform/tencent-vpc.md) | Terraform configuration for Tencent Cloud VPC | false |
|
||||||
| | | [cluster](./terraform/gcp-cluster.md) | Set up a GKE cluster connected as part of shared VPC |
|
| |阿里云| [ack](./terraform/alibaba-ack.md) | Terraform configuration for Alibaba Cloud ACK cluster | true |
|
||||||
| | | [compute firewall](./terraform/gcp-compute-firewall.md) | Create an ELB to be used for DC/OS for GCP |
|
| | | [amqp](./terraform/alibaba-amqp.md) | Terraform configuration for Alibaba Cloud AMQP(RabbitMQ) | false |
|
||||||
| | | [compute forwarding rule dcos](./terraform/gcp-compute-forwarding-rule-dcos.md) | This module creates forwarding rules for DC/OS. |
|
| | | [ask](./terraform/alibaba-ask.md) | Terraform configuration for Alibaba Cloud Serverless Kubernetes (ASK) | true |
|
||||||
| | | [compute forwarding rule masters](./terraform/gcp-compute-forwarding-rule-masters.md) | Creates an GCP forwarding rule for DC/OS masters |
|
| | | [deploy website](./terraform/alibaba-deploy-website.md) | Deploy a Static Website in object stroage, like S3 and OSS | false |
|
||||||
| | | [compute forwarding rule public agents](./terraform/gcp-compute-forwarding-rule-public-agents.md) | This module creates an GCP forwarding rule for DC/OS public agents |
|
| | | [dns](./terraform/alibaba-dns.md) | Terraform configuration for Alibaba Cloud DNS | false |
|
||||||
| | | [compute forwarding rule](./terraform/gcp-compute-forwarding-rule.md) | GCP Compute-Forwarding-Rule |
|
| | | [eip](./terraform/alibaba-eip.md) | Terraform configuration for Alibaba Cloud Elastic IP | true |
|
||||||
| | | [config](./terraform/gcp-config.md) | Terraform module for integrating Google Cloud Platform Organziations and Projects with Lacework for cloud resource configuration assessment |
|
| | | [eip slb ecs rds](./terraform/alibaba-eip-slb-ecs-rds.md) | Create a lightweight web service based on Terraform under AliCloud's VPC, including: EIP, SLB, ECS, RDS | false |
|
||||||
| | | [custom role](./terraform/gcp-custom-role.md) | Base IAM role module to create GCP IAM Role from other roles and adhoc permissions |
|
| | | [kms](./terraform/alibaba-kms.md) | Create KMS on AliCloud based on Terraform module | false |
|
||||||
| | | [dcos](./terraform/gcp-dcos.md) | Creates a DC/OS Cluster on GCP | Convenience Wrapper for GCP |
|
| | | [kubernetes networking](./terraform/alibaba-kubernetes-networking.md) | Create a set of network environment related resources for Kubernetes clusters on AliCloud based on Terraform module | false |
|
||||||
| | | [dns module](./terraform/gcp-dns-module.md) | GCP Dns-Module |
|
| | | [market tensorflow](./terraform/alibaba-market-tensorflow.md) | Based on Terraform module, create ECS instances on Ali cloud to achieve one-click deployment of cloud marketplace Tensorflow | false |
|
||||||
| | | [elasticsearch](./terraform/gcp-elasticsearch.md) | Terraform module for deploying Elasticsearch cluster on GCP |
|
| | | [mns queue](./terraform/alibaba-mns-queue.md) | Create a queue instance based on the Terraform module | false |
|
||||||
| | | [environment setup](./terraform/gcp-environment-setup.md) | IAC for provisioning Infrastructure component like network, subnetworks, route |
|
| | | [mns topic](./terraform/alibaba-mns-topic.md) | Create a topic and a subscription based on Terraform module | false |
|
||||||
| | | [firewall rules](./terraform/gcp-firewall-rules.md) | Terraform module for creating Firewall rules on Google Cloud |
|
| | | [mongodb](./terraform/alibaba-mongodb.md) | Alibaba Cloud MongoDB | false |
|
||||||
| | | [gci](./terraform/gcp-gci.md) | Manages GCP compute engine instance |
|
| | | [mongodb multi](./terraform/alibaba-mongodb-multi.md) | Terraform-based module for creating a MongoDB cloud database under AliCloud VPC | false |
|
||||||
| | | [gcs](./terraform/gcp-gcs.md) | GCP Gcs |
|
| | | [mse](./terraform/alibaba-mse.md) | Terraform configuration for Alibaba Cloud MSE | false |
|
||||||
| | | [gke ecommerce](./terraform/gcp-gke-ecommerce.md) | Google Kubernetes Engine starter kit to bootstrap an e-commerce site based on microservices |
|
| | | [nas](./terraform/alibaba-nas.md) | Terraform configuration for Alicloud NAS | false |
|
||||||
| | | [gke regional](./terraform/gcp-gke-regional.md) | Using Terraform to create a regional GKE cluster (Hosted Kubernetes offering of GCP) |
|
| | | [network with nat](./terraform/alibaba-network-with-nat.md) | Build VPC and Nat gateway network environment and bind EIP, add SNAT and DNAT entries on AliCloud based on Terraform module | false |
|
||||||
| | | [googlecomputeinstance](./terraform/gcp-googlecomputeinstance.md) | First step using GCP and Terraform |
|
| | | [oss](./terraform/alibaba-oss.md) | Terraform configuration for Alibaba Cloud OSS | true |
|
||||||
| | | [hashicorp suite](./terraform/gcp-hashicorp-suite.md) | Terraform module to run Nomad on Google Cloud |
|
| | | [oss website](./terraform/alibaba-oss-website.md) | Alibaba Cloud OSS static webstie bucket | false |
|
||||||
| | | [helmrepo](./terraform/gcp-helmrepo.md) | A helm repository |
|
| | | [private zone](./terraform/alibaba-private-zone.md) | Terraform-based modules are used to create a Private Zone on AliCloud, while you can add records to the Zone and associate it with a VPC | false |
|
||||||
| | | [infrastructure](./terraform/gcp-infrastructure.md) | Create DC/OS related GCP Infrastructure |
|
| | | [rabbitmq](./terraform/alibaba-rabbitmq.md) | Create a RabbitMQ based on Terraform module in Ali cloud | false |
|
||||||
| | | [instance module](./terraform/gcp-instance-module.md) | Lazy GCP instance via Terraform |
|
| | | [ram](./terraform/alibaba-ram.md) | Create RAM User instances on AliCloud based on Terraform module | false |
|
||||||
| | | [instance](./terraform/gcp-instance.md) | GCP Instance |
|
| | | [ram fc](./terraform/alibaba-ram-fc.md) | Create a functional computing service based on Terraform under AliCloud's RAM role | false |
|
||||||
| | | [kthw](./terraform/gcp-kthw.md) | Kubernetes Cluster On GCP with Terraform |
|
| | | [rds](./terraform/alibaba-rds.md) | Terraform configuration for Alibaba Cloud RDS | true |
|
||||||
| | | [masters](./terraform/gcp-masters.md) | Create DC/OS Master instance and have conditional DC/OS Prereqs for GCP |
|
| | | [rds preview](./terraform/alibaba-rds-preview.md) | Alibaba RDS in a preview mode | true |
|
||||||
| | | [memorystore redis](./terraform/gcp-memorystore-redis.md) | Terraform gcp memorystore redis example |
|
| | | [redis](./terraform/alibaba-redis.md) | Terraform configuration for Alibaba Cloud Redis | true |
|
||||||
| | | [mq](./terraform/gcp-mq.md) | GCP MQ |
|
| | | [remote backend](./terraform/alibaba-remote-backend.md) | Deploy remote backend storage in Aliyun based on Terraform module | false |
|
||||||
| | | [network peering](./terraform/gcp-network-peering.md) | GCP Network-Peering |
|
| | | [rocketmq](./terraform/alibaba-rocketmq.md) | Terraform configuration for Alibaba Cloud RocketMQ | false |
|
||||||
| | | [network](./terraform/gcp-network.md) | Terraform configuration for GCP network |
|
| | | [sae application](./terraform/alibaba-sae-application.md) | Alibaba SAE application | false |
|
||||||
| | | [openwisp](./terraform/gcp-openwisp.md) | Terraform files for deploying docker-openwisp infrastructure in Google Cloud. |
|
| | | [sae auto config application](./terraform/alibaba-sae-auto-config-application.md) | Alibaba SAE application to be deployed in auto-config mode | false |
|
||||||
| | | [private agents](./terraform/gcp-private-agents.md) | Create DC/OS Private Agents instance and have conditional DC/OS Prereqs for gcp |
|
| | | [sae namespace](./terraform/alibaba-sae-namespace.md) | Alibaba SAE namespace | false |
|
||||||
| | | [public agents](./terraform/gcp-public-agents.md) | Create DC/OS Public Agents instance and have conditional DC/OS prereqs for gcp |
|
| | | [security group](./terraform/alibaba-security-group.md) | Terraform configuration for Alicloud SecurityGroup | false |
|
||||||
| | | [service account](./terraform/gcp-service-account.md) | Terraform module that creates a service account to provide Lacework read-only access to Google Cloud Platform Organizations and Projects |
|
| | | [slb](./terraform/alibaba-slb.md) | Terraform configuration for Alicloud SLB | false |
|
||||||
| | | [service](./terraform/gcp-service.md) | Creates a GCP service user |
|
| | | [slb acl](./terraform/alibaba-slb-acl.md) | Terraform-based module supports creating access control lists for load balancers | false |
|
||||||
| | | [sfabric](./terraform/gcp-sfabric.md) | Terraform module for launching a Service Fabric Dev Environment on GCP |
|
| | | [slb listener](./terraform/alibaba-slb-listener.md) | Quickly create slb listeners resources on AliCloud based on Terraform module | false |
|
||||||
| | | [statebucket](./terraform/gcp-statebucket.md) | Contains a module to create a statebucket for use with Terraform |
|
| | | [slb rule](./terraform/alibaba-slb-rule.md) | Terraform-based module creates an SLB instance under AliCloud's VPC and configures rules | false |
|
||||||
| | | [staticip](./terraform/gcp-staticip.md) | A simple Terraform module to build an instance a static public IP |
|
| | | [sls project](./terraform/alibaba-sls-project.md) | Terraform configuration for Alibaba Cloud SLS Project | true |
|
||||||
| | | [storage](./terraform/gcp-storage.md) | A basic terraform module example, which the example uses for a helm repo |
|
| | | [sls store](./terraform/alibaba-sls-store.md) | Terraform configuration for Alibaba Cloud SLS Store | true |
|
||||||
| | | [subnet](./terraform/gcp-subnet.md) | Terraform module for creating Subnets on Google Cloud |
|
| | | [vpc](./terraform/alibaba-vpc.md) | Terraform configuration for Alibaba Cloud VPC | true |
|
||||||
| | | [tested oses](./terraform/gcp-tested-oses.md) | GCP Tested-Oses |
|
| | | [vpc ecs eip](./terraform/alibaba-vpc-ecs-eip.md) | Create a lightweight WEB service based on Terraform under AliCloud's VPC, including: VPC, ECS, EIP | false |
|
||||||
| | | [vpc](./terraform/gcp-vpc.md) | Terraform module for creating VPCs on Google Cloud |
|
| | | [vpc privatelink connection](./terraform/alibaba-vpc-privatelink-connection.md) | Terraform-based for creating VPC networks in AliCloud and creating private network links | false |
|
||||||
| | 腾讯云 | [subnet](./terraform/tencent-subnet.md) | Tencent Cloud Subnet |
|
| | | [vpn gateway](./terraform/alibaba-vpn-gateway.md) | Create VPN resources on AliCloud based on Terraform module | false |
|
||||||
| | | [vpc](./terraform/tencent-vpc.md) | Terraform configuration for Tencent Cloud VPC |
|
| | | [vswitch](./terraform/alibaba-vswitch.md) | Terraform configuration for Alibaba Cloud VSwitch | true |
|
||||||
|
|
|
||||||
|
|
@ -2,140 +2,181 @@
|
||||||
title: 云资源列表
|
title: 云资源列表
|
||||||
---
|
---
|
||||||
|
|
||||||
| 编排类型 | 云服务商 | 云资源 | 描述 |
|
| 编排类型 | 云服务商 | 云资源 | 描述 | 已验证 |
|
||||||
|-----------|-----------------------|---------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
|--------------------|-----------------------|-----------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------|
|
||||||
| Terraform | 阿里云 | [ack](./terraform/alibaba-ack.md) | Terraform configuration for Alibaba Cloud ACK cluster |
|
|Terraform|AWS| [acm](./terraform/aws-acm.md) | Terraform module which creates and validates ACM certificate | false |
|
||||||
| | | [amqp](./terraform/alibaba-amqp.md) | Terraform configuration for Alibaba Cloud AMQP(RabbitMQ) |
|
| | | [alb](./terraform/aws-alb.md) | Terraform module to create an AWS Application/Network Load Balancer (ALB/NLB) and associated resources | false |
|
||||||
| | | [ask](./terraform/alibaba-ask.md) | Terraform configuration for Alibaba Cloud Serverless Kubernetes (ASK) |
|
| | | [autoscaling](./terraform/aws-autoscaling.md) | Terraform module which creates Auto Scaling resources on AWS | false |
|
||||||
| | | [eip](./terraform/alibaba-eip.md) | Terraform configuration for Alibaba Cloud Elastic IP |
|
| | | [bridgecrew read only](./terraform/aws-bridgecrew-read-only.md) | Bridgecrew READ ONLY integration module | false |
|
||||||
| | | [mongodb](./terraform/alibaba-mongodb.md) | Alibaba Cloud MongoDB |
|
| | | [cis alarms](./terraform/aws-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS | false |
|
||||||
| | | [mse](./terraform/alibaba-mse.md) | Terraform configuration for Alibaba Cloud MSE |
|
| | | [cloudfront](./terraform/aws-cloudfront.md) | Terraform module which creates CloudFront resources on AWS | false |
|
||||||
| | | [oss](./terraform/alibaba-oss.md) | Terraform configuration for Alibaba Cloud OSS |
|
| | | [cloudfront s3 cdn](./terraform/aws-cloudfront-s3-cdn.md) | Terraform module to easily provision CloudFront CDN backed by an S3 origin | false |
|
||||||
| | | [rds](./terraform/alibaba-rds.md) | Terraform configuration for Alibaba Cloud RDS |
|
| | | [cloudwatch cis alarms](./terraform/aws-cloudwatch-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS | false |
|
||||||
| | | [redis](./terraform/alibaba-redis.md) | Terraform configuration for Alibaba Cloud Redis |
|
| | | [cloudwatch log group](./terraform/aws-cloudwatch-log-group.md) | | false |
|
||||||
| | | [rocketmq](./terraform/alibaba-rocketmq.md) | Terraform configuration for Alibaba Cloud RocketMQ |
|
| | | [cloudwatch log metric filter](./terraform/aws-cloudwatch-log-metric-filter.md) | | false |
|
||||||
| | | [sls project](./terraform/alibaba-sls-project.md) | Terraform configuration for Alibaba Cloud SLS Project |
|
| | | [cloudwatch metric alarm](./terraform/aws-cloudwatch-metric-alarm.md) | | false |
|
||||||
| | | [sls store](./terraform/alibaba-sls-store.md) | Terraform configuration for Alibaba Cloud SLS Store |
|
| | | [cloudwatch metric alarms](./terraform/aws-cloudwatch-metric-alarms.md) | | false |
|
||||||
| | | [vpc](./terraform/alibaba-vpc.md) | Terraform configuration for Alibaba Cloud VPC |
|
| | | [cloudwatch metric alarms by multiple dimensions](./terraform/aws-cloudwatch-metric-alarms-by-multiple-dimensions.md) | | false |
|
||||||
| | | [vswitch](./terraform/alibaba-vswitch.md) | Terraform configuration for Alibaba Cloud VSwitch |
|
| | | [config](./terraform/aws-config.md) | This module configures AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. | false |
|
||||||
| | AWS | [acm](./terraform/aws-acm.md) | Terraform module which creates and validates ACM certificate |
|
| | | [delegation sets](./terraform/aws-delegation-sets.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [alb](./terraform/aws-alb.md) | Terraform module to create an AWS Application/Network Load Balancer (ALB/NLB) and associated resources |
|
| | | [dynamodb table](./terraform/aws-dynamodb-table.md) | Terraform module which creates DynamoDB table on AWS | false |
|
||||||
| | | [autoscaling](./terraform/aws-autoscaling.md) | Terraform module which creates Auto Scaling resources on AWS |
|
| | | [ec2 instance](./terraform/aws-ec2-instance.md) | Terraform module which creates EC2 instance(s) on AWS | false |
|
||||||
| | | [bridgecrew read only](./terraform/aws-bridgecrew-read-only.md) | Bridgecrew READ ONLY integration module |
|
| | | [ecs](./terraform/aws-ecs.md) | Terraform module which creates AWS ECS resources | false |
|
||||||
| | | [cloudfront s3 cdn](./terraform/aws-cloudfront-s3-cdn.md) | Terraform module to easily provision CloudFront CDN backed by an S3 origin |
|
| | | [ecs container definition](./terraform/aws-ecs-container-definition.md) | Terraform module to generate well-formed JSON documents (container definitions) that are passed to the aws_ecs_task_definition Terraform resource | false |
|
||||||
| | | [cloudfront](./terraform/aws-cloudfront.md) | Terraform module which creates CloudFront resources on AWS |
|
| | | [eks](./terraform/aws-eks.md) | Terraform module to create an Elastic Kubernetes (EKS) cluster and associated worker instances on AWS | false |
|
||||||
| | | [cloudwatch cis alarms](./terraform/aws-cloudwatch-cis-alarms.md) | Terraform module which creates Cloudwatch resources on AWS |
|
| | | [eks cluster autoscaler](./terraform/aws-eks-cluster-autoscaler.md) | AWS Eks-Cluster-Autoscaler | false |
|
||||||
| | | [cloudwatch log group](./terraform/aws-cloudwatch-log-group.md) | |
|
| | | [eks external dns](./terraform/aws-eks-external-dns.md) | AWS Eks-External-Dns | false |
|
||||||
| | | [cloudwatch log metric filter](./terraform/aws-cloudwatch-log-metric-filter.md) | |
|
| | | [eks kube state metrics](./terraform/aws-eks-kube-state-metrics.md) | AWS Eks-Kube-State-Metrics | false |
|
||||||
| | | [cloudwatch metric alarm](./terraform/aws-cloudwatch-metric-alarm.md) | |
|
| | | [eks node problem detector](./terraform/aws-eks-node-problem-detector.md) | A terraform module to deploy a node problem detector on Amazon EKS cluster | false |
|
||||||
| | | [cloudwatch metric alarms](./terraform/aws-cloudwatch-metric-alarms.md) | |
|
| | | [elasticache redis](./terraform/aws-elasticache-redis.md) | Terraform module to provision an ElastiCache Redis Cluster | false |
|
||||||
| | | [config](./terraform/aws-config.md) | This module configures AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. |
|
| | | [elb](./terraform/aws-elb.md) | Terraform module which creates ELB resources on AWS | false |
|
||||||
| | | [dynamodb table](./terraform/aws-dynamodb-table.md) | Terraform module which creates DynamoDB table on AWS |
|
| | | [emr](./terraform/aws-emr.md) | Terraform module which creates EMR on AWS | false |
|
||||||
| | | [ec2 instance](./terraform/aws-ec2-instance.md) | Terraform module which creates EC2 instance(s) on AWS |
|
| | | [guardduty](./terraform/aws-guardduty.md) | Terraform module to provision AWS Guard Duty | false |
|
||||||
| | | [ecs container definition](./terraform/aws-ecs-container-definition.md) | Terraform module to generate well-formed JSON documents (container definitions) that are passed to the aws_ecs_task_definition Terraform resource |
|
| | | [iam account](./terraform/aws-iam-account.md) | Terraform module which creates IAM resources on AWS | false |
|
||||||
| | | [ecs](./terraform/aws-ecs.md) | Terraform module which creates AWS ECS resources |
|
| | | [iam assumable role](./terraform/aws-iam-assumable-role.md) | | false |
|
||||||
| | | [eks cluster autoscaler](./terraform/aws-eks-cluster-autoscaler.md) | AWS Eks-Cluster-Autoscaler |
|
| | | [iam assumable role with oidc](./terraform/aws-iam-assumable-role-with-oidc.md) | | false |
|
||||||
| | | [eks external dns](./terraform/aws-eks-external-dns.md) | AWS Eks-External-Dns |
|
| | | [iam assumable role with saml](./terraform/aws-iam-assumable-role-with-saml.md) | | false |
|
||||||
| | | [eks kube state metrics](./terraform/aws-eks-kube-state-metrics.md) | AWS Eks-Kube-State-Metrics |
|
| | | [iam assumable roles](./terraform/aws-iam-assumable-roles.md) | | false |
|
||||||
| | | [eks node problem detector](./terraform/aws-eks-node-problem-detector.md) | A terraform module to deploy a node problem detector on Amazon EKS cluster |
|
| | | [iam assumable roles with saml](./terraform/aws-iam-assumable-roles-with-saml.md) | | false |
|
||||||
| | | [eks](./terraform/aws-eks.md) | Terraform module to create an Elastic Kubernetes (EKS) cluster and associated worker instances on AWS |
|
| | | [iam eks role](./terraform/aws-iam-eks-role.md) | | false |
|
||||||
| | | [elasticache redis](./terraform/aws-elasticache-redis.md) | Terraform module to provision an ElastiCache Redis Cluster |
|
| | | [iam group with assumable roles policy](./terraform/aws-iam-group-with-assumable-roles-policy.md) | | false |
|
||||||
| | | [elb](./terraform/aws-elb.md) | Terraform module which creates ELB resources on AWS |
|
| | | [iam group with policies](./terraform/aws-iam-group-with-policies.md) | | false |
|
||||||
| | | [guardduty](./terraform/aws-guardduty.md) | Terraform module to provision AWS Guard Duty |
|
| | | [iam nofile](./terraform/aws-iam-nofile.md) | Terraform module Terraform module for creating AWS IAM Roles with heredocs | false |
|
||||||
| | | [iam account](./terraform/aws-iam-account.md) | Terraform module which creates IAM resources on AWS |
|
| | | [iam policy](./terraform/aws-iam-policy.md) | Terraform module which creates IAM resources on AWS | false |
|
||||||
| | | [iam assumable role with oidc](./terraform/aws-iam-assumable-role-with-oidc.md) | |
|
| | | [iam policy document aggregator](./terraform/aws-iam-policy-document-aggregator.md) | Terraform module to aggregate multiple IAM policy documents into single policy document. | false |
|
||||||
| | | [iam assumable role with saml](./terraform/aws-iam-assumable-role-with-saml.md) | |
|
| | | [iam read only policy](./terraform/aws-iam-read-only-policy.md) | | false |
|
||||||
| | | [iam assumable role](./terraform/aws-iam-assumable-role.md) | |
|
| | | [iam role](./terraform/aws-iam-role.md) | A Terraform module that creates IAM role with provided JSON IAM polices documents. | false |
|
||||||
| | | [iam assumable roles with saml](./terraform/aws-iam-assumable-roles-with-saml.md) | |
|
| | | [iam s3 user](./terraform/aws-iam-s3-user.md) | Terraform module to provision a basic IAM user with permissions to access S3 resources, e.g. to give the user read/write/delete access to the objects in an S3 bucket | false |
|
||||||
| | | [iam assumable roles](./terraform/aws-iam-assumable-roles.md) | |
|
| | | [iam system user](./terraform/aws-iam-system-user.md) | Terraform Module to Provision a Basic IAM System User Suitable for CI/CD Systems (E.g. TravisCI, CircleCI) | false |
|
||||||
| | | [iam eks role](./terraform/aws-iam-eks-role.md) | |
|
| | | [iam user](./terraform/aws-iam-user.md) | Terraform module which creates IAM resources on AWS | false |
|
||||||
| | | [iam group with assumable roles policy](./terraform/aws-iam-group-with-assumable-roles-policy.md) | |
|
| | | [key pair](./terraform/aws-key-pair.md) | Terraform module which creates EC2 key pair on AWS | false |
|
||||||
| | | [iam group with policies](./terraform/aws-iam-group-with-policies.md) | |
|
| | | [kms key](./terraform/aws-kms-key.md) | Terraform module to provision a KMS key with alias | false |
|
||||||
| | | [iam nofile](./terraform/aws-iam-nofile.md) | Terraform module Terraform module for creating AWS IAM Roles with heredocs |
|
| | | [lambda](./terraform/aws-lambda.md) | Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations | false |
|
||||||
| | | [iam policy document aggregator](./terraform/aws-iam-policy-document-aggregator.md) | Terraform module to aggregate multiple IAM policy documents into single policy document. |
|
| | | [lambda do it all](./terraform/aws-lambda-do-it-all.md) | Terraform module to provision a lambda with full permissions | false |
|
||||||
| | | [iam policy](./terraform/aws-iam-policy.md) | Terraform module which creates IAM resources on AWS |
|
| | | [lambda with inline code](./terraform/aws-lambda-with-inline-code.md) | Terraform module creating a Lambda function with inline code | false |
|
||||||
| | | [iam read only policy](./terraform/aws-iam-read-only-policy.md) | |
|
| | | [log group](./terraform/aws-log-group.md) | Terraform module which creates Cloudwatch resources on AWS | false |
|
||||||
| | | [iam role](./terraform/aws-iam-role.md) | A Terraform module that creates IAM role with provided JSON IAM polices documents. |
|
| | | [log metric filter](./terraform/aws-log-metric-filter.md) | | false |
|
||||||
| | | [iam s3 user](./terraform/aws-iam-s3-user.md) | Terraform module to provision a basic IAM user with permissions to access S3 resources, e.g. to give the user read/write/delete access to the objects in an S3 bucket |
|
| | | [metric alarm](./terraform/aws-metric-alarm.md) | | false |
|
||||||
| | | [iam system user](./terraform/aws-iam-system-user.md) | Terraform Module to Provision a Basic IAM System User Suitable for CI/CD Systems (E.g. TravisCI, CircleCI) |
|
| | | [metric alarms by multiple dimensions](./terraform/aws-metric-alarms-by-multiple-dimensions.md) | | false |
|
||||||
| | | [iam user](./terraform/aws-iam-user.md) | Terraform module which creates IAM resources on AWS |
|
| | | [mq](./terraform/aws-mq.md) | AWS MQ | false |
|
||||||
| | | [key pair](./terraform/aws-key-pair.md) | Terraform module which creates EC2 key pair on AWS |
|
| | | [notify slack](./terraform/aws-notify-slack.md) | Terraform module which creates SNS topic and Lambda function which sends notifications to Slack | false |
|
||||||
| | | [kms key](./terraform/aws-kms-key.md) | Terraform module to provision a KMS key with alias |
|
| | | [rds](./terraform/aws-rds.md) | AWS RDS | false |
|
||||||
| | | [lambda do it all](./terraform/aws-lambda-do-it-all.md) | Terraform module to provision a lambda with full permissions |
|
| | | [rds aurora](./terraform/aws-rds-aurora.md) | Terraform module which creates RDS Aurora resources on AWS | false |
|
||||||
| | | [lambda with inline code](./terraform/aws-lambda-with-inline-code.md) | Terraform module creating a Lambda function with inline code |
|
| | | [records](./terraform/aws-records.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [lambda](./terraform/aws-lambda.md) | Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations |
|
| | | [route53 alias](./terraform/aws-route53-alias.md) | Terraform Module to Define Vanity Host/Domain (e.g. ) as an ALIAS record | false |
|
||||||
| | | [notify slack](./terraform/aws-notify-slack.md) | Terraform module which creates SNS topic and Lambda function which sends notifications to Slack |
|
| | | [route53 cluster hostname](./terraform/aws-route53-cluster-hostname.md) | Terraform module to define a consistent AWS Route53 hostname | false |
|
||||||
| | | [rds aurora](./terraform/aws-rds-aurora.md) | Terraform module which creates RDS Aurora resources on AWS |
|
| | | [route53 delegation sets](./terraform/aws-route53-delegation-sets.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [rds](./terraform/aws-rds.md) | AWS RDS |
|
| | | [route53 records](./terraform/aws-route53-records.md) | | false |
|
||||||
| | | [route53 alias](./terraform/aws-route53-alias.md) | Terraform Module to Define Vanity Host/Domain (e.g. ) as an ALIAS record |
|
| | | [route53 zones](./terraform/aws-route53-zones.md) | | false |
|
||||||
| | | [route53 cluster hostname](./terraform/aws-route53-cluster-hostname.md) | Terraform module to define a consistent AWS Route53 hostname |
|
| | | [s3](./terraform/aws-s3.md) | Terraform configuration for AWS S3 | false |
|
||||||
| | | [route53 delegation sets](./terraform/aws-route53-delegation-sets.md) | Terraform module which creates Route53 resources on AWS |
|
| | | [s3 log storage](./terraform/aws-s3-log-storage.md) | This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrail | false |
|
||||||
| | | [route53 records](./terraform/aws-route53-records.md) | |
|
| | | [secretsmanager for rollbar access tokens](./terraform/aws-secretsmanager-for-rollbar-access-tokens.md) | Terraform module creating a SecretsManager for Rollbar project access tokens | false |
|
||||||
| | | [route53 zones](./terraform/aws-route53-zones.md) | |
|
| | | [security group](./terraform/aws-security-group.md) | Terraform module which creates EC2-VPC security groups on AWS | false |
|
||||||
| | | [s3 log storage](./terraform/aws-s3-log-storage.md) | This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrail |
|
| | | [security hub](./terraform/aws-security-hub.md) | Terraform module to provision AWS Security Hub | false |
|
||||||
| | | [s3](./terraform/aws-s3.md) | Terraform configuration for AWS S3 |
|
| | | [sns topic](./terraform/aws-sns-topic.md) | Terraform Module to Provide an Amazon Simple Notification Service (SNS) | false |
|
||||||
| | | [secretsmanager for rollbar access tokens](./terraform/aws-secretsmanager-for-rollbar-access-tokens.md) | Terraform module creating a SecretsManager for Rollbar project access tokens |
|
| | | [sqs](./terraform/aws-sqs.md) | Terraform module which creates SQS resources on AWS | false |
|
||||||
| | | [security group](./terraform/aws-security-group.md) | Terraform module which creates EC2-VPC security groups on AWS |
|
| | | [ssm parameter store](./terraform/aws-ssm-parameter-store.md) | Terraform module to populate AWS Systems Manager (SSM) Parameter Store with values from Terraform. Works great with Chamber. | false |
|
||||||
| | | [security hub](./terraform/aws-security-hub.md) | Terraform module to provision AWS Security Hub |
|
| | | [subnet](./terraform/aws-subnet.md) | AWS Subnet | false |
|
||||||
| | | [sns topic](./terraform/aws-sns-topic.md) | Terraform Module to Provide an Amazon Simple Notification Service (SNS) |
|
| | | [utils](./terraform/aws-utils.md) | Utility functions for use with Terraform in the AWS environment | false |
|
||||||
| | | [sqs](./terraform/aws-sqs.md) | Terraform module which creates SQS resources on AWS |
|
| | | [vpc](./terraform/aws-vpc.md) | AWS VPC | false |
|
||||||
| | | [ssm parameter store](./terraform/aws-ssm-parameter-store.md) | Terraform module to populate AWS Systems Manager (SSM) Parameter Store with values from Terraform. Works great with Chamber. |
|
| | | [zones](./terraform/aws-zones.md) | Terraform module which creates Route53 resources on AWS | false |
|
||||||
| | | [subnet](./terraform/aws-subnet.md) | AWS Subnet |
|
| |Azure| [database mariadb](./terraform/azure-database-mariadb.md) | Terraform configuration for Azure Database Mariadb | false |
|
||||||
| | | [utils](./terraform/aws-utils.md) | Utility functions for use with Terraform in the AWS environment |
|
| | | [resource group](./terraform/azure-resource-group.md) | Azure Resource Group | false |
|
||||||
| | | [vpc](./terraform/aws-vpc.md) | AWS VPC |
|
| | | [storage account](./terraform/azure-storage-account.md) | Terraform configuration for Azure Blob Storage Account | false |
|
||||||
| | Azure | [database mariadb](./terraform/azure-database-mariadb.md) | Terraform configuration for Azure Database Mariadb |
|
| | | [subnet](./terraform/azure-subnet.md) | Azure Subnet | false |
|
||||||
| | | [resource group](./terraform/azure-resource-group.md) | Azure Resource Group |
|
| | | [virtual network](./terraform/azure-virtual-network.md) | Azure Virtual Network | false |
|
||||||
| | | [storage account](./terraform/azure-storage-account.md) | Terraform configuration for Azure Blob Storage Account |
|
| |Google Cloud Platform| [appengine](./terraform/gcp-appengine.md) | Get your container running, simply. | false |
|
||||||
| | | [subnet](./terraform/azure-subnet.md) | Azure Subnet |
|
| | | [audit log](./terraform/gcp-audit-log.md) | Terraform module for configuring an integration with Google Cloud Platform Organziations and Projects for Audit Logs analysis | false |
|
||||||
| | | [virtual network](./terraform/azure-virtual-network.md) | Azure Virtual Network |
|
| | | [backend service](./terraform/gcp-backend-service.md) | Create an ILB to be used for DC/OS for GCP | false |
|
||||||
| | 百度云 | [vpc](./terraform/baidu-vpc.md) | Baidu Cloud VPC |
|
| | | [basic vpc module](./terraform/gcp-basic-vpc-module.md) | GCP Basic_vpc_module | false |
|
||||||
| | Google Cloud Platform | [appengine](./terraform/gcp-appengine.md) | Get your container running, simply. |
|
| | | [bastion](./terraform/gcp-bastion.md) | Bastion for GCP | false |
|
||||||
| | | [audit log](./terraform/gcp-audit-log.md) | Terraform module for configuring an integration with Google Cloud Platform Organziations and Projects for Audit Logs analysis |
|
| | | [bootstrap](./terraform/gcp-bootstrap.md) | Create a DC/OS Bootstrap instance and have conditional DC/OS prereqs for gcp | false |
|
||||||
| | | [backend service](./terraform/gcp-backend-service.md) | Create an ILB to be used for DC/OS for GCP |
|
| | | [cloudfunction](./terraform/gcp-cloudfunction.md) | For your cloud functions to GCP | false |
|
||||||
| | | [basic vpc module](./terraform/gcp-basic-vpc-module.md) | GCP Basic_vpc_module |
|
| | | [cloudsql](./terraform/gcp-cloudsql.md) | A module to create a private database setup | false |
|
||||||
| | | [bastion](./terraform/gcp-bastion.md) | Bastion for GCP |
|
| | | [cluster](./terraform/gcp-cluster.md) | Set up a GKE cluster connected as part of shared VPC | false |
|
||||||
| | | [bootstrap](./terraform/gcp-bootstrap.md) | Create a DC/OS Bootstrap instance and have conditional DC/OS prereqs for gcp |
|
| | | [compute firewall](./terraform/gcp-compute-firewall.md) | Create an ELB to be used for DC/OS for GCP | false |
|
||||||
| | | [cloudfunction](./terraform/gcp-cloudfunction.md) | For your cloud functions to GCP |
|
| | | [compute forwarding rule](./terraform/gcp-compute-forwarding-rule.md) | GCP Compute-Forwarding-Rule | false |
|
||||||
| | | [cloudsql](./terraform/gcp-cloudsql.md) | A module to create a private database setup |
|
| | | [compute forwarding rule dcos](./terraform/gcp-compute-forwarding-rule-dcos.md) | This module creates forwarding rules for DC/OS. | false |
|
||||||
| | | [cluster](./terraform/gcp-cluster.md) | Set up a GKE cluster connected as part of shared VPC |
|
| | | [compute forwarding rule masters](./terraform/gcp-compute-forwarding-rule-masters.md) | Creates an GCP forwarding rule for DC/OS masters | false |
|
||||||
| | | [compute firewall](./terraform/gcp-compute-firewall.md) | Create an ELB to be used for DC/OS for GCP |
|
| | | [compute forwarding rule public agents](./terraform/gcp-compute-forwarding-rule-public-agents.md) | This module creates an GCP forwarding rule for DC/OS public agents | false |
|
||||||
| | | [compute forwarding rule dcos](./terraform/gcp-compute-forwarding-rule-dcos.md) | This module creates forwarding rules for DC/OS. |
|
| | | [config](./terraform/gcp-config.md) | Terraform module for integrating Google Cloud Platform Organziations and Projects with Lacework for cloud resource configuration assessment | false |
|
||||||
| | | [compute forwarding rule masters](./terraform/gcp-compute-forwarding-rule-masters.md) | Creates an GCP forwarding rule for DC/OS masters |
|
| | | [custom role](./terraform/gcp-custom-role.md) | Base IAM role module to create GCP IAM Role from other roles and adhoc permissions | false |
|
||||||
| | | [compute forwarding rule public agents](./terraform/gcp-compute-forwarding-rule-public-agents.md) | This module creates an GCP forwarding rule for DC/OS public agents |
|
| | | [dcos](./terraform/gcp-dcos.md) | Creates a DC/OS Cluster on GCP Convenience Wrapper for GCP | false |
|
||||||
| | | [compute forwarding rule](./terraform/gcp-compute-forwarding-rule.md) | GCP Compute-Forwarding-Rule |
|
| | | [dns module](./terraform/gcp-dns-module.md) | GCP Dns-Module | false |
|
||||||
| | | [config](./terraform/gcp-config.md) | Terraform module for integrating Google Cloud Platform Organziations and Projects with Lacework for cloud resource configuration assessment |
|
| | | [elasticsearch](./terraform/gcp-elasticsearch.md) | Terraform module for deploying Elasticsearch cluster on GCP | false |
|
||||||
| | | [custom role](./terraform/gcp-custom-role.md) | Base IAM role module to create GCP IAM Role from other roles and adhoc permissions |
|
| | | [environment setup](./terraform/gcp-environment-setup.md) | IAC for provisioning Infrastructure component like network, subnetworks, route | false |
|
||||||
| | | [dcos](./terraform/gcp-dcos.md) | Creates a DC/OS Cluster on GCP | Convenience Wrapper for GCP |
|
| | | [firewall rules](./terraform/gcp-firewall-rules.md) | Terraform module for creating Firewall rules on Google Cloud | false |
|
||||||
| | | [dns module](./terraform/gcp-dns-module.md) | GCP Dns-Module |
|
| | | [gci](./terraform/gcp-gci.md) | Manages GCP compute engine instance | false |
|
||||||
| | | [elasticsearch](./terraform/gcp-elasticsearch.md) | Terraform module for deploying Elasticsearch cluster on GCP |
|
| | | [gcs](./terraform/gcp-gcs.md) | GCP Gcs | false |
|
||||||
| | | [environment setup](./terraform/gcp-environment-setup.md) | IAC for provisioning Infrastructure component like network, subnetworks, route |
|
| | | [gke ecommerce](./terraform/gcp-gke-ecommerce.md) | Google Kubernetes Engine starter kit to bootstrap an e-commerce site based on microservices | false |
|
||||||
| | | [firewall rules](./terraform/gcp-firewall-rules.md) | Terraform module for creating Firewall rules on Google Cloud |
|
| | | [gke regional](./terraform/gcp-gke-regional.md) | Using Terraform to create a regional GKE cluster (Hosted Kubernetes offering of GCP) | false |
|
||||||
| | | [gci](./terraform/gcp-gci.md) | Manages GCP compute engine instance |
|
| | | [googlecomputeinstance](./terraform/gcp-googlecomputeinstance.md) | First step using GCP and Terraform | false |
|
||||||
| | | [gcs](./terraform/gcp-gcs.md) | GCP Gcs |
|
| | | [hashicorp suite](./terraform/gcp-hashicorp-suite.md) | Terraform module to run Nomad on Google Cloud | false |
|
||||||
| | | [gke ecommerce](./terraform/gcp-gke-ecommerce.md) | Google Kubernetes Engine starter kit to bootstrap an e-commerce site based on microservices |
|
| | | [helmrepo](./terraform/gcp-helmrepo.md) | A helm repository | false |
|
||||||
| | | [gke regional](./terraform/gcp-gke-regional.md) | Using Terraform to create a regional GKE cluster (Hosted Kubernetes offering of GCP) |
|
| | | [infrastructure](./terraform/gcp-infrastructure.md) | Create DC/OS related GCP Infrastructure | false |
|
||||||
| | | [googlecomputeinstance](./terraform/gcp-googlecomputeinstance.md) | First step using GCP and Terraform |
|
| | | [instance](./terraform/gcp-instance.md) | GCP Instance | false |
|
||||||
| | | [hashicorp suite](./terraform/gcp-hashicorp-suite.md) | Terraform module to run Nomad on Google Cloud |
|
| | | [instance module](./terraform/gcp-instance-module.md) | Lazy GCP instance via Terraform | false |
|
||||||
| | | [helmrepo](./terraform/gcp-helmrepo.md) | A helm repository |
|
| | | [kthw](./terraform/gcp-kthw.md) | Kubernetes Cluster On GCP with Terraform | false |
|
||||||
| | | [infrastructure](./terraform/gcp-infrastructure.md) | Create DC/OS related GCP Infrastructure |
|
| | | [masters](./terraform/gcp-masters.md) | Create DC/OS Master instance and have conditional DC/OS Prereqs for GCP | false |
|
||||||
| | | [instance module](./terraform/gcp-instance-module.md) | Lazy GCP instance via Terraform |
|
| | | [memorystore redis](./terraform/gcp-memorystore-redis.md) | Terraform gcp memorystore redis example | false |
|
||||||
| | | [instance](./terraform/gcp-instance.md) | GCP Instance |
|
| | | [mq](./terraform/gcp-mq.md) | GCP MQ | false |
|
||||||
| | | [kthw](./terraform/gcp-kthw.md) | Kubernetes Cluster On GCP with Terraform |
|
| | | [network](./terraform/gcp-network.md) | Terraform configuration for GCP network | false |
|
||||||
| | | [masters](./terraform/gcp-masters.md) | Create DC/OS Master instance and have conditional DC/OS Prereqs for GCP |
|
| | | [network peering](./terraform/gcp-network-peering.md) | GCP Network-Peering | false |
|
||||||
| | | [memorystore redis](./terraform/gcp-memorystore-redis.md) | Terraform gcp memorystore redis example |
|
| | | [openwisp](./terraform/gcp-openwisp.md) | Terraform files for deploying docker-openwisp infrastructure in Google Cloud. | false |
|
||||||
| | | [network peering](./terraform/gcp-network-peering.md) | GCP Network-Peering |
|
| | | [private agents](./terraform/gcp-private-agents.md) | Create DC/OS Private Agents instance and have conditional DC/OS Prereqs for gcp | false |
|
||||||
| | | [network](./terraform/gcp-network.md) | Terraform configuration for GCP network |
|
| | | [public agents](./terraform/gcp-public-agents.md) | Create DC/OS Public Agents instance and have conditional DC/OS prereqs for gcp | false |
|
||||||
| | | [openwisp](./terraform/gcp-openwisp.md) | Terraform files for deploying docker-openwisp infrastructure in Google Cloud. |
|
| | | [service](./terraform/gcp-service.md) | Creates a GCP service user | false |
|
||||||
| | | [private agents](./terraform/gcp-private-agents.md) | Create DC/OS Private Agents instance and have conditional DC/OS Prereqs for gcp |
|
| | | [service account](./terraform/gcp-service-account.md) | Terraform module that creates a service account to provide Lacework read-only access to Google Cloud Platform Organizations and Projects | false |
|
||||||
| | | [public agents](./terraform/gcp-public-agents.md) | Create DC/OS Public Agents instance and have conditional DC/OS prereqs for gcp |
|
| | | [sfabric](./terraform/gcp-sfabric.md) | Terraform module for launching a Service Fabric Dev Environment on GCP | false |
|
||||||
| | | [service account](./terraform/gcp-service-account.md) | Terraform module that creates a service account to provide Lacework read-only access to Google Cloud Platform Organizations and Projects |
|
| | | [statebucket](./terraform/gcp-statebucket.md) | Contains a module to create a statebucket for use with Terraform | false |
|
||||||
| | | [service](./terraform/gcp-service.md) | Creates a GCP service user |
|
| | | [staticip](./terraform/gcp-staticip.md) | A simple Terraform module to build an instance a static public IP | false |
|
||||||
| | | [sfabric](./terraform/gcp-sfabric.md) | Terraform module for launching a Service Fabric Dev Environment on GCP |
|
| | | [storage](./terraform/gcp-storage.md) | A basic terraform module example, which the example uses for a helm repo | false |
|
||||||
| | | [statebucket](./terraform/gcp-statebucket.md) | Contains a module to create a statebucket for use with Terraform |
|
| | | [subnet](./terraform/gcp-subnet.md) | Terraform module for creating Subnets on Google Cloud | false |
|
||||||
| | | [staticip](./terraform/gcp-staticip.md) | A simple Terraform module to build an instance a static public IP |
|
| | | [tested oses](./terraform/gcp-tested-oses.md) | GCP Tested-Oses | false |
|
||||||
| | | [storage](./terraform/gcp-storage.md) | A basic terraform module example, which the example uses for a helm repo |
|
| | | [vpc](./terraform/gcp-vpc.md) | Terraform module for creating VPCs on Google Cloud | false |
|
||||||
| | | [subnet](./terraform/gcp-subnet.md) | Terraform module for creating Subnets on Google Cloud |
|
| |百度云| [vpc](./terraform/baidu-vpc.md) | Baidu Cloud VPC | false |
|
||||||
| | | [tested oses](./terraform/gcp-tested-oses.md) | GCP Tested-Oses |
|
| |腾讯云| [subnet](./terraform/tencent-subnet.md) | Tencent Cloud Subnet | false |
|
||||||
| | | [vpc](./terraform/gcp-vpc.md) | Terraform module for creating VPCs on Google Cloud |
|
| | | [vpc](./terraform/tencent-vpc.md) | Terraform configuration for Tencent Cloud VPC | false |
|
||||||
| | 腾讯云 | [subnet](./terraform/tencent-subnet.md) | Tencent Cloud Subnet |
|
| |阿里云| [ack](./terraform/alibaba-ack.md) | Terraform configuration for Alibaba Cloud ACK cluster | true |
|
||||||
| | | [vpc](./terraform/tencent-vpc.md) | Terraform configuration for Tencent Cloud VPC |
|
| | | [amqp](./terraform/alibaba-amqp.md) | Terraform configuration for Alibaba Cloud AMQP(RabbitMQ) | false |
|
||||||
|
| | | [ask](./terraform/alibaba-ask.md) | Terraform configuration for Alibaba Cloud Serverless Kubernetes (ASK) | true |
|
||||||
|
| | | [deploy website](./terraform/alibaba-deploy-website.md) | Deploy a Static Website in object stroage, like S3 and OSS | false |
|
||||||
|
| | | [dns](./terraform/alibaba-dns.md) | Terraform configuration for Alibaba Cloud DNS | false |
|
||||||
|
| | | [eip](./terraform/alibaba-eip.md) | Terraform configuration for Alibaba Cloud Elastic IP | true |
|
||||||
|
| | | [eip slb ecs rds](./terraform/alibaba-eip-slb-ecs-rds.md) | Create a lightweight web service based on Terraform under AliCloud's VPC, including: EIP, SLB, ECS, RDS | false |
|
||||||
|
| | | [kms](./terraform/alibaba-kms.md) | Create KMS on AliCloud based on Terraform module | false |
|
||||||
|
| | | [kubernetes networking](./terraform/alibaba-kubernetes-networking.md) | Create a set of network environment related resources for Kubernetes clusters on AliCloud based on Terraform module | false |
|
||||||
|
| | | [market tensorflow](./terraform/alibaba-market-tensorflow.md) | Based on Terraform module, create ECS instances on Ali cloud to achieve one-click deployment of cloud marketplace Tensorflow | false |
|
||||||
|
| | | [mns queue](./terraform/alibaba-mns-queue.md) | Create a queue instance based on the Terraform module | false |
|
||||||
|
| | | [mns topic](./terraform/alibaba-mns-topic.md) | Create a topic and a subscription based on Terraform module | false |
|
||||||
|
| | | [mongodb](./terraform/alibaba-mongodb.md) | Alibaba Cloud MongoDB | false |
|
||||||
|
| | | [mongodb multi](./terraform/alibaba-mongodb-multi.md) | Terraform-based module for creating a MongoDB cloud database under AliCloud VPC | false |
|
||||||
|
| | | [mse](./terraform/alibaba-mse.md) | Terraform configuration for Alibaba Cloud MSE | false |
|
||||||
|
| | | [nas](./terraform/alibaba-nas.md) | Terraform configuration for Alicloud NAS | false |
|
||||||
|
| | | [network with nat](./terraform/alibaba-network-with-nat.md) | Build VPC and Nat gateway network environment and bind EIP, add SNAT and DNAT entries on AliCloud based on Terraform module | false |
|
||||||
|
| | | [oss](./terraform/alibaba-oss.md) | Terraform configuration for Alibaba Cloud OSS | true |
|
||||||
|
| | | [oss website](./terraform/alibaba-oss-website.md) | Alibaba Cloud OSS static webstie bucket | false |
|
||||||
|
| | | [private zone](./terraform/alibaba-private-zone.md) | Terraform-based modules are used to create a Private Zone on AliCloud, while you can add records to the Zone and associate it with a VPC | false |
|
||||||
|
| | | [rabbitmq](./terraform/alibaba-rabbitmq.md) | Create a RabbitMQ based on Terraform module in Ali cloud | false |
|
||||||
|
| | | [ram](./terraform/alibaba-ram.md) | Create RAM User instances on AliCloud based on Terraform module | false |
|
||||||
|
| | | [ram fc](./terraform/alibaba-ram-fc.md) | Create a functional computing service based on Terraform under AliCloud's RAM role | false |
|
||||||
|
| | | [rds](./terraform/alibaba-rds.md) | Terraform configuration for Alibaba Cloud RDS | true |
|
||||||
|
| | | [rds preview](./terraform/alibaba-rds-preview.md) | Alibaba RDS in a preview mode | true |
|
||||||
|
| | | [redis](./terraform/alibaba-redis.md) | Terraform configuration for Alibaba Cloud Redis | true |
|
||||||
|
| | | [remote backend](./terraform/alibaba-remote-backend.md) | Deploy remote backend storage in Aliyun based on Terraform module | false |
|
||||||
|
| | | [rocketmq](./terraform/alibaba-rocketmq.md) | Terraform configuration for Alibaba Cloud RocketMQ | false |
|
||||||
|
| | | [sae application](./terraform/alibaba-sae-application.md) | Alibaba SAE application | false |
|
||||||
|
| | | [sae auto config application](./terraform/alibaba-sae-auto-config-application.md) | Alibaba SAE application to be deployed in auto-config mode | false |
|
||||||
|
| | | [sae namespace](./terraform/alibaba-sae-namespace.md) | Alibaba SAE namespace | false |
|
||||||
|
| | | [security group](./terraform/alibaba-security-group.md) | Terraform configuration for Alicloud SecurityGroup | false |
|
||||||
|
| | | [slb](./terraform/alibaba-slb.md) | Terraform configuration for Alicloud SLB | false |
|
||||||
|
| | | [slb acl](./terraform/alibaba-slb-acl.md) | Terraform-based module supports creating access control lists for load balancers | false |
|
||||||
|
| | | [slb listener](./terraform/alibaba-slb-listener.md) | Quickly create slb listeners resources on AliCloud based on Terraform module | false |
|
||||||
|
| | | [slb rule](./terraform/alibaba-slb-rule.md) | Terraform-based module creates an SLB instance under AliCloud's VPC and configures rules | false |
|
||||||
|
| | | [sls project](./terraform/alibaba-sls-project.md) | Terraform configuration for Alibaba Cloud SLS Project | true |
|
||||||
|
| | | [sls store](./terraform/alibaba-sls-store.md) | Terraform configuration for Alibaba Cloud SLS Store | true |
|
||||||
|
| | | [vpc](./terraform/alibaba-vpc.md) | Terraform configuration for Alibaba Cloud VPC | true |
|
||||||
|
| | | [vpc ecs eip](./terraform/alibaba-vpc-ecs-eip.md) | Create a lightweight WEB service based on Terraform under AliCloud's VPC, including: VPC, ECS, EIP | false |
|
||||||
|
| | | [vpc privatelink connection](./terraform/alibaba-vpc-privatelink-connection.md) | Terraform-based for creating VPC networks in AliCloud and creating private network links | false |
|
||||||
|
| | | [vpn gateway](./terraform/alibaba-vpn-gateway.md) | Create VPN resources on AliCloud based on Terraform module | false |
|
||||||
|
| | | [vswitch](./terraform/alibaba-vswitch.md) | Terraform configuration for Alibaba Cloud VSwitch | true |
|
||||||
|
|
|
||||||
|
|
@ -31,28 +31,28 @@ spec:
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
vpc_name | The vpc name used to create a new vpc when 'vpc_id' is not specified. Default to variable `example_name` | string | false |
|
vpc_name | The vpc name used to create a new vpc when 'vpc_id' is not specified. Default to variable `example_name` | string | false |
|
||||||
enable_ssh | Enable login to the node through SSH. | bool | false |
|
vpc_cidr | The cidr block used to launch a new vpc when 'vpc_id' is not specified. | string | false |
|
||||||
install_cloud_monitor | Install cloud monitor agent on ECS. | bool | false |
|
worker_instance_types | The ecs instance types used to launch worker nodes. | list(any) | false |
|
||||||
|
vswitch_name_prefix | The vswitch name prefix used to create several new vswitches. Default to variable 'example_name'. | string | false |
|
||||||
|
vswitch_cidrs | List of cidr blocks used to create several new vswitches when 'vswitch_ids' is not specified. | list(any) | false |
|
||||||
|
new_nat_gateway | Whether to create a new nat gateway. In this template, a new nat gateway will create a nat gateway, eip and server snat entries. | bool | false |
|
||||||
k8s_worker_number | The number of worker nodes in kubernetes cluster. | number | false |
|
k8s_worker_number | The number of worker nodes in kubernetes cluster. | number | false |
|
||||||
k8s_service_cidr | The kubernetes service cidr block. It cannot be equals to vpc's or vswitch's or pod's and cannot be in them. | string | false |
|
k8s_service_cidr | The kubernetes service cidr block. It cannot be equals to vpc's or vswitch's or pod's and cannot be in them. | string | false |
|
||||||
k8s_pod_cidr | The kubernetes pod cidr block. It cannot be equals to vpc's or vswitch's and cannot be in them. | string | false |
|
k8s_version | The version of the kubernetes version. Valid values: '1.16.6-aliyun.1','1.14.8-aliyun.1'. Default to '1.16.6-aliyun.1'. | string | false |
|
||||||
zone_id | Availability Zone ID | string | false |
|
memory_size | Memory size used to fetch instance types. | number | false |
|
||||||
vpc_cidr | The cidr block used to launch a new vpc when 'vpc_id' is not specified. | string | false |
|
vswitch_ids | List of existing vswitch id. | list(any) | false |
|
||||||
vswitch_cidrs | List of cidr blocks used to create several new vswitches when 'vswitch_ids' is not specified. | list(any) | false |
|
enable_ssh | Enable login to the node through SSH. | bool | false |
|
||||||
k8s_name_prefix | The name prefix used to create several kubernetes clusters. Default to variable `example_name` | string | false |
|
install_cloud_monitor | Install cloud monitor agent on ECS. | bool | false |
|
||||||
new_nat_gateway | Whether to create a new nat gateway. In this template, a new nat gateway will create a nat gateway, eip and server snat entries. | bool | false |
|
|
||||||
worker_instance_types | The ecs instance types used to launch worker nodes. | list(any) | false |
|
|
||||||
cpu_policy | kubelet cpu policy. Valid values: 'none','static'. Default to 'none'. | string | false |
|
cpu_policy | kubelet cpu policy. Valid values: 'none','static'. Default to 'none'. | string | false |
|
||||||
proxy_mode | Proxy mode is option of kube-proxy. Valid values: 'ipvs','iptables'. Default to 'iptables'. | string | false |
|
proxy_mode | Proxy mode is option of kube-proxy. Valid values: 'ipvs','iptables'. Default to 'iptables'. | string | false |
|
||||||
cpu_core_count | CPU core count is used to fetch instance types. | number | false |
|
cpu_core_count | CPU core count is used to fetch instance types. | number | false |
|
||||||
memory_size | Memory size used to fetch instance types. | number | false |
|
|
||||||
vswitch_name_prefix | The vswitch name prefix used to create several new vswitches. Default to variable 'example_name'. | string | false |
|
|
||||||
number_format | The number format used to output. | string | false |
|
number_format | The number format used to output. | string | false |
|
||||||
vswitch_ids | List of existing vswitch id. | list(any) | false |
|
k8s_name_prefix | The name prefix used to create several kubernetes clusters. Default to variable `example_name` | string | false |
|
||||||
master_instance_types | The ecs instance types used to launch master nodes. | list(any) | false |
|
master_instance_types | The ecs instance types used to launch master nodes. | list(any) | false |
|
||||||
node_cidr_mask | The node cidr block to specific how many pods can run on single node. Valid values: [24-28]. | number | false |
|
node_cidr_mask | The node cidr block to specific how many pods can run on single node. Valid values: [24-28]. | number | false |
|
||||||
password | The password of ECS instance. | string | false |
|
password | The password of ECS instance. | string | false |
|
||||||
k8s_version | The version of the kubernetes version. Valid values: '1.16.6-aliyun.1','1.14.8-aliyun.1'. Default to '1.16.6-aliyun.1'. | string | false |
|
k8s_pod_cidr | The kubernetes pod cidr block. It cannot be equals to vpc's or vswitch's and cannot be in them. | string | false |
|
||||||
|
zone_id | Availability Zone ID | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,21 +13,21 @@ Terraform configuration for Alibaba Cloud AMQP(RabbitMQ)
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The specification of module name. | string | false |
|
||||||
|
instance_type | The specification of the instance type. Valid values: professional, vip. | string | false |
|
||||||
|
instance_id | The instance_id used to RabbitMQ. If set, the 'create' will be ignored. | string | false |
|
||||||
|
argument | The specification of the argument. | string | false |
|
||||||
|
support_eip | The specification of support EIP. | bool | false |
|
||||||
|
exchange_type | The specification of the exchange type. Valid values: FANOUT, DIRECT, TOPIC, HEADERS | string | false |
|
||||||
|
auto_delete_state | Specifies whether the Auto Delete attribute is configured. Valid values: true: The Auto Delete attributeis configured. If the last queue that is bound to an exchange is unbound, the exchange is automatically deleted. false: The Auto Delete attribute is not configured. If the last queue that is bound to an exchange is unbound, the exchange is not automatically deleted. | bool | false |
|
||||||
|
binding_type | The specification of the binding type. Valid values: EXCHANGE, QUEUE. | string | false |
|
||||||
|
max_tps | The specification of the peak TPS traffic. The smallest valid value is 1000 and the largest value is 100,000. | number | false |
|
||||||
queue_capacity | The specification of the queue capacity. The smallest value is 50 and the step size 5. | number | false |
|
queue_capacity | The specification of the queue capacity. The smallest value is 50 and the step size 5. | number | false |
|
||||||
max_eip_tps | The specification of the max eip tps. It is valid when support_eip is true. The valid value is [128, 45000] with the step size 128 | number | false |
|
max_eip_tps | The specification of the max eip tps. It is valid when support_eip is true. The valid value is [128, 45000] with the step size 128 | number | false |
|
||||||
payment_type | The specification of the payment type. | string | false |
|
payment_type | The specification of the payment type. | string | false |
|
||||||
exchange_type | The specification of the exchange type. Valid values: FANOUT, DIRECT, TOPIC, HEADERS | string | false |
|
|
||||||
internal | The specification of the internal. | bool | false |
|
|
||||||
name | The specification of module name. | string | false |
|
|
||||||
argument | The specification of the argument. | string | false |
|
|
||||||
instance_type | The specification of the instance type. Valid values: professional, vip. | string | false |
|
|
||||||
max_tps | The specification of the peak TPS traffic. The smallest valid value is 1000 and the largest value is 100,000. | number | false |
|
|
||||||
period | The specification of the period. Valid values: 1, 12, 2, 24, 3, 6. | number | false |
|
period | The specification of the period. Valid values: 1, 12, 2, 24, 3, 6. | number | false |
|
||||||
create | Whether to create instance. If false, you can specify an existing instance by setting 'instance_id'. | bool | false |
|
create | Whether to create instance. If false, you can specify an existing instance by setting 'instance_id'. | bool | false |
|
||||||
binding_type | The specification of the binding type. Valid values: EXCHANGE, QUEUE. | string | false |
|
internal | The specification of the internal. | bool | false |
|
||||||
support_eip | The specification of support EIP. | bool | false |
|
|
||||||
instance_id | The instance_id used to RabbitMQ. If set, the 'create' will be ignored. | string | false |
|
|
||||||
auto_delete_state | Specifies whether the Auto Delete attribute is configured. Valid values: true: The Auto Delete attributeis configured. If the last queue that is bound to an exchange is unbound, the exchange is automatically deleted. false: The Auto Delete attribute is not configured. If the last queue that is bound to an exchange is unbound, the exchange is not automatically deleted. | bool | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -31,8 +31,8 @@ title: 阿里云 ASK
|
||||||
|
|
||||||
名称 | 描述
|
名称 | 描述
|
||||||
------------ | -------------
|
------------ | -------------
|
||||||
KUBECONFIG | The KubeConfig string of the kubernetes cluster.
|
|
||||||
RESOURCE_IDENTIFIER | The identifier of the resource
|
RESOURCE_IDENTIFIER | The identifier of the resource
|
||||||
Name | Cluster Name
|
Name | Cluster Name
|
||||||
API_SERVER_INTRANET | The API server intranet address of the kubernetes cluster.
|
API_SERVER_INTRANET | The API server intranet address of the kubernetes cluster.
|
||||||
API_SERVER_INTERNET | The API server internet address of the kubernetes cluster.
|
API_SERVER_INTERNET | The API server internet address of the kubernetes cluster.
|
||||||
|
KUBECONFIG | The KubeConfig string of the kubernetes cluster.
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,36 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 DEPLOY-WEBSITE
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Deploy a Static Website in object stroage, like S3 and OSS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
static_web_url | The URL of the static website | string | false |
|
||||||
|
bucket | OSS bucket name | string | false |
|
||||||
|
endpoint | OSS bucket endpoint | string | true |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
||||||
|
|
||||||
|
### 输出
|
||||||
|
|
||||||
|
如果设置了 `writeConnectionSecretToRef`,一个 Kubernetes Secret 将会被创建,并且,它的数据里有这些键(key):
|
||||||
|
|
||||||
|
名称 | 描述
|
||||||
|
------------ | -------------
|
||||||
|
URL | The URL of the website
|
||||||
|
|
@ -0,0 +1,38 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 DNS
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform configuration for Alibaba Cloud DNS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
create | Whether to create a domain. Default to true. | bool | false |
|
||||||
|
add_records | Whether to add records to dns. Default to true. | bool | false |
|
||||||
|
region | (Deprecated from version 1.5.0) The region used to launch this module resources. | string | false |
|
||||||
|
profile | (Deprecated from version 1.5.0) The profile name as set in the shared credentials file. If not set, it will be sourced from the ALICLOUD_PROFILE environment variable. | string | false |
|
||||||
|
skip_region_validation | (Deprecated from version 1.5.0) Skip static validation of region ID. Used by users of alternative AlibabaCloud-like APIs or users w/ access to regions that are not public (yet). | bool | false |
|
||||||
|
resource_group_id | The Id of resource group which the DNS belongs. | string | false |
|
||||||
|
domain_name | The name of domain. | string | false |
|
||||||
|
existing_group_name | Id of the group in which the domain will add. If not supplied, then use default group. | string | false |
|
||||||
|
records | DNS record list.Each item can contains keys: 'rr'(The host record of the domain record. 'name' has been deprecated from 1.3.0, and use 'rr' instead.),'type'(The type of the domain. Valid values: A, NS, MX, TXT, CNAME, SRV, AAAA, CAA, REDIRECT_URL, FORWORD_URL. Default to A.),'value'(The value of domain record),'priority'(The priority of domain record. Valid values are `[1-10]`. When the `type` is `MX`, this parameter is required.),'ttl'(The ttl of the domain record. Default to 600.),'line'(The resolution line of domain record. Default value is default.). | list(map(string)) | false |
|
||||||
|
group_name | DNS domain's parrent group name, If not set, a default name with prefix 'terraform-dns-group-' will be returned. | string | false |
|
||||||
|
record_list | (Deprecated) It has been deprecated from 1.3.0, and use 'records' instead. | list(object({\n name = string\n host_record = string\n type = string\n ttl = number\n value = string\n priority = number\n })) | false |
|
||||||
|
shared_credentials_file | (Deprecated from version 1.5.0) This is the path to the shared credentials file. If this is not set and a profile is specified, $HOME/.aliyun/config.json will be used. | string | false |
|
||||||
|
existing_domain_name | The name of an existing domain. If set, 'create' will be ignored. | string | false |
|
||||||
|
create_group | Whether to create a DNS group. Default to false. | bool | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,51 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 EIP-SLB-ECS-RDS
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Create a lightweight web service based on Terraform under AliCloud's VPC, including: EIP, SLB, ECS, RDS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
ecs_size | The specification of the ecs size. | number | false |
|
||||||
|
availability_zone | The available zone to launch modules. | string | false |
|
||||||
|
monitoring_period | The specification of the monitoring period. | string | false |
|
||||||
|
image_id | The specification of the image id. | string | false |
|
||||||
|
category | The specification of the category. | string | false |
|
||||||
|
engine_version | The specification of the engine version. | string | false |
|
||||||
|
data_disks_name | The name of the data disk. | string | false |
|
||||||
|
eip_internet_charge_type | The specification of the eip internet charge type. | string | false |
|
||||||
|
slb_spec | The specification of the slb spec. | string | false |
|
||||||
|
slb_tags_info | The specification of the slb tags info. | string | false |
|
||||||
|
system_disk_category | The specification of the system disk category. | string | false |
|
||||||
|
system_disk_description | The specification of the system disk description. | string | false |
|
||||||
|
encrypted | Encrypted the data in this disk. | bool | false |
|
||||||
|
instance_storage | The specification of the instance storage. | string | false |
|
||||||
|
system_disk_name | The specification of the system disk name. | string | false |
|
||||||
|
internet_max_bandwidth_out | The specification of the internet max bandwidth out. | number | false |
|
||||||
|
slb_address_type | The specification of the slb intranet. | string | false |
|
||||||
|
description | The specification of module description. | string | false |
|
||||||
|
engine | The specification of the engine. | string | false |
|
||||||
|
rds_instance_type | The specification of the rds instance type. | string | false |
|
||||||
|
name | The specification of module name. | string | false |
|
||||||
|
instance_type | The specification of the instance type. | string | false |
|
||||||
|
vswitch_id | VSwitch variables, if vswitch_id is empty, then the net_type = classic. | string | false |
|
||||||
|
security_group_ids | A list of security group ids to associate with. | list(string) | false |
|
||||||
|
available_disk_category | The specification of available disk category. | string | false |
|
||||||
|
eip_bandwidth | The specification of the eip bandwidth. | string | false |
|
||||||
|
instance_charge_type | The specification of the instance charge type. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,24 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 KMS
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Create KMS on AliCloud based on Terraform module
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,51 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 KUBERNETES-NETWORKING
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Create a set of network environment related resources for Kubernetes clusters on AliCloud based on Terraform module
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
vpc_cidr | The cidr block used to launch a new vpc when 'vpc_id' is not specified. | string | false |
|
||||||
|
vswitch_tags | The tags used to launch serveral vswitches. | map(string) | false |
|
||||||
|
nat_internet_charge_type | The internet charge type. Valid values PayByLcu and PayBySpec. | string | false |
|
||||||
|
eip_instance_charge_type | (Deprecated from version 1.3.0) Elastic IP instance charge type. | string | false |
|
||||||
|
availability_zones | List available zones to launch several VSwitches. | list(string) | false |
|
||||||
|
vswitch_cidrs | List of cidr blocks used to create several new vswitches when 'vswitch_ids' is not specified. | list(string) | false |
|
||||||
|
nat_specification | The specification of nat gateway. | string | false |
|
||||||
|
shared_credentials_file | (Deprecated from version 1.2.0) This is the path to the shared credentials file. If this is not set and a profile is specified, $HOME/.aliyun/config.json will be used. | string | false |
|
||||||
|
nat_instance_charge_type | (Deprecated from version 1.3.0) The charge type of the nat gateway. Choices are 'PostPaid' and 'PrePaid'. | string | false |
|
||||||
|
nat_period | The charge duration of the PrePaid nat gateway, in month. | number | false |
|
||||||
|
eip_name | The name prefix used to launch the eip. | string | false |
|
||||||
|
eip_tags | The tags used to launch the eip. | map(string) | false |
|
||||||
|
profile | (Deprecated from version 1.2.0) The profile name as set in the shared credentials file. If not set, it will be sourced from the ALICLOUD_PROFILE environment variable. | string | false |
|
||||||
|
vpc_name | The vpc name used to launch a new vpc. | string | false |
|
||||||
|
vswitch_name | The name prefix used to launch the vswitch. | string | false |
|
||||||
|
eip_bandwidth | The eip bandwidth. | number | false |
|
||||||
|
region | (Deprecated from version 1.2.0) The region used to launch this module resources. | string | false |
|
||||||
|
eip_period | The duration that you will buy the EIP, in month. | number | false |
|
||||||
|
nat_payment_type | The billing method of the NAT gateway. | string | false |
|
||||||
|
create | Whether to create kubernetes networking resources. | bool | false |
|
||||||
|
existing_vpc_id | An existing vpc id used to create several vswitches and other resources. | string | false |
|
||||||
|
nat_gateway_name | The name prefix used to launch the nat gateway. | string | false |
|
||||||
|
skip_region_validation | (Deprecated from version 1.2.0) Skip static validation of region ID. Used by users of alternative AlibabaCloud-like APIs or users w/ access to regions that are not public (yet). | bool | false |
|
||||||
|
nat_type | The type of NAT gateway. | string | false |
|
||||||
|
eip_payment_type | The billing method of the NAT gateway. | string | false |
|
||||||
|
eip_internet_charge_type | Internet charge type of the EIP, Valid values are `PayByBandwidth`, `PayByTraffic`. | string | false |
|
||||||
|
vpc_tags | The tags used to launch a new vpc. | map(string) | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,48 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 MARKET-TENSORFLOW
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Based on Terraform module, create ECS instances on Ali cloud to achieve one-click deployment of cloud marketplace Tensorflow
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
system_disk_size | The system disk size used to launch ecs instance. | number | false |
|
||||||
|
internet_max_bandwidth_out | The maximum internet out bandwidth of ECS instance. | number | false |
|
||||||
|
description | Description of the instance, This description can have a string of 2 to 256 characters, It cannot begin with http:// or https://. Default value is null. | string | false |
|
||||||
|
deletion_protection | Whether enable the deletion protection or not. 'true': Enable deletion protection. 'false': Disable deletion protection. | bool | false |
|
||||||
|
shared_credentials_file | (Deprecated from version 1.1.0) This is the path to the shared credentials file. If this is not set and a profile is specified, $HOME/.aliyun/config.json will be used. | string | false |
|
||||||
|
skip_region_validation | (Deprecated from version 1.1.0) Skip static validation of region ID. Used by users of alternative AlibabaCloud-like APIs or users w/ access to regions that are not public (yet). | bool | false |
|
||||||
|
product_suggested_price | The suggested price of Market Product used to fetch the specified product image. | number | false |
|
||||||
|
ecs_instance_password | The password of ECS instance. | string | false |
|
||||||
|
force_delete | If it is true, the 'PrePaid' instance will be change to 'PostPaid' and then deleted forcibly. However, because of changing instance charge type has CPU core count quota limitation, so strongly recommand that 'Don't modify instance charge type frequentlly in one month'. | bool | false |
|
||||||
|
ecs_instance_name | The name of ECS Instance. | string | false |
|
||||||
|
system_disk_category | The system disk category used to launch one ecs instance. | string | false |
|
||||||
|
private_ip | Configure ECS Instance private IP address | string | false |
|
||||||
|
internet_charge_type | The internet charge type of ECS instance. Choices are 'PayByTraffic' and 'PayByBandwidth'. | string | false |
|
||||||
|
product_supplier_name_keyword | The name keyword of Market Product supplier name used to fetch the specified product image. | string | false |
|
||||||
|
image_id | The image id used to launch one ecs instance. If not set, a fetched market place image by product_keyword will be used. | string | false |
|
||||||
|
ecs_instance_type | The instance type used to launch ecs instance. | string | false |
|
||||||
|
security_group_ids | A list of security group ids to associate with ECS. | list(string) | false |
|
||||||
|
vswitch_id | The virtual switch ID to launch ECS instance in VPC. | string | false |
|
||||||
|
resource_group_id | The Id of resource group which the ECS instance belongs. | string | false |
|
||||||
|
tags | A mapping of tags to assign to the ECS. | map(string) | false |
|
||||||
|
region | (Deprecated from version 1.1.0) The region used to launch this module resources. | string | false |
|
||||||
|
profile | (Deprecated from version 1.1.0) The profile name as set in the shared credentials file. If not set, it will be sourced from the ALICLOUD_PROFILE environment variable. | string | false |
|
||||||
|
product_keyword | The name keyword of Market Product used to fetch the specified product image. | string | false |
|
||||||
|
create_instance | Whether to create ecs instance. | bool | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,31 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 MNS-QUEUE
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Create a queue instance based on the Terraform module
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | Two queues on a single account in the same region cannot have the same name. A queue name must start with an English letter or a digit, and can contain English letters, digits, and hyphens, with the length not exceeding 256 characters. | string | false |
|
||||||
|
delay_seconds | This attribute defines the length of time, in seconds, after which every message sent to the queue is dequeued. Valid value range: 0-604800 seconds, i.e., 0 to 7 days. | number | false |
|
||||||
|
maximum_message_size | This indicates the maximum length, in bytes, of any message body sent to the queue. Valid value range: 1024-65536, i.e., 1K to 64K. | number | false |
|
||||||
|
message_retention_period | Messages are deleted from the queue after a specified length of time, whether they have been activated or not. This attribute defines the viability period, in seconds, for every message in the queue. Valid value range: 60-259200 seconds, i.e., 1 minutes to 3 days. | number | false |
|
||||||
|
visibility_timeout | Dequeued messages change from active (visible) status to inactive (invisible) status. This attribute defines the length of time, in seconds, that messages remain invisible. Messages return to active status after the set period. Valid value range: 1-43200 seconds, i.e., 1 seconds to 12 hours. | number | false |
|
||||||
|
polling_wait_seconds | Long polling is measured in seconds. When this attribute is set to 0, long polling is disabled. When it is not set to 0, long polling is enabled and message dequeue requests will be processed only when valid messages are received or when long polling times out. The value range is 0-30 seconds. | number | false |
|
||||||
|
region | (Deprecated from version 1.2.0) The region used to launch this module resources. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,33 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 MNS-TOPIC
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Create a topic and a subscription based on Terraform module
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
notify_strategy | The NotifyStrategy attribute of Subscription. This attribute specifies the retry strategy when message sending fails. the attribute has two value EXPONENTIAL_DECAY_RETR or BACKOFF_RETRY | string | false |
|
||||||
|
filter_tag | Message Filter Label | string | false |
|
||||||
|
region | (Deprecated from version 1.2.0) The region used to launch this module resources. | string | false |
|
||||||
|
subscription_name | the Subscription Name,Two subcription Name on a single topic in the same region cannot have the same name.A subscription name must start with an English letter or a digit, and can contain English letters, digits, and hyphens, with the length not exceeding 256 characters. | string | false |
|
||||||
|
logging_enabled | is log enabled ? | bool | false |
|
||||||
|
endpoint | Describe the terminal address of the message received in this subscription. email format: mail:directmail:XXX@YYY.com , queue format: http(s)://AccountId.mns.regionId.aliyuncs.com/, http format: http(s)://www.xxx.com/xxx | string | false |
|
||||||
|
notify_content_format | The NotifyContentFormat attribute of Subscription. This attribute specifies the content format of the messages pushed to users. the attribute has two value SIMPLIFIED or XML | string | false |
|
||||||
|
topic_name | Two topics on a single account in the same region cannot have the same name. A topic name must start with an English letter or a digit, and can contain English letters, digits, and hyphens, with the length not exceeding 256 characters. | string | false |
|
||||||
|
maximum_message_size | This indicates the maximum length, in bytes, of any message body sent to the topic. Valid value range: 1024-65536, i.e., 1K to 64K. | number | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,42 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 MONGODB-MULTI
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform-based module for creating a MongoDB cloud database under AliCloud VPC
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
engine_version | The version number of the database. Valid value: 3.2, 3.4, 4.0. | string | false |
|
||||||
|
db_instance_class | The specification of the instance. For more information about the value, see https://www.alibabacloud.com/help/doc-detail/57141.htm | string | false |
|
||||||
|
storage_engine | The MongoDB storage engine, WiredTiger or RocksDB. Default value: WiredTiger. | string | false |
|
||||||
|
zone_id | The ID of the zone. You can refer to https://www.alibabacloud.com/help/doc-detail/61933.htm. | string | false |
|
||||||
|
account_password | Password of the root account. It is a string of 6 to 32 characters and is composed of letters, numbers, and underlines | string | false |
|
||||||
|
backup_period | MongoDB Instance backup period. It is required when backup_time was existed. Valid values: [Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday]. Default to [Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday]. | list(string) | false |
|
||||||
|
tags | A mapping of tags to assign to the mongodb instance resource. | map(string) | false |
|
||||||
|
instance_charge_type | The billing method of the instance. Valid values are Prepaid, PostPaid, Default to PostPaid | string | false |
|
||||||
|
vswitch_id | The virtual switch ID to launch DB instances in one VPC. | string | false |
|
||||||
|
backup_time | MongoDB instance backup time. It is required when backup_period was existed. In the format of HH:mmZ- HH:mmZ. Time setting interval is one hour. Default to a random time, like '23:00Z-24:00Z'. | string | false |
|
||||||
|
instance_id | `(Deprecated)` It has been deprecated from version 1.2.0 and use `existing_instance_id` instead. | string | false |
|
||||||
|
region | The specification of the monitoring region. | string | false |
|
||||||
|
create_resources_size | The specification of the monitoring region. | string | false |
|
||||||
|
name | The name of DB instance. It a string of 2 to 256 characters | string | false |
|
||||||
|
db_instance_storage | The storage space of the instance. Valid values: 10 to 3000. Unit: GB. You can only specify this value in 10 GB increments. | number | false |
|
||||||
|
replication_factor | The number of nodes in the replica set instance. Valid values: 3, 5, 7. Default value: 3. | number | false |
|
||||||
|
period | The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36. Default to 1 | number | false |
|
||||||
|
security_ip_list | List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]). | list(string) | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -13,28 +13,28 @@ Alibaba Cloud MongoDB
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
account_password | Password of the root account. It is a string of 6 to 32 characters and is composed of letters, numbers, and underlines | string | true |
|
||||||
|
replication_factor | The number of nodes in the replica set instance. Valid values: 3, 5, 7. Default value: 3. | number | false |
|
||||||
|
backup_time | MongoDB instance backup time. It is required when backup_period was existed. In the format of HH:mmZ- HH:mmZ. Time setting interval is one hour. Default to a random time, like '23:00Z-24:00Z'. | string | false |
|
||||||
|
region | (Deprecated from version 1.4.0) The region used to launch this module resources. | string | false |
|
||||||
engine_version | The version number of the database. Valid value: 3.4, 4.0, 4.2, 4.4, 5.0 | string | true |
|
engine_version | The version number of the database. Valid value: 3.4, 4.0, 4.2, 4.4, 5.0 | string | true |
|
||||||
shared_credentials_file | (Deprecated from version 1.4.0) This is the path to the shared credentials file. If this is not set and a profile is specified, $HOME/.aliyun/config.json will be used. | string | false |
|
db_instance_storage | The storage space of the instance. Valid values: 10 to 3000. Unit: GB. You can only specify this value in 10 GB increments. | number | false |
|
||||||
|
storage_engine | The MongoDB storage engine, WiredTiger or RocksDB. Default value: WiredTiger. | string | false |
|
||||||
|
name | The name of DB instance. It a string of 2 to 256 characters | string | true |
|
||||||
|
tags | A mapping of tags to assign to the mongodb instance resource. | map(string) | false |
|
||||||
|
existing_instance_id | The Id of an existing Mongodb instance. If set, the `create` will be ignored. | string | false |
|
||||||
|
backup_period | MongoDB Instance backup period. It is required when backup_time was existed. Valid values: [Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday]. Default to [Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday]. | list(string) | true |
|
||||||
skip_region_validation | (Deprecated from version 1.4.0) Skip static validation of region ID. Used by users of alternative AlibabaCloud-like APIs or users w/ access to regions that are not public (yet). | bool | false |
|
skip_region_validation | (Deprecated from version 1.4.0) Skip static validation of region ID. Used by users of alternative AlibabaCloud-like APIs or users w/ access to regions that are not public (yet). | bool | false |
|
||||||
|
db_instance_class | The specification of the instance. For more information about the value, see https://www.alibabacloud.com/help/doc-detail/57141.htm | string | true |
|
||||||
instance_charge_type | The billing method of the instance. Valid values are Prepaid, PostPaid, Default to PostPaid | string | false |
|
instance_charge_type | The billing method of the instance. Valid values are Prepaid, PostPaid, Default to PostPaid | string | false |
|
||||||
period | The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36. Default to 1 | | false |
|
period | The duration that you will buy DB instance (in month). It is valid when instance_charge_type is PrePaid. Valid values: [1~9], 12, 24, 36. Default to 1 | | false |
|
||||||
vswitch_id | The virtual switch ID to launch DB instances in one VPC. | string | false |
|
vswitch_id | The virtual switch ID to launch DB instances in one VPC. | string | false |
|
||||||
backup_time | MongoDB instance backup time. It is required when backup_period was existed. In the format of HH:mmZ- HH:mmZ. Time setting interval is one hour. Default to a random time, like '23:00Z-24:00Z'. | string | false |
|
|
||||||
profile | (Deprecated from version 1.4.0) The profile name as set in the shared credentials file. If not set, it will be sourced from the ALICLOUD_PROFILE environment variable. | string | false |
|
|
||||||
db_instance_class | The specification of the instance. For more information about the value, see https://www.alibabacloud.com/help/doc-detail/57141.htm | string | true |
|
|
||||||
storage_engine | The MongoDB storage engine, WiredTiger or RocksDB. Default value: WiredTiger. | string | false |
|
|
||||||
security_ip_list | List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]). | list(string) | false |
|
|
||||||
replication_factor | The number of nodes in the replica set instance. Valid values: 3, 5, 7. Default value: 3. | number | false |
|
|
||||||
tags | A mapping of tags to assign to the mongodb instance resource. | map(string) | false |
|
|
||||||
region | (Deprecated from version 1.4.0) The region used to launch this module resources. | string | false |
|
|
||||||
name | The name of DB instance. It a string of 2 to 256 characters | string | true |
|
|
||||||
zone_id | The ID of the zone. You can refer to https://www.alibabacloud.com/help/doc-detail/61933.htm. | string | false |
|
|
||||||
account_password | Password of the root account. It is a string of 6 to 32 characters and is composed of letters, numbers, and underlines | string | true |
|
|
||||||
backup_period | MongoDB Instance backup period. It is required when backup_time was existed. Valid values: [Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday]. Default to [Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday]. | list(string) | true |
|
|
||||||
existing_instance_id | The Id of an existing Mongodb instance. If set, the `create` will be ignored. | string | false |
|
|
||||||
create | Whether to use an existing MongoDB. If false, you can use a existing Mongodb instance by setting `existing_instance_id`. | bool | false |
|
|
||||||
instance_id | `(Deprecated)` It has been deprecated from version 1.2.0 and use `existing_instance_id` instead. | string | false |
|
instance_id | `(Deprecated)` It has been deprecated from version 1.2.0 and use `existing_instance_id` instead. | string | false |
|
||||||
db_instance_storage | The storage space of the instance. Valid values: 10 to 3000. Unit: GB. You can only specify this value in 10 GB increments. | number | false |
|
profile | (Deprecated from version 1.4.0) The profile name as set in the shared credentials file. If not set, it will be sourced from the ALICLOUD_PROFILE environment variable. | string | false |
|
||||||
|
shared_credentials_file | (Deprecated from version 1.4.0) This is the path to the shared credentials file. If this is not set and a profile is specified, $HOME/.aliyun/config.json will be used. | string | false |
|
||||||
|
zone_id | The ID of the zone. You can refer to https://www.alibabacloud.com/help/doc-detail/61933.htm. | string | false |
|
||||||
|
security_ip_list | List of IP addresses allowed to access all databases of an instance. The list contains up to 1,000 IP addresses, separated by commas. Supported formats include 0.0.0.0/0, 10.23.12.24 (IP), and 10.23.12.24/24 (Classless Inter-Domain Routing (CIDR) mode. /24 represents the length of the prefix in an IP address. The range of the prefix length is [1,32]). | list(string) | false |
|
||||||
|
create | Whether to use an existing MongoDB. If false, you can use a existing Mongodb instance by setting `existing_instance_id`. | bool | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,12 +13,12 @@ Terraform configuration for Alibaba Cloud MSE
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
cluster_specification | The engine specification of MSE Cluster. Valid values: MSE_SC_1_2_200_c:1C2G MSE_SC_2_4_200_c:2C4G MSE_SC_4_8_200_c:4C8G MSE_SC_8_16_200_c:8C16G | string | false |
|
|
||||||
cluster_type | The type of MSE Cluster. Valid values: ZooKeeper、Nacos-Ans and Eureka | string | false |
|
|
||||||
cluster_version | The version of MSE Cluster. Valid values: ZooKeeper_3_4_14, ZooKeeper_3_5_5, NACOS_ANS_1_1_3, NACOS_ANS_1_2_1, EUREKA_1_9_3 | string | false |
|
cluster_version | The version of MSE Cluster. Valid values: ZooKeeper_3_4_14, ZooKeeper_3_5_5, NACOS_ANS_1_1_3, NACOS_ANS_1_2_1, EUREKA_1_9_3 | string | false |
|
||||||
net_type | The type of network. Valid values: privatenet and pubnet | string | false |
|
net_type | The type of network. Valid values: privatenet and pubnet | string | false |
|
||||||
acl_entry_list | The whitelist | list(any) | false |
|
acl_entry_list | The whitelist | list(any) | false |
|
||||||
cluster_alias_name | The alias name of MSE Cluster | string | false |
|
cluster_alias_name | The alias name of MSE Cluster | string | false |
|
||||||
|
cluster_specification | The engine specification of MSE Cluster. Valid values: MSE_SC_1_2_200_c:1C2G MSE_SC_2_4_200_c:2C4G MSE_SC_4_8_200_c:4C8G MSE_SC_8_16_200_c:8C16G | string | false |
|
||||||
|
cluster_type | The type of MSE Cluster. Valid values: ZooKeeper、Nacos-Ans and Eureka | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -36,9 +36,9 @@ Terraform configuration for Alibaba Cloud MSE
|
||||||
|
|
||||||
名称 | 描述
|
名称 | 描述
|
||||||
------------ | -------------
|
------------ | -------------
|
||||||
INTRANET_PORT | The intranet port of the resource
|
|
||||||
Net_TYPE | The type of network
|
|
||||||
RESOURCE_IDENTIFIER | The identifier of the resource
|
RESOURCE_IDENTIFIER | The identifier of the resource
|
||||||
INTERNET_DOMAIN | The internet domain of the resource
|
INTERNET_DOMAIN | The internet domain of the resource
|
||||||
INTERNET_PORT | The internet port of the resource
|
INTERNET_PORT | The internet port of the resource
|
||||||
INTRANET_DOMAIN | The intranet domain of the resource
|
INTRANET_DOMAIN | The intranet domain of the resource
|
||||||
|
INTRANET_PORT | The intranet port of the resource
|
||||||
|
Net_TYPE | The type of network
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,41 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 NAS
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform configuration for Alicloud NAS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The name of the security group rule | string | false |
|
||||||
|
description | The description of the security group rule | string | false |
|
||||||
|
port_range | The port range of the security group rule | string | false |
|
||||||
|
cidr_ip | cidr blocks used to create a new security group rule | string | false |
|
||||||
|
zone_id | Availability Zone ID | string | false |
|
||||||
|
namePrefix | | string | false |
|
||||||
|
createNas | | bool | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
||||||
|
|
||||||
|
### 输出
|
||||||
|
|
||||||
|
如果设置了 `writeConnectionSecretToRef`,一个 Kubernetes Secret 将会被创建,并且,它的数据里有这些键(key):
|
||||||
|
|
||||||
|
名称 | 描述
|
||||||
|
------------ | -------------
|
||||||
|
nasId | NAS ID
|
||||||
|
nasMountTargetId | NAS Mount Target ID
|
||||||
|
|
@ -0,0 +1,79 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 NETWORK-WITH-NAT
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Build VPC and Nat gateway network environment and bind EIP, add SNAT and DNAT entries on AliCloud based on Terraform module
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
shared_credentials_file | (Deprecated from version 1.1.0) This is the path to the shared credentials file. If this is not set and a profile is specified, $HOME/.aliyun/config.json will be used. | string | false |
|
||||||
|
use_num_suffix | Always append numerical suffix(like 001, 002 and so on) to vswitch name, even if the length of `vswitch_cidrs` is 1 | bool | false |
|
||||||
|
vswitch_id | ID of the vswitch where to create nat gateway. | string | false |
|
||||||
|
eip_name | Name to be used on all eip as prefix. Default to 'TF-EIP-for-Nat'. The final default name would be TF-EIP-for-Nat001, TF-EIP-for-Nat002 and so on. | string | false |
|
||||||
|
create_eip | Whether to create new EIP and bind it to this Nat gateway. If true, the 'number_of_dnat_eip' or 'number_of_snat_eip' should not be empty. | bool | false |
|
||||||
|
computed_snat_with_vswitch_id | List of computed snat entries to create by vswitch ids. Each item valid keys: 'vswitch_id'(required), 'snat_ip'(if not, use root parameter 'snat_ips', using comma joinor to set multi ips), 'name'(if not, will return one automatically). | list(map(string)) | false |
|
||||||
|
vpc_cidr | The cidr block used to launch a new vpc. | string | false |
|
||||||
|
vswitch_name | The vswitch name prefix used to launch several new vswitches. | string | false |
|
||||||
|
nat_specification | The specification of nat gateway. | string | false |
|
||||||
|
bandwidth_package_name | The name of the common bandwidth package. | string | false |
|
||||||
|
vswitch_ids | A list of virtual switch IDs to launch in. | list(string) | false |
|
||||||
|
snat_with_vswitch_ids | List of snat entries to create by vswitch ids. Each item valid keys: 'vswitch_ids'(required, using comma joinor to set multi vswitch ids), 'snat_ip'(if not, use root parameter 'snat_ips', using comma joinor to set multi ips), 'name'(if not, will return one automatically). | list(map(string)) | false |
|
||||||
|
tags | The common tags will apply to all of resources. | map(string) | false |
|
||||||
|
availability_zones | List available zones to launch several VSwitches. | list(string) | false |
|
||||||
|
nat_type | The type of NAT gateway. | string | false |
|
||||||
|
nat_description | The description of nat gateway. | string | false |
|
||||||
|
eip_isp | The line type of the Elastic IP instance. | string | false |
|
||||||
|
vpc_description | The vpc description used to launch a new vpc. | string | false |
|
||||||
|
eip_period | The duration that you will buy the EIP, in month. | number | false |
|
||||||
|
dnat_eip_association_instance_id | The ID of the ECS or SLB instance or Nat Gateway or NetworkInterface or HaVip. | string | false |
|
||||||
|
dnat_external_ip | The public ip address to use on all dnat entries. | string | false |
|
||||||
|
nat_instance_charge_type | (Deprecated from version 1.2.0) The charge type of the nat gateway. Choices are 'PostPaid' and 'PrePaid'. | string | false |
|
||||||
|
nat_period | The charge duration of the PrePaid nat gateway, in month. | number | false |
|
||||||
|
eip_tags | A mapping of tags to assign to the EIP instance resource. | map(string) | false |
|
||||||
|
profile | (Deprecated from version 1.1.0) The profile name as set in the shared credentials file. If not set, it will be sourced from the ALICLOUD_PROFILE environment variable. | string | false |
|
||||||
|
vswitch_description | The vswitch description used to launch several new vswitch. | string | false |
|
||||||
|
eip_instance_charge_type | Elastic IP instance charge type. | string | false |
|
||||||
|
snat_with_instance_ids | List of snat entries to create by ecs instance ids. Each item valid keys: 'instance_ids'(required, using comma joinor to set multi instance ids), 'snat_ip'(if not, use root parameter 'snat_ips', using comma joinor to set multi ips), 'name'(if not, will return one automatically). | list(map(string)) | false |
|
||||||
|
dnat_entries | A list of entries to create. Each item valid keys: 'name'(default to a string with prefix 'tf-dnat-entry' and numerical suffix), 'ip_protocol'(default to 'any'), 'external_ip'(if not, use root parameter 'external_ip'), 'external_port'(default to 'any'), 'internal_ip'(required), 'internal_port'(default to the 'external_port'). | list(map(string)) | false |
|
||||||
|
vpc_tags | The tags used to launch a new vpc. | map(string) | false |
|
||||||
|
internet_charge_type | The internet charge type. | string | false |
|
||||||
|
number_of_dnat_eip | Number of EIP instance used to bind with this Dnat. | number | false |
|
||||||
|
vpc_name | The vpc name used to launch a new vpc. | string | false |
|
||||||
|
eip_internet_charge_type | Internet charge type of the EIP, Valid values are 'PayByBandwidth', 'PayByTraffic'. | string | false |
|
||||||
|
vswitch_tags | The tags used to launch serveral vswitches. | map(string) | false |
|
||||||
|
number_of_snat_eip | Number of EIP instance used to bind with this Snat. | number | false |
|
||||||
|
create_vpc | Whether to create vpc. If false, you can specify an existing vpc by setting 'existing_vpc_id'. | bool | false |
|
||||||
|
existing_vpc_id | The vpc id used to launch several vswitches. | string | false |
|
||||||
|
vswitch_cidrs | List of cidr blocks used to launch several new vswitches. If not set, there is no new vswitches will be created. | list(string) | false |
|
||||||
|
dnat_table_id | The value can get from alicloud_nat_gateway Attributes 'forward_table_ids'. | string | false |
|
||||||
|
use_existing_vpc | The vpc id used to launch several vswitches. If set, the 'create_vpc' will be ignored. | bool | false |
|
||||||
|
payment_type | The billing method of the NAT gateway. | string | false |
|
||||||
|
cbp_bandwidth | The bandwidth of the common bandwidth package, in Mbps. | number | false |
|
||||||
|
snat_ips | The public ip addresses to use on all snat entries. | list(string) | false |
|
||||||
|
create_dnat | Whether to create dnat entries. If true, the 'entries' should be set. | bool | false |
|
||||||
|
cbp_ratio | Ratio of the common bandwidth package. | number | false |
|
||||||
|
snat_with_source_cidrs | List of snat entries to create by cidr blocks. Each item valid keys: 'source_cidrs'(required, using comma joinor to set multi cidrs), 'snat_ip'(if not, use root parameter 'snat_ips', using comma joinor to set multi ips), 'name'(if not, will return one automatically). | list(map(string)) | false |
|
||||||
|
computed_snat_with_source_cidr | List of computed snat entries to create by cidr blocks. Each item valid keys: 'source_cidr'(required), 'snat_ip'(if not, use root parameter 'snat_ips', using comma joinor to set multi ips), 'name'(if not, will return one automatically). | list(map(string)) | false |
|
||||||
|
region | (Deprecated from version 1.1.0) The region used to launch this module resources. | string | false |
|
||||||
|
skip_region_validation | (Deprecated from version 1.1.0) Skip static validation of region ID. Used by users of alternative AlibabaCloud-like APIs or users w/ access to regions that are not public (yet). | bool | false |
|
||||||
|
create_nat | Whether to create nat gateway. | bool | false |
|
||||||
|
nat_name | Name of a new nat gateway. | string | false |
|
||||||
|
cbp_internet_charge_type | The billing method of the common bandwidth package. Valid values are 'PayByBandwidth' and 'PayBy95' and 'PayByTraffic'. 'PayBy95' is pay by classic 95th percentile pricing. International Account doesn't supports 'PayByBandwidth' and 'PayBy95'. Default to 'PayByTraffic'. | string | false |
|
||||||
|
eip_bandwidth | Maximum bandwidth to the elastic public network, measured in Mbps (Mega bit per second). | number | false |
|
||||||
|
create_snat | Whether to create snat entries. If true, the 'snat_with_source_cidrs' or 'snat_with_vswitch_ids' or 'snat_with_instance_ids' should be set. | bool | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,39 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 OSS-WEBSITE
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Alibaba Cloud OSS static webstie bucket
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
bucket | OSS bucket name | string | false |
|
||||||
|
acl | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string | false |
|
||||||
|
index_document | OSS bucket static website index document | string | false |
|
||||||
|
error_document | OSS bucket static website error document | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
||||||
|
|
||||||
|
### 输出
|
||||||
|
|
||||||
|
如果设置了 `writeConnectionSecretToRef`,一个 Kubernetes Secret 将会被创建,并且,它的数据里有这些键(key):
|
||||||
|
|
||||||
|
名称 | 描述
|
||||||
|
------------ | -------------
|
||||||
|
EXTRANET_ENDPOINT | OSS bucket external endpoint
|
||||||
|
INTRANET_ENDPOINT | OSS bucket internal endpoint
|
||||||
|
BUCKET_NAME |
|
||||||
|
|
@ -31,8 +31,8 @@ spec:
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
bucket | OSS bucket name | string | false |
|
|
||||||
acl | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string | false |
|
acl | OSS bucket ACL, supported 'private', 'public-read', 'public-read-write' | string | false |
|
||||||
|
bucket | OSS bucket name | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,63 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 PRIVATE-ZONE
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform-based modules are used to create a Private Zone on AliCloud, while you can add records to the Zone and associate it with a VPC
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
shared_credentials_file | (Deprecated from version 1.1.0) This is the path to the shared credentials file. If this is not set and a profile is specified, $HOME/.aliyun/config.json will be used. | string | false |
|
||||||
|
skip_region_validation | (Deprecated from version 1.1.0) Skip static validation of region ID. Used by users of alternative AlibabaCloud-like APIs or users w/ access to regions that are not public (yet). | bool | false |
|
||||||
|
scaling_rule_name | (Deprecated from version 1.2.0) The name for scaling rule. Default to a random string prefixed with `terraform-ess-<rule type>-`. Use scaling_simple_rule_name, scaling_target_tracking_rule_name and scaling_step_rule_name instead. | string | false |
|
||||||
|
target_tracking_rule_estimated_instance_warmup | The warm-up period of the ECS instances. It is applicable to target tracking and step scaling rules. The system adds ECS instances that are in the warm-up state to the scaling group, but does not report monitoring data during the warm-up period to CloudMonitor. Valid values: 0 to 86400. Unit: seconds. | number | false |
|
||||||
|
scaling_group_id | Specifying existing autoscaling group ID. If not set, it can be retrieved automatically by specifying filter `scaling_group_name_regex`. | string | false |
|
||||||
|
target_tracking_rule_metric_name | The predefined metric to monitor. This parameter is required and applicable only to target tracking scaling rules. See valid values: https://www.alibabacloud.com/help/doc-detail/25948.htm | string | false |
|
||||||
|
create_step_rule | Whether to create a step scaling rule in the specified scaling group. | bool | false |
|
||||||
|
alarm_task_metric_type | The monitoring type for alarm task. Valid values system, custom. `system` means the metric data is collected by Aliyun Cloud Monitor Service(CMS); `custom` means the metric data is upload to CMS by users. | string | false |
|
||||||
|
scheduled_task_description | Description of the scheduled task, which is 2-200 characters (English or Chinese) long. | string | false |
|
||||||
|
adjustment_type | (Deprecated from version 1.2.0) The method only used by the simple and step scaling rule to adjust the number of ECS instances. Valid values: QuantityChangeInCapacity, PercentChangeInCapacity and TotalCapacity. Use simple_rule_adjustment_type and step_rule_adjustment_type instead. | string | false |
|
||||||
|
scaling_step_rule_name | The name for scaling rule. Default to a random string prefixed with `terraform-ess-<rule type>-`. | string | false |
|
||||||
|
scaling_simple_rule_name | The name for scaling rule. Default to a random string prefixed with `terraform-ess-<rule type>-`. | string | false |
|
||||||
|
step_rule_estimated_instance_warmup | The warm-up period of the ECS instances. It is applicable to target tracking and step scaling rules. The system adds ECS instances that are in the warm-up state to the scaling group, but does not report monitoring data during the warm-up period to CloudMonitor. Valid values: 0 to 86400. Unit: seconds. | number | false |
|
||||||
|
alarm_task_name | The name for alarm task. Default to a random string prefixed with `terraform-alarm-task-`. | string | false |
|
||||||
|
create_scheduled_task | If true, the module will create a scheduled task for each scaling rule | bool | false |
|
||||||
|
scheduled_task_setting | The setting of running a scheduled task. It contains basic and recurrence setting. Deails see `run_at`(the time at which the scheduled task is triggered), `retry_interval`(the time period during which a failed scheduled task is retried, default to 600 seconds), `recurrence_type`(the recurrence type of the scheduled task: Daily, Weekly, Monthly or Cron, default to empty), `recurrence_value`(the recurrence frequency of the scheduled task, it must be set when `recurrence_type` is set) and `end_at`(the end time after which the scheduled task is no longer repeated. it will ignored if `recurrence_type` is not set) | map(string) | false |
|
||||||
|
metric_name | (Deprecated from version 1.2.0) The monitoring index name. Details see `[system monitoring index](https://help.aliyun.com/document_detail/141651.htm)` and `[custom monidoring index](https://www.alibabacloud.com/help/doc-detail/74861.htm)`. Use target_tracking_rule_metric_name instead. | string | false |
|
||||||
|
create_simple_rule | Whether to create a simple scaling rule in the specified scaling group. | bool | false |
|
||||||
|
simple_rule_adjustment_type | The method only used by the simple and step scaling rule to adjust the number of ECS instances. Valid values: QuantityChangeInCapacity, PercentChangeInCapacity and TotalCapacity. | string | false |
|
||||||
|
adjustment_value | The number of ECS instances to be adjusted in the simple scaling rule. The number of ECS instances to be adjusted in a single scaling activity cannot exceed 500. | number | false |
|
||||||
|
target_value | The target value of a metric. This parameter is required and applicable only to target tracking scaling rules. It must be greater than 0 and can have a maximum of three decimal places. | string | false |
|
||||||
|
disable_scale_in | Whether to disable scale-in. This parameter is applicable only to target tracking scaling rules. | bool | false |
|
||||||
|
step_rule_adjustment_type | The method only used by the simple and step scaling rule to adjust the number of ECS instances. Valid values: QuantityChangeInCapacity, PercentChangeInCapacity and TotalCapacity. | string | false |
|
||||||
|
task_actions | The list of actions to execute when this alarm transition into an ALARM state. | list(string) | false |
|
||||||
|
enable_scheduled_task | Whether to enable the scheduled task. | bool | false |
|
||||||
|
region | (Deprecated from version 1.1.0) The region ID used to launch this module resources. If not set, it will be sourced from followed by ALICLOUD_REGION environment variable and profile. | string | false |
|
||||||
|
create_alarm_task | If true, the module will create a scheduled task for each scaling rule | bool | false |
|
||||||
|
enable_alarm_task | Whether to enable the alarm task. | bool | false |
|
||||||
|
alarm_task_setting | The setting of monitoring index setting. It contains the following parameters: `period`(A reference period used to collect, summary, and compute data. Default to 60 seconds), `method`(The method used to statistics data, default to Average), `threshold`(Verify whether the statistics data value of a metric exceeds the specified threshold. Default to 0), `comparison_operator`(The arithmetic operation to use when comparing the specified method and threshold. Default to >=), `trigger_after`(You can select one the following options, such as 1, 2, 3, and 5 times. When the value of a metric exceeds the threshold for specified times, an event is triggered, and the specified scaling rule is applied. Default to 3 times.) | map(string) | false |
|
||||||
|
scheduled_task_name | The name for scheduled task. Default to a random string prefixed with `terraform-scheduled-task-`. | string | false |
|
||||||
|
profile | (Deprecated from version 1.1.0) The profile name as set in the shared credentials file. If not set, it will be sourced from the ALICLOUD_PROFILE environment variable. | string | false |
|
||||||
|
estimated_instance_warmup | (Deprecated from version 1.2.0) The warm-up period of the ECS instances. It is applicable to target tracking and step scaling rules. The system adds ECS instances that are in the warm-up state to the scaling group, but does not report monitoring data during the warm-up period to CloudMonitor. Valid values: 0 to 86400. Unit: seconds. Use target_tracking_rule_estimated_instance_warmup and step_rule_estimated_instance_warmup instead. | number | false |
|
||||||
|
step_adjustments | The predefined metric to monitor. This parameter is required and applicable only to step scaling rules. Each item contains the following parameters: `lower_limit`(The lower limit value specified. Valid values: -9.999999E18 to 9.999999E18.), `upper_limit`(The upper limit value specified. Valid values: -9.999999E18 to 9.999999E18.), `adjustment_value`(The specified number of ECS instances to be adjusted) | list(map(string)) | false |
|
||||||
|
alarm_task_metric_name | The monitoring index name. Details see `[system monitoring index](https://help.aliyun.com/document_detail/141651.htm)` and `[custom monidoring index](https://www.alibabacloud.com/help/doc-detail/74861.htm)`. | string | false |
|
||||||
|
scaling_group_name_regex | Using a name regex to retrieve existing scaling group automactially. | string | false |
|
||||||
|
cooldown | The cooldown time of the simple scaling rule. Valid values: 0 to 86400. Unit: seconds. If not set, the scaling group's cooldown will be used. | number | false |
|
||||||
|
create_target_tracking_rule | Whether to create a target tracking scaling rule in the specified scaling group. | bool | false |
|
||||||
|
scaling_target_tracking_rule_name | The name for scaling rule. Default to a random string prefixed with `terraform-ess-<rule type>-`. | string | false |
|
||||||
|
alarm_description | The description for the alarm. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,44 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 RABBITMQ
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Create a RabbitMQ based on Terraform module in Ali cloud
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
virtual_host_name | VirtualHostName. | string | false |
|
||||||
|
binding_type | The specification of the binding type. | string | false |
|
||||||
|
instance_name | The specification of module name. | string | false |
|
||||||
|
max_tps | The specification of the peak TPS traffic. | number | false |
|
||||||
|
queue_capacity | The specification of the queue capacity. | number | false |
|
||||||
|
exchange_type | The specification of the exchange type. | string | false |
|
||||||
|
internal | The specification of the internal. | bool | false |
|
||||||
|
instance_id | The instance_id used to RabbitMQ. If 'create' is true, the 'instance ID' is invalid.If 'create' is false,you must specify an existing instance by setting 'instance_id'. | string | false |
|
||||||
|
queue_name | The name of the queue. | string | false |
|
||||||
|
auto_delete_state | The specification of the auto delete state. | bool | false |
|
||||||
|
payment_type | The specification of the payment type. | string | false |
|
||||||
|
modify_type | The modify type.It is required when updating other attributes. | string | false |
|
||||||
|
argument | The specification of the argument. | string | false |
|
||||||
|
instance_type | The specification of the instance type. | string | false |
|
||||||
|
support_eip | The specification of support EIP. | bool | false |
|
||||||
|
max_eip_tps | The specification of the max eip tps. | number | false |
|
||||||
|
exchange_name | The name of the exchange. | string | false |
|
||||||
|
name | (Deprecated from version 1.1.0) The specification of module name. | string | false |
|
||||||
|
period | The specification of the period. | number | false |
|
||||||
|
create | Whether to create instance. If false, you can specify an existing instance by setting 'instance_id'. | bool | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,33 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 RAM-FC
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Create a functional computing service based on Terraform under AliCloud's RAM role
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
fc_service_description | The specification of module fc service description. | string | false |
|
||||||
|
logstore | The specification of logstore. | string | false |
|
||||||
|
project | The specification of project. | string | false |
|
||||||
|
policy_type | The specification of module policy type. | string | false |
|
||||||
|
document | Authorization strategy of the RAM role. | string | false |
|
||||||
|
ram_role_description | The specification of module ram role description. | string | false |
|
||||||
|
force | This parameter is used for resource destroy | bool | false |
|
||||||
|
policy_name | The specification of module ram role description. | string | false |
|
||||||
|
name | The specification of module name. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,37 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 RAM
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Create RAM User instances on AliCloud based on Terraform module
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
is_admin | Whether to grant admin permission | bool | false |
|
||||||
|
create_user | Whether to create ram user. | bool | false |
|
||||||
|
name | Desired name for the ram user. If not set, a default name with prefix `ram-user-` will be returned. | string | false |
|
||||||
|
password | Login password of the user | string | false |
|
||||||
|
create_ram_access_key | Whether to create ram access key | bool | false |
|
||||||
|
secret_file | A file used to store access key and secret key of ther user | string | false |
|
||||||
|
is_reader | Whether to grant reader permission | bool | false |
|
||||||
|
policy_type | Type of the RAM policy. It must be Custom or System. | string | false |
|
||||||
|
admin_name_regex | A regex string to filter resulting policies by name. | string | false |
|
||||||
|
region | (Deprecated from version 1.3.0)The region used to launch this module resources. | string | false |
|
||||||
|
force_destroy | When destroying this user, destroy even if it has non-Terraform-managed ram access keys, login profile or MFA devices. Without force_destroy a user with non-Terraform-managed access keys and login profile will fail to be destroyed. | bool | false |
|
||||||
|
create_ram_user_login_profile | Whether to create ram user login profile | bool | false |
|
||||||
|
reader_name_regex | A regex string to filter resulting policies by name. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,51 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 RDS-PREVIEW
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Alibaba RDS in a preview mode
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
sql_bucket_name | The bucket name of the SQL file. like `oss://example` | string | false |
|
||||||
|
sql_bucket_endpoint | The endpoint of the bucket. like `oss-cn-hangzhou.aliyuncs.com` | string | false |
|
||||||
|
account_name | RDS instance user account name | string | false |
|
||||||
|
password | RDS instance account password | string | true |
|
||||||
|
allocate_public_connection | Whether to allocate public connection for a RDS instance. | bool | false |
|
||||||
|
database_name | Database name | string | false |
|
||||||
|
instance_name | RDS instance name | string | false |
|
||||||
|
security_ips | List of IP addresses allowed to access all databases of an instance | list(any) | false |
|
||||||
|
privilege | The privilege of one account access database. | string | false |
|
||||||
|
sql_file | The name of SQL file in the bucket, like `db.sql` | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
||||||
|
|
||||||
|
### 输出
|
||||||
|
|
||||||
|
如果设置了 `writeConnectionSecretToRef`,一个 Kubernetes Secret 将会被创建,并且,它的数据里有这些键(key):
|
||||||
|
|
||||||
|
名称 | 描述
|
||||||
|
------------ | -------------
|
||||||
|
RESOURCE_IDENTIFIER | The identifier of the resource
|
||||||
|
DB_USER | RDS Instance User
|
||||||
|
DB_PORT | RDS Instance Port
|
||||||
|
DB_PASSWORD | RDS Instance Password
|
||||||
|
DB_ID | RDS Instance ID
|
||||||
|
DB_NAME | RDS Instance Name
|
||||||
|
DB_HOST | RDS Instance Host
|
||||||
|
DB_PUBLIC_HOST | RDS Instance Public Host
|
||||||
|
DATABASE_NAME | RDS Database Name
|
||||||
|
|
@ -33,13 +33,14 @@ spec:
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
allocate_public_connection | Whether to allocate public connection for a RDS instance. | bool | false |
|
allocate_public_connection | Whether to allocate public connection for a RDS instance. | bool | false |
|
||||||
security_ips | List of IP addresses allowed to access all databases of an instance | list(any) | false |
|
|
||||||
database_name | Database name | string | false |
|
database_name | Database name | string | false |
|
||||||
|
databases | The database list, each database is a map, the map contains the following attributes: name, character_set, description, like `[{"name":"test","character_set":"utf8","description":"test database"},]`. It conflicts with `database_name`. | list(map(string)) | false |
|
||||||
|
account_name | RDS instance user account name | string | false |
|
||||||
|
password | RDS instance account password | string | true |
|
||||||
privilege | The privilege of one account access database. | string | false |
|
privilege | The privilege of one account access database. | string | false |
|
||||||
vswitch_id | The vswitch id of the RDS instance. If set, the RDS instance will be created in VPC, or it will be created in classic network. | string | false |
|
vswitch_id | The vswitch id of the RDS instance. If set, the RDS instance will be created in VPC, or it will be created in classic network. | string | false |
|
||||||
instance_name | RDS instance name | string | false |
|
instance_name | RDS instance name | string | false |
|
||||||
account_name | RDS instance user account name | string | false |
|
security_ips | List of IP addresses allowed to access all databases of an instance | list(any) | false |
|
||||||
password | RDS instance account password | string | true |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -57,12 +58,12 @@ spec:
|
||||||
|
|
||||||
名称 | 描述
|
名称 | 描述
|
||||||
------------ | -------------
|
------------ | -------------
|
||||||
RESOURCE_IDENTIFIER | The identifier of the resource
|
|
||||||
DB_ID | RDS Instance ID
|
|
||||||
DB_NAME | RDS Instance Name
|
DB_NAME | RDS Instance Name
|
||||||
DB_PASSWORD | RDS Instance Password
|
|
||||||
DATABASE_NAME | RDS Database Name
|
|
||||||
DB_USER | RDS Instance User
|
DB_USER | RDS Instance User
|
||||||
DB_PORT | RDS Instance Port
|
DB_PASSWORD | RDS Instance Password
|
||||||
DB_HOST | RDS Instance Host
|
DB_HOST | RDS Instance Host
|
||||||
DB_PUBLIC_HOST | RDS Instance Public Host
|
DB_PUBLIC_HOST | RDS Instance Public Host
|
||||||
|
DATABASE_NAME | RDS Database Name
|
||||||
|
RESOURCE_IDENTIFIER | The identifier of the resource
|
||||||
|
DB_ID | RDS Instance ID
|
||||||
|
DB_PORT | RDS Instance Port
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,35 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 REMOTE-BACKEND
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Deploy remote backend storage in Aliyun based on Terraform module
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
create_backend_bucket | Boolean. If you have a OSS bucket already, use that one, else make this true and one will be created | | false |
|
||||||
|
backend_oss_bucket | Name of OSS bucket prepared to hold your terraform state(s). If not set, the module will craete one with prefix `terraform-remote-backend` | | false |
|
||||||
|
encrypt_state | Boolean. Whether to encrypt terraform state. | | false |
|
||||||
|
state_path | The path directory of the state file will be stored. Examples: dev/frontend, prod/db, etc.. | | false |
|
||||||
|
state_name | The name of the state file. Examples: dev/tf.state, dev/frontend/tf.tfstate, etc.. | | false |
|
||||||
|
create_ots_lock_instance | Boolean: If you have a OTS instance already, use that one, else make this true and one will be created | | false |
|
||||||
|
create_ots_lock_table | Boolean: If you have a ots table already, use that one, else make this true and one will be created | | false |
|
||||||
|
backend_ots_lock_table | OTS table to hold state lock when updating. If not set, the module will craete one with prefix `terraform-remote-backend` | | false |
|
||||||
|
state_acl | Canned ACL applied to bucket. | | false |
|
||||||
|
region | The region used to launch this module resources. | | false |
|
||||||
|
backend_ots_lock_instance | The name of OTS instance to which table belongs. | | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -13,6 +13,7 @@ Terraform configuration for Alibaba Cloud RocketMQ
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
topic | The specification of ons topic name. Two topics on a single instance cannot have the same name and the name cannot start with 'GID' or 'CID'. The length cannot exceed 64 characters. | string | false |
|
||||||
ons_instance_remark | The specification of ons instance remark. | string | false |
|
ons_instance_remark | The specification of ons instance remark. | string | false |
|
||||||
ons_topic_remark | The specification of ons topic remark. | string | false |
|
ons_topic_remark | The specification of ons topic remark. | string | false |
|
||||||
message_type | The type of the message. Read [Ons Topic Create](https://www.alibabacloud.com/help/doc-detail/29591.html) for further details. | number | false |
|
message_type | The type of the message. Read [Ons Topic Create](https://www.alibabacloud.com/help/doc-detail/29591.html) for further details. | number | false |
|
||||||
|
|
@ -20,7 +21,6 @@ Terraform configuration for Alibaba Cloud RocketMQ
|
||||||
group_type | Specify the protocol applicable to the created Group ID. Valid values: tcp, http. Default to tcp | string | false |
|
group_type | Specify the protocol applicable to the created Group ID. Valid values: tcp, http. Default to tcp | string | false |
|
||||||
perm | The permission of MQ topic | string | false |
|
perm | The permission of MQ topic | string | false |
|
||||||
ons_instance_name | The name of ons instance. The length must be 3 to 64 characters. Chinese characters, English letters digits and hyphen are allowed. | string | false |
|
ons_instance_name | The name of ons instance. The length must be 3 to 64 characters. Chinese characters, English letters digits and hyphen are allowed. | string | false |
|
||||||
topic | The specification of ons topic name. Two topics on a single instance cannot have the same name and the name cannot start with 'GID' or 'CID'. The length cannot exceed 64 characters. | string | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -38,9 +38,9 @@ Terraform configuration for Alibaba Cloud RocketMQ
|
||||||
|
|
||||||
名称 | 描述
|
名称 | 描述
|
||||||
------------ | -------------
|
------------ | -------------
|
||||||
|
HTTP_ENDPOINT_INTERNAL | The internal http endpoint of ons instance
|
||||||
|
TCP_ENDPOINT | The tcp endpoint of ons instance
|
||||||
INSTANCE_ID | The id of ons instance
|
INSTANCE_ID | The id of ons instance
|
||||||
TOPIC_ID | The id of ons topic
|
TOPIC_ID | The id of ons topic
|
||||||
GROUP_ID | The id of ons group
|
GROUP_ID | The id of ons group
|
||||||
HTTP_ENDPOINT_INTERNET | The internet http endpoint of ons instance
|
HTTP_ENDPOINT_INTERNET | The internet http endpoint of ons instance
|
||||||
HTTP_ENDPOINT_INTERNAL | The internal http endpoint of ons instance
|
|
||||||
TCP_ENDPOINT | The tcp endpoint of ons instance
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,50 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 SAE-APPLICATION
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Alibaba SAE application
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
memory | The memory of the application, in unit of MB | string | false |
|
||||||
|
replicas | The replicas of the application | string | false |
|
||||||
|
cidr_ip | cidr blocks used to create a new security group rule | string | false |
|
||||||
|
app_description | The description of the application | string | false |
|
||||||
|
package_type | The package type of the application | string | false |
|
||||||
|
cpu | The cpu of the application, in unit of millicore | string | false |
|
||||||
|
image_url | The image url of the application, like `registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-slim:0.9` | string | true |
|
||||||
|
namespace_description | Namespace Description | | false |
|
||||||
|
namespace_id | Namespace ID | string | true |
|
||||||
|
name | The name of the security group rule | string | false |
|
||||||
|
app_name | The name of the application | string | true |
|
||||||
|
namespace_name | Namespace Name | string | true |
|
||||||
|
description | The description of the security group rule | string | false |
|
||||||
|
port_range | The port range of the security group rule | string | false |
|
||||||
|
zone_id | Availability Zone ID | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
||||||
|
|
||||||
|
### 输出
|
||||||
|
|
||||||
|
如果设置了 `writeConnectionSecretToRef`,一个 Kubernetes Secret 将会被创建,并且,它的数据里有这些键(key):
|
||||||
|
|
||||||
|
名称 | 描述
|
||||||
|
------------ | -------------
|
||||||
|
namespace_id | Namespace ID
|
||||||
|
app_id | The id of the application
|
||||||
|
app_name | The name of the application
|
||||||
|
|
@ -0,0 +1,41 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 SAE-AUTO-CONFIG-APPLICATION
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Alibaba SAE application to be deployed in auto-config mode
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
replicas | The replicas of the application | string | false |
|
||||||
|
app_name | The name of the application | string | true |
|
||||||
|
app_description | The description of the application | string | false |
|
||||||
|
package_type | The package type of the application | string | false |
|
||||||
|
cpu | The cpu of the application, in unit of millicore | string | false |
|
||||||
|
memory | The memory of the application, in unit of MB | string | false |
|
||||||
|
image_url | The image url of the application, like `registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-slim:0.9` | string | true |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
||||||
|
|
||||||
|
### 输出
|
||||||
|
|
||||||
|
如果设置了 `writeConnectionSecretToRef`,一个 Kubernetes Secret 将会被创建,并且,它的数据里有这些键(key):
|
||||||
|
|
||||||
|
名称 | 描述
|
||||||
|
------------ | -------------
|
||||||
|
app_id | The id of the application
|
||||||
|
app_name | The name of the application
|
||||||
|
|
@ -0,0 +1,36 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 SAE-NAMESPACE
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Alibaba SAE namespace
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
namespace_name | Namespace Name | string | true |
|
||||||
|
namespace_id | Namespace ID | string | true |
|
||||||
|
namespace_description | Namespace Description | | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
||||||
|
|
||||||
|
### 输出
|
||||||
|
|
||||||
|
如果设置了 `writeConnectionSecretToRef`,一个 Kubernetes Secret 将会被创建,并且,它的数据里有这些键(key):
|
||||||
|
|
||||||
|
名称 | 描述
|
||||||
|
------------ | -------------
|
||||||
|
namespace_id | Namespace ID
|
||||||
|
|
@ -0,0 +1,40 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 SECURITY-GROUP
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform configuration for Alicloud SecurityGroup
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
description | The description of the security group rule | string | false |
|
||||||
|
port_range | The port range of the security group rule | string | false |
|
||||||
|
cidr_ip | cidr blocks used to create a new security group rule | string | false |
|
||||||
|
zone_id | Availability Zone ID | string | false |
|
||||||
|
name | The name of the security group rule | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
||||||
|
|
||||||
|
### 输出
|
||||||
|
|
||||||
|
如果设置了 `writeConnectionSecretToRef`,一个 Kubernetes Secret 将会被创建,并且,它的数据里有这些键(key):
|
||||||
|
|
||||||
|
名称 | 描述
|
||||||
|
------------ | -------------
|
||||||
|
SECURITY_GROUP_ID | Security Group ID
|
||||||
|
VSWITCH_ID | VSwitch ID
|
||||||
|
VPC_ID | VPC ID
|
||||||
|
|
@ -0,0 +1,28 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 SLB-ACL
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform-based module supports creating access control lists for load balancers
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
ip_version | The IP Version of access control list is the type of its entry (IP addresses or CIDR blocks). It values ipv4/ipv6. Our plugin provides a default ip_version: ipv4. | string | false |
|
||||||
|
entry_list | A list of entry (IP addresses or CIDR blocks) to be added. At most 50 etnry can be supported in one resource. It contains two sub-fields as: entry(IP addresses or CIDR blocks), comment(the comment of the entry) | list(object({\n entry = string\n comment = string\n })) | true |
|
||||||
|
region | (Deprecated from version 1.2.0) The region used to launch this module resources. | string | false |
|
||||||
|
name | the Name of the access control list. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,54 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 SLB-LISTENER
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Quickly create slb listeners resources on AliCloud based on Terraform module
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
profile | (Deprecated from version 1.3.0)The profile name as set in the shared credentials file. If not set, it will be sourced from the ALICLOUD_PROFILE environment variable. | string | false |
|
||||||
|
sticky_session_type | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | string | false |
|
||||||
|
enable_gzip | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | bool | false |
|
||||||
|
create | Whether to create load balancer listeners. | bool | false |
|
||||||
|
unhealthy_threshold | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'health_check' instead. | number | false |
|
||||||
|
cookie | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | string | false |
|
||||||
|
region | (Deprecated from version 1.3.0)The region used to launch this module resources. | string | false |
|
||||||
|
skip_region_validation | (Deprecated from version 1.3.0)Skip static validation of region ID. Used by users of alternative AlibabaCloud-like APIs or users w/ access to regions that are not public (yet). | bool | false |
|
||||||
|
health_check_timeout | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'health_check' instead. | number | false |
|
||||||
|
slb | The load balancer ID used to add one or more listeners. | string | false |
|
||||||
|
ssl_certificates | SLB Server certificate settings to use on listeners. It's supports fields 'tls_cipher_policy', 'server_certificate_id' and 'enable_http2' | map(string) | false |
|
||||||
|
cookie_timeout | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | number | false |
|
||||||
|
retrive_slb_ip | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | bool | false |
|
||||||
|
listeners | List of slb listeners. Each item can set all or part fields of alicloud_slb_listener resource. | list(map(string)) | false |
|
||||||
|
advanced_setting | The slb listener advanced settings to use on listeners. It's supports fields 'sticky_session', 'sticky_session_type', 'cookie', 'cookie_timeout', 'gzip', 'persistence_timeout', 'acl_status', 'acl_type', 'acl_id', 'idle_timeout' and 'request_timeout'. | map(string) | false |
|
||||||
|
x_forwarded_for | Additional HTTP Header field 'X-Forwarded-For' to use on listeners. It's supports fields 'retrive_slb_ip', 'retrive_slb_id' and 'retrive_slb_proto' | map(bool) | false |
|
||||||
|
health_check_type | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | string | false |
|
||||||
|
shared_credentials_file | (Deprecated from version 1.3.0)This is the path to the shared credentials file. If this is not set and a profile is specified, $HOME/.aliyun/config.json will be used. | string | false |
|
||||||
|
health_check | The slb listener health check settings to use on listeners. It's supports fields 'healthy_threshold','unhealthy_threshold','health_check_timeout', 'health_check', 'health_check_type', 'health_check_connect_port', 'health_check_domain', 'health_check_uri', 'health_check_http_code', 'health_check_method' and 'health_check_interval' | map(string) | false |
|
||||||
|
healthy_threshold | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'health_check' instead. | number | false |
|
||||||
|
health_check_interval | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'health_check' instead. | number | false |
|
||||||
|
enable_sticky_session | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | bool | false |
|
||||||
|
retrive_slb_id | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | bool | false |
|
||||||
|
retrive_slb_proto | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | bool | false |
|
||||||
|
health_check_connect_port | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | string | false |
|
||||||
|
health_check_domain | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | string | false |
|
||||||
|
health_check_http_code | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | string | false |
|
||||||
|
persistence_timeout | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | number | false |
|
||||||
|
enable_health_check | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | bool | false |
|
||||||
|
health_check_uri | (Deprecated) It has been deprecated from 1.2.0, use 'listeners' and 'advance_setting' instead. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,61 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 SLB-RULE
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform-based module creates an SLB instance under AliCloud's VPC and configures rules
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
availability_zone | The available zone to launch modules. | string | false |
|
||||||
|
internal | It has been deprecated from 1.6.0 and 'address_type' instead. If true, SLB instance will be an internal SLB. | bool | false |
|
||||||
|
images_most_recent | If more than one result are returned, select the most recent one. | bool | false |
|
||||||
|
images_owners | Filter results by a specific image owner. Valid items are `system`, `self`, `others`, `marketplace`. | string | false |
|
||||||
|
cpu_core_count | Number of CPU cores. | number | false |
|
||||||
|
protocol | The protocol to listen on. | string | false |
|
||||||
|
health_check | Whether to enable health check. Valid values are `on` and `off`. TCP and UDP listener's HealthCheck is always on, so it will be ignore when launching TCP or UDP listener. This parameter is required and takes effect only when ListenerSync is set to off. | string | false |
|
||||||
|
vswitch_id | VSwitch variables, if vswitch_id is empty, then the net_type = classic. | string | false |
|
||||||
|
name | The name of a new load balancer. | string | false |
|
||||||
|
spec | The specification of the SLB instance. | string | false |
|
||||||
|
memory_size | Size of memory, measured in GB. | number | false |
|
||||||
|
backend_port | Port used by the Server Load Balancer instance backend. Valid value range: [1-65535]. | number | false |
|
||||||
|
cookie | The cookie configured on the server. It is mandatory when `sticky_session` is `on` and `sticky_session_type` is `server`. Otherwise, it will be ignored. Valid value:String in line with RFC 2965, with length being 1- 200. It only contains characters such as ASCII codes, English letters and digits instead of the comma, semicolon or spacing, and it cannot start with $. | string | false |
|
||||||
|
unhealthy_threshold | Threshold determining the result of the health check is fail. It is required when `health_check` is on. Valid value range: [1-10] in seconds. Default to 3. | number | false |
|
||||||
|
address_type | The type of address. Choices are 'intranet' and 'internet'. Default to 'internet'. | string | false |
|
||||||
|
cookie_timeout | Cookie timeout. It is mandatory when sticky_session is `on` and sticky_session_type is `insert`. Otherwise, it will be ignored. Valid value range: [1-86400] in seconds. | number | false |
|
||||||
|
health_check_uri | URI used for health check. When it used to launch TCP listener, health_check_type must be `http`. Its length is limited to 1-80 and it must start with /. Only characters such as letters, digits, ‘-’, ‘/’, ‘.’, ‘%’, ‘?’, #’ and ‘&’ are allowed. | string | false |
|
||||||
|
rule_health_check_connect_port | Port used for health check. Valid value range: [1-65535]. Default to `None` means the backend server port is used. | number | false |
|
||||||
|
health_check_timeout | Maximum timeout of each health check response. It is required when `health_check` is on. Valid value range: [1-300] in seconds. Default to 5. Note: If `health_check_timeout` < `health_check_interval`, its will be replaced by `health_check_interval`. | number | false |
|
||||||
|
scheduler | Scheduling algorithm, Valid values are `wrr`, `rr` and `wlc`. Default to `wrr`. This parameter is required and takes effect only when ListenerSync is set to `off`. | string | false |
|
||||||
|
sticky_session_type | Mode for handling the cookie. If sticky_session is `on`, it is mandatory. Otherwise, it will be ignored. Valid values are insert and server. insert means it is inserted from Server Load Balancer; server means the Server Load Balancer learns from the backend server. | string | false |
|
||||||
|
health_check_domain | Domain name used for health check. When it used to launch TCP listener, health_check_type must be `http`. Its length is limited to 1-80 and only characters such as letters, digits, ‘-‘ and ‘.’ are allowed. When it is not set or empty, Server Load Balancer uses the private network IP address of each backend server as Domain used for health check. | string | false |
|
||||||
|
cidr_block | The CIDR block for the VPC. The cidr_block is Optional and default value is `172.16.0.0/12` after `v1.119.0+`. | string | false |
|
||||||
|
available_resource_creation | Type of resources that can be created. | string | false |
|
||||||
|
domain | Domain name of the forwarding rule. It can contain letters a-z, numbers 0-9, hyphens (-), and periods (.), and wildcard characters. | string | false |
|
||||||
|
url | Domain of the forwarding rule. It must be 2-80 characters in length. Only letters a-z, numbers 0-9, and characters '-' '/' '?' '%' '#' and '&' are allowed. URLs must be started with the character '/', but cannot be '/' alone. | string | false |
|
||||||
|
health_check_interval | Time interval of health checks. It is required when `health_check` is on. Valid value range: [1-50] in seconds. Default to 2. | number | false |
|
||||||
|
healthy_threshold | Threshold determining the result of the health check is success. It is required when `health_check` is on. Valid value range: [1-10] in seconds. Default to 3. | number | false |
|
||||||
|
tags | A mapping of tags to assign to the resource. | map(string) | false |
|
||||||
|
images_name_regex | A regex string to filter resulting images by name. | string | false |
|
||||||
|
bandwidth | Bandwidth peak of Listener. | number | false |
|
||||||
|
health_check_connect_port | Port used for health check. Valid value range: [1-65535]. Default to `None` means the backend server port is used. | string | false |
|
||||||
|
health_check_http_code | Regular health check HTTP status code. Multiple codes are segmented by “,”. It is required when health_check is on. Default to `http_2xx`. Valid values are: `http_2xx`, `http_3xx`, `http_4xx` and `http_5xx`. | string | false |
|
||||||
|
sticky_session | Whether to enable session persistence, Valid values are `on` and `off`. Default to `off`. This parameter is required and takes effect only when ListenerSync is set to `off`. | string | false |
|
||||||
|
frontend_port | Port used by the Server Load Balancer instance frontend. | number | false |
|
||||||
|
available_disk_category | Filter the results by a specific disk category. Can be either `cloud`, `cloud_efficiency`, `cloud_ssd`, `ephemeral_ssd`. | string | false |
|
||||||
|
listener_sync | Indicates whether a forwarding rule inherits the settings of a health check , session persistence, and scheduling algorithm from a listener. Default to on. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,36 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 SLB
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform configuration for Alicloud SLB
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
namePrefix | | string | false |
|
||||||
|
createSlb | | bool | false |
|
||||||
|
zone_id | Availability Zone ID | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
||||||
|
|
||||||
|
### 输出
|
||||||
|
|
||||||
|
如果设置了 `writeConnectionSecretToRef`,一个 Kubernetes Secret 将会被创建,并且,它的数据里有这些键(key):
|
||||||
|
|
||||||
|
名称 | 描述
|
||||||
|
------------ | -------------
|
||||||
|
slbId | SLB ID
|
||||||
|
|
@ -35,14 +35,14 @@ spec:
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
project_name | Name of security group. It is used to create a new security group. | string | false |
|
project_name | Name of security group. It is used to create a new security group. | string | false |
|
||||||
description | Description of security group | string | false |
|
|
||||||
store_shard_count | The number of shards in this log store. Default to 2. You can modify it by 'Split' or 'Merge' operations. | number | false |
|
|
||||||
create_project | Whether to create log resources | string | false |
|
create_project | Whether to create log resources | string | false |
|
||||||
store_name | Log store name. | string | false |
|
|
||||||
store_retention_period | The data retention time (in days). Valid values: [1-3650]. Default to 30. Log store data will be stored permanently when the value is '3650'. | number | false |
|
store_retention_period | The data retention time (in days). Valid values: [1-3650]. Default to 30. Log store data will be stored permanently when the value is '3650'. | number | false |
|
||||||
|
store_shard_count | The number of shards in this log store. Default to 2. You can modify it by 'Split' or 'Merge' operations. | number | false |
|
||||||
|
store_append_meta | Determines whether to append log meta automatically. The meta includes log receive time and client IP address. Default to true. | bool | false |
|
||||||
|
description | Description of security group | string | false |
|
||||||
|
store_name | Log store name. | string | false |
|
||||||
store_auto_split | Determines whether to automatically split a shard. Default to true. | bool | false |
|
store_auto_split | Determines whether to automatically split a shard. Default to true. | bool | false |
|
||||||
store_max_split_shard_count | The maximum number of shards for automatic split, which is in the range of 1 to 64. You must specify this parameter when autoSplit is true. | number | false |
|
store_max_split_shard_count | The maximum number of shards for automatic split, which is in the range of 1 to 64. You must specify this parameter when autoSplit is true. | number | false |
|
||||||
store_append_meta | Determines whether to append log meta automatically. The meta includes log receive time and client IP address. Default to true. | bool | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,44 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 VPC-ECS-EIP
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Create a lightweight WEB service based on Terraform under AliCloud's VPC, including: VPC, ECS, EIP
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
description | The specification of module description. | string | false |
|
||||||
|
name | The specification of module name. | string | false |
|
||||||
|
primary_ip_address | The primary private IP address of the ENI. The specified IP address must be available within the CIDR block of the VSwitch. If this parameter is not specified, an available IP address is assigned from the VSwitch CIDR block at random. | string | false |
|
||||||
|
system_disk_description | The specification of the system disk description. | string | false |
|
||||||
|
availability_zone | The available zone to launch modules. | string | false |
|
||||||
|
system_disk_name | The specification of the system disk name. | string | false |
|
||||||
|
eip_payment_type | The payment type of EIP address. | string | false |
|
||||||
|
eip_instance_type | The instance type of EIP. | string | false |
|
||||||
|
instance_type | The specification of the instance type. | string | false |
|
||||||
|
ecs_size | The specification of the ecs size. | number | false |
|
||||||
|
encrypted | Encrypted the data in this disk. | bool | false |
|
||||||
|
eip_isp | The ISP of EIP address. | string | false |
|
||||||
|
eip_internet_charge_type | The specification of the eip internet charge type. | string | false |
|
||||||
|
system_disk_category | The specification of the system disk category. | string | false |
|
||||||
|
image_id | The specification of the image id. | string | false |
|
||||||
|
internet_max_bandwidth_out | The specification of the internet max bandwidth out. | number | false |
|
||||||
|
data_disks_name | The name of the data disk. | string | false |
|
||||||
|
category | The specification of the category. | string | false |
|
||||||
|
cidr_block | The cidr block of VPC | string | false |
|
||||||
|
secondary_private_ip_address_count | The secondary private ip address count of EIP. | number | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,33 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 VPC-PRIVATELINK-CONNECTION
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform-based for creating VPC networks in AliCloud and creating private network links
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
vpc_name | The name of the VPC. | string | false |
|
||||||
|
vpc_cidr_block | The secondary CIDR blocks for the VPC. | string | false |
|
||||||
|
auto_accept_connection | Whether to automatically accept terminal node connections. | bool | false |
|
||||||
|
vpc_privatelink_bandwidth | The bandwidth of VPC privatelink. | string | false |
|
||||||
|
vpc_security_group_description | The security group description of the VPC. | string | false |
|
||||||
|
vpc_privatelink_endpoint_service_description | The description of the VPC privatelink service. | string | false |
|
||||||
|
connect_bandwidth | The connection bandwidth. | number | false |
|
||||||
|
vpc_privatelink_endpoint_name | The name of the VPC privatelink. | string | false |
|
||||||
|
vpc_security_group_name | The security group name of the VPC. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,63 @@
|
||||||
|
---
|
||||||
|
title: 阿里云 VPN-GATEWAY
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Create VPN resources on AliCloud based on Terraform module
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
ssl_vpn_server_name | The name of the SSL-VPN server. | string | false |
|
||||||
|
ssl_protocol | The protocol used by the SSL-VPN server. Valid value: UDP(default) |TCP. | string | false |
|
||||||
|
ipsec_connection_name | The name of the IPsec connection. | string | false |
|
||||||
|
ipsec_remote_subnet | The CIDR block of the local data center. This parameter is used for phase-two negotiation. | list(string) | false |
|
||||||
|
ike_local_id | The identification of the VPN gateway. | string | false |
|
||||||
|
ipsec_enc_alg | The encryption algorithm of phase-two negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default value: aes. | string | false |
|
||||||
|
region | (Deprecated from version 1.2.0) The region used to launch this module resources. | string | false |
|
||||||
|
vpn_ssl_connections | The max connections of SSL VPN. Default to 5. This field is ignored when enable_ssl is false. | number | false |
|
||||||
|
ssl_compress | Specify whether to compress the communication. Valid value: true (default) | false. | bool | false |
|
||||||
|
ipsec_auth_alg | The authentication algorithm of phase-two negotiation. Valid value: md5 | sha1. Default value: sha1. | string | false |
|
||||||
|
ipsec_lifetime | The SA lifecycle as the result of phase-two negotiation. The valid value is [0, 86400], the unit is second and the default value is 86400. | number | false |
|
||||||
|
ipsec_pfs | The Diffie-Hellman key exchange algorithm used by phase-two negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2. | string | false |
|
||||||
|
vpc_id | The VPN belongs the vpc_id, the field can't be changed. | string | false |
|
||||||
|
vpn_enable_ipsec | Enable or Disable IPSec VPN. At least one type of VPN should be enabled. | bool | false |
|
||||||
|
vpn_period | The filed is only required while the InstanceChargeType is prepaid. | number | false |
|
||||||
|
ssl_client_ip_pool | The CIDR block from which access addresses are allocated to the virtual network interface card of the client. | string | false |
|
||||||
|
ssl_cipher | The encryption algorithm used by the SSL-VPN server. Valid value: AES-128-CBC (default)| AES-192-CBC | AES-256-CBC | none. | string | false |
|
||||||
|
ssl_port | The port used by the SSL-VPN server. The default value is 1194.The following ports cannot be used: [22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, 4500]. | number | false |
|
||||||
|
vpn_charge_type | The charge type for instance. Valid value: PostPaid, PrePaid. Default to PostPaid. | string | false |
|
||||||
|
vpn_description | The description of the VPN instance. | string | false |
|
||||||
|
ipsec_local_subnet | The CIDR block of the VPC to be connected with the local data center. This parameter is used for phase-two negotiation. | list(string) | false |
|
||||||
|
ike_auth_alg | The authentication algorithm of phase-one negotiation. Valid value: md5 | sha1. Default value: sha1. | string | false |
|
||||||
|
ike_remote_id | The identification of the customer gateway. | string | false |
|
||||||
|
vpn_name | Name of the VPN gateway. | string | false |
|
||||||
|
vpn_enable_ssl | Enable or Disable SSL VPN. At least one type of VPN should be enabled. | bool | false |
|
||||||
|
ssl_client_cert_names | The names of the client certificates. | list(string) | false |
|
||||||
|
ipsec_effect_immediately | Whether to delete a successfully negotiated IPsec tunnel and initiate a negotiation again. Valid value:true,false. | bool | false |
|
||||||
|
ike_version | The version of the IKE protocol. Valid value: ikev1 | ikev2. Default value: ikev1. | string | false |
|
||||||
|
ike_pfs | The Diffie-Hellman key exchange algorithm used by phase-one negotiation. Valid value: group1 | group2 | group5 | group14 | group24. Default value: group2. | string | false |
|
||||||
|
cgw_id | The customer gateway id used to connect with vpn gateway. | string | false |
|
||||||
|
cgw_name | The name of the VPN customer gateway. Defaults to null. | string | false |
|
||||||
|
cgw_description | The description of the VPN customer gateway instance. | string | false |
|
||||||
|
ssl_local_subnet | The CIDR block to be accessed by the client through the SSL-VPN connection. | string | false |
|
||||||
|
ike_enc_alg | The encryption algorithm of phase-one negotiation. Valid value: aes | aes192 | aes256 | des | 3des. Default Valid value: aes. | string | false |
|
||||||
|
ike_mode | The negotiation mode of IKE V1. Valid value: main (main mode) | aggressive (aggressive mode). Default value: main. | string | false |
|
||||||
|
vpn_bandwidth | The value should be 10, 100, 200, 500, 1000 if the user is postpaid, otherwise it can be 5, 10, 20, 50, 100, 200, 500, 1000. | number | false |
|
||||||
|
cgw_ip_address | The IP address of the customer gateway. | string | false |
|
||||||
|
ike_lifetime | The SA lifecycle as the result of phase-one negotiation. The valid value of n is [0, 86400], the unit is second and the default value is 86400. | number | false |
|
||||||
|
psk | Used for authentication between the IPsec VPN gateway and the customer gateway. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -13,15 +13,15 @@ title: 阿里云 VSWITCH
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
create_vpc | Whether to create vpc. If false, you can specify an existing vpc by setting 'vpc_id'. | bool | false |
|
||||||
|
vpc_description | The vpc description used to launch a new vpc. | string | false |
|
||||||
|
vpc_id | The vpc id used to launch several vswitches. If set, the 'create' will be ignored. | string | false |
|
||||||
|
vpc_name | The vpc name used to launch a new vpc. | string | false |
|
||||||
|
vpc_cidr | The cidr block used to launch a new vpc. | string | false |
|
||||||
|
vswitch_cidr | cidr blocks used to launch a new vswitch. | string | false |
|
||||||
vswitch_description | The vswitch description used to launch several new vswitch. | string | false |
|
vswitch_description | The vswitch description used to launch several new vswitch. | string | false |
|
||||||
zone_id | Availability Zone ID | string | false |
|
zone_id | Availability Zone ID | string | false |
|
||||||
vswitch_name | The vswitch name prefix used to launch several new vswitches. | | false |
|
vswitch_name | The vswitch name prefix used to launch several new vswitches. | | false |
|
||||||
create_vpc | Whether to create vpc. If false, you can specify an existing vpc by setting 'vpc_id'. | bool | false |
|
|
||||||
vpc_name | The vpc name used to launch a new vpc. | string | false |
|
|
||||||
vpc_cidr | The cidr block used to launch a new vpc. | string | false |
|
|
||||||
vpc_description | The vpc description used to launch a new vpc. | string | false |
|
|
||||||
vpc_id | The vpc id used to launch several vswitches. If set, the 'create' will be ignored. | string | false |
|
|
||||||
vswitch_cidr | cidr blocks used to launch a new vswitch. | string | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,19 +13,20 @@ Terraform module which creates and validates ACM certificate
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
validate_certificate | Whether to validate certificate by creating Route53 record | bool | false |
|
|
||||||
certificate_transparency_logging_preference | Specifies whether certificate details should be added to a certificate transparency log | bool | false |
|
|
||||||
validation_method | Which method to use for validation. DNS or EMAIL are valid, NONE can be used for certificates that were imported into ACM and then into Terraform. | string | false |
|
|
||||||
zone_id | The ID of the hosted zone to contain this record. Required when validating via Route53 | string | false |
|
|
||||||
create_certificate | Whether to create ACM certificate | bool | false |
|
create_certificate | Whether to create ACM certificate | bool | false |
|
||||||
|
validate_certificate | Whether to validate certificate by creating Route53 record | bool | false |
|
||||||
|
putin_khuylo | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | bool | false |
|
||||||
validation_allow_overwrite_records | Whether to allow overwrite of Route53 records | bool | false |
|
validation_allow_overwrite_records | Whether to allow overwrite of Route53 records | bool | false |
|
||||||
wait_for_validation | Whether to wait for the validation to complete | bool | false |
|
wait_for_validation | Whether to wait for the validation to complete | bool | false |
|
||||||
domain_name | A domain name for which the certificate should be issued | string | false |
|
certificate_transparency_logging_preference | Specifies whether certificate details should be added to a certificate transparency log | bool | false |
|
||||||
subject_alternative_names | A list of domains that should be SANs in the issued certificate | list(string) | false |
|
|
||||||
create_route53_records | When validation is set to DNS, define whether to create the DNS records internally via Route53 or externally using any DNS provider | bool | false |
|
|
||||||
validation_record_fqdns | When validation is set to DNS and the DNS validation records are set externally, provide the fqdns for the validation | list(string) | false |
|
validation_record_fqdns | When validation is set to DNS and the DNS validation records are set externally, provide the fqdns for the validation | list(string) | false |
|
||||||
|
zone_id | The ID of the hosted zone to contain this record. Required when validating via Route53 | string | false |
|
||||||
tags | A mapping of tags to assign to the resource | map(string) | false |
|
tags | A mapping of tags to assign to the resource | map(string) | false |
|
||||||
dns_ttl | The TTL of DNS recursive resolvers to cache information about this record. | number | false |
|
dns_ttl | The TTL of DNS recursive resolvers to cache information about this record. | number | false |
|
||||||
|
domain_name | A domain name for which the certificate should be issued | string | false |
|
||||||
|
subject_alternative_names | A list of domains that should be SANs in the issued certificate | list(string) | false |
|
||||||
|
validation_method | Which method to use for validation. DNS or EMAIL are valid, NONE can be used for certificates that were imported into ACM and then into Terraform. | string | false |
|
||||||
|
create_route53_records | When validation is set to DNS, define whether to create the DNS records internally via Route53 or externally using any DNS provider | bool | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,41 +13,42 @@ Terraform module to create an AWS Application/Network Load Balancer (ALB/NLB) an
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
subnet_mapping | A list of subnet mapping blocks describing subnets to attach to network load balancer | list(map(string)) | false |
|
|
||||||
target_group_tags | A map of tags to add to all target groups | map(string) | false |
|
|
||||||
vpc_id | VPC id where the load balancer and other resources will be deployed. | string | false |
|
|
||||||
create_lb | Controls if the Load Balancer should be created | bool | false |
|
|
||||||
enable_http2 | Indicates whether HTTP/2 is enabled in application load balancers. | bool | false |
|
|
||||||
https_listener_rules | A list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, https_listener_index (default to https_listeners[count.index]) | any | false |
|
|
||||||
ip_address_type | The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 and dualstack. | string | false |
|
|
||||||
access_logs | Map containing access logging configuration for load balancer. | map(string) | false |
|
|
||||||
lb_tags | A map of tags to add to load balancer | map(string) | false |
|
|
||||||
target_groups | A list of maps containing key/value pairs that define the target groups to be created. Order of these maps is important and the index of these are to be referenced in listener definitions. Required key/values: name, backend_protocol, backend_port | any | false |
|
|
||||||
enable_deletion_protection | If true, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer. Defaults to false. | bool | false |
|
|
||||||
https_listeners | A list of maps describing the HTTPS listeners for this ALB. Required key/values: port, certificate_arn. Optional key/values: ssl_policy (defaults to ELBSecurityPolicy-2016-08), target_group_index (defaults to https_listeners[count.index]) | any | false |
|
|
||||||
load_balancer_update_timeout | Timeout value when updating the ALB. | string | false |
|
|
||||||
http_tcp_listener_rules_tags | A map of tags to add to all http listener rules | map(string) | false |
|
|
||||||
enable_waf_fail_open | Indicates whether to route requests to targets if lb fails to forward the request to AWS WAF | bool | false |
|
|
||||||
desync_mitigation_mode | Determines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync. | string | false |
|
|
||||||
enable_cross_zone_load_balancing | Indicates whether cross zone load balancing should be enabled in application load balancers. | bool | false |
|
|
||||||
http_tcp_listener_rules | A list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, http_tcp_listener_index (default to http_tcp_listeners[count.index]) | any | false |
|
|
||||||
load_balancer_create_timeout | Timeout value when creating the ALB. | string | false |
|
|
||||||
subnets | A list of subnets to associate with the load balancer. e.g. ['subnet-1a2b3c4d','subnet-1a2b3c4e','subnet-1a2b3c4f'] | list(string) | false |
|
|
||||||
https_listener_rules_tags | A map of tags to add to all https listener rules | map(string) | false |
|
|
||||||
https_listeners_tags | A map of tags to add to all https listeners | map(string) | false |
|
|
||||||
http_tcp_listeners_tags | A map of tags to add to all http listeners | map(string) | false |
|
|
||||||
extra_ssl_certs | A list of maps describing any extra SSL certificates to apply to the HTTPS listeners. Required key/values: certificate_arn, https_listener_index (the index of the listener within https_listeners which the cert applies toward). | list(map(string)) | false |
|
|
||||||
load_balancer_delete_timeout | Timeout value when deleting the ALB. | string | false |
|
load_balancer_delete_timeout | Timeout value when deleting the ALB. | string | false |
|
||||||
load_balancer_type | The type of load balancer to create. Possible values are application or network. | string | false |
|
load_balancer_type | The type of load balancer to create. Possible values are application or network. | string | false |
|
||||||
security_groups | The security groups to attach to the load balancer. e.g. ["sg-edcd9784","sg-edcd9785"] | list(string) | false |
|
load_balancer_update_timeout | Timeout value when updating the ALB. | string | false |
|
||||||
drop_invalid_header_fields | Indicates whether invalid header fields are dropped in application load balancers. Defaults to false. | bool | false |
|
access_logs | Map containing access logging configuration for load balancer. | map(string) | false |
|
||||||
|
subnet_mapping | A list of subnet mapping blocks describing subnets to attach to network load balancer | list(map(string)) | false |
|
||||||
|
enable_http2 | Indicates whether HTTP/2 is enabled in application load balancers. | bool | false |
|
||||||
|
https_listeners | A list of maps describing the HTTPS listeners for this ALB. Required key/values: port, certificate_arn. Optional key/values: ssl_policy (defaults to ELBSecurityPolicy-2016-08), target_group_index (defaults to https_listeners[count.index]) | any | false |
|
||||||
idle_timeout | The time in seconds that the connection is allowed to be idle. | number | false |
|
idle_timeout | The time in seconds that the connection is allowed to be idle. | number | false |
|
||||||
listener_ssl_policy_default | The security policy if using HTTPS externally on the load balancer. [See](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html). | string | false |
|
ip_address_type | The type of IP addresses used by the subnets for your load balancer. The possible values are ipv4 and dualstack. | string | false |
|
||||||
internal | Boolean determining if the load balancer is internal or externally facing. | bool | false |
|
https_listeners_tags | A map of tags to add to all https listeners | map(string) | false |
|
||||||
|
extra_ssl_certs | A list of maps describing any extra SSL certificates to apply to the HTTPS listeners. Required key/values: certificate_arn, https_listener_index (the index of the listener within https_listeners which the cert applies toward). | list(map(string)) | false |
|
||||||
name_prefix | The resource name prefix and Name tag of the load balancer. Cannot be longer than 6 characters | string | false |
|
name_prefix | The resource name prefix and Name tag of the load balancer. Cannot be longer than 6 characters | string | false |
|
||||||
http_tcp_listeners | A list of maps describing the HTTP listeners or TCP ports for this ALB. Required key/values: port, protocol. Optional key/values: target_group_index (defaults to http_tcp_listeners[count.index]) | any | false |
|
|
||||||
name | The resource name and Name tag of the load balancer. | string | false |
|
|
||||||
tags | A map of tags to add to all resources | map(string) | false |
|
tags | A map of tags to add to all resources | map(string) | false |
|
||||||
|
vpc_id | VPC id where the load balancer and other resources will be deployed. | string | false |
|
||||||
|
lb_tags | A map of tags to add to load balancer | map(string) | false |
|
||||||
|
https_listener_rules_tags | A map of tags to add to all https listener rules | map(string) | false |
|
||||||
|
enable_waf_fail_open | Indicates whether to route requests to targets if lb fails to forward the request to AWS WAF | bool | false |
|
||||||
|
putin_khuylo | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | bool | false |
|
||||||
|
http_tcp_listener_rules | A list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, http_tcp_listener_index (default to http_tcp_listeners[count.index]) | any | false |
|
||||||
|
listener_ssl_policy_default | The security policy if using HTTPS externally on the load balancer. [See](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html). | string | false |
|
||||||
|
load_balancer_create_timeout | Timeout value when creating the ALB. | string | false |
|
||||||
|
target_group_tags | A map of tags to add to all target groups | map(string) | false |
|
||||||
|
create_lb | Controls if the Load Balancer should be created | bool | false |
|
||||||
|
https_listener_rules | A list of maps describing the Listener Rules for this ALB. Required key/values: actions, conditions. Optional key/values: priority, https_listener_index (default to https_listeners[count.index]) | any | false |
|
||||||
|
http_tcp_listener_rules_tags | A map of tags to add to all http listener rules | map(string) | false |
|
||||||
|
enable_deletion_protection | If true, deletion of the load balancer will be disabled via the AWS API. This will prevent Terraform from deleting the load balancer. Defaults to false. | bool | false |
|
||||||
|
enable_cross_zone_load_balancing | Indicates whether cross zone load balancing should be enabled in application load balancers. | bool | false |
|
||||||
|
name | The resource name and Name tag of the load balancer. | string | false |
|
||||||
|
desync_mitigation_mode | Determines how the load balancer handles requests that might pose a security risk to an application due to HTTP desync. | string | false |
|
||||||
|
http_tcp_listeners_tags | A map of tags to add to all http listeners | map(string) | false |
|
||||||
|
security_groups | The security groups to attach to the load balancer. e.g. ["sg-edcd9784","sg-edcd9785"] | list(string) | false |
|
||||||
|
target_groups | A list of maps containing key/value pairs that define the target groups to be created. Order of these maps is important and the index of these are to be referenced in listener definitions. Required key/values: name, backend_protocol, backend_port | any | false |
|
||||||
|
drop_invalid_header_fields | Indicates whether invalid header fields are dropped in application load balancers. Defaults to false. | bool | false |
|
||||||
|
http_tcp_listeners | A list of maps describing the HTTP listeners or TCP ports for this ALB. Required key/values: port, protocol. Optional key/values: target_group_index (defaults to http_tcp_listeners[count.index]) | any | false |
|
||||||
|
internal | Boolean determining if the load balancer is internal or externally facing. | bool | false |
|
||||||
|
subnets | A list of subnets to associate with the load balancer. e.g. ['subnet-1a2b3c4d','subnet-1a2b3c4e','subnet-1a2b3c4f'] | list(string) | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,94 +13,81 @@ Terraform module which creates Auto Scaling resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
load_balancers | A list of elastic load balancer names to add to the autoscaling group names. Only valid for classic load balancers. For ALBs, use `target_group_arns` instead | list(string) | false |
|
enclave_options | Enable Nitro Enclaves on launched instances | map(string) | false |
|
||||||
create_lt | Determines whether to create launch template or not | bool | false |
|
ignore_desired_capacity_changes | Determines whether the `desired_capacity` value is ignored after initial apply. See README note for more details | bool | false |
|
||||||
license_specifications | (LT) A list of license specifications to associate with | map(string) | false |
|
wait_for_capacity_timeout | A maximum duration that Terraform should wait for ASG instances to be healthy before timing out. (See also Waiting for Capacity below.) Setting this to '0' causes Terraform to skip all Capacity Waiting behavior. | string | false |
|
||||||
use_name_prefix | Determines whether to use `name` as is or create a unique name beginning with the `name` as the prefix | bool | false |
|
|
||||||
desired_capacity | The number of Amazon EC2 instances that should be running in the autoscaling group | number | false |
|
|
||||||
default_cooldown | The amount of time, in seconds, after a scaling activity completes before another scaling activity can start | number | false |
|
|
||||||
force_delete | Allows deleting the Auto Scaling Group without waiting for all instances in the pool to terminate. You can force an Auto Scaling Group to delete even if it's in the process of scaling a resource. Normally, Terraform drains all the instances before deleting the group. This bypasses that behavior and potentially leaves resources dangling | bool | false |
|
|
||||||
enabled_metrics | A list of metrics to collect. The allowed values are `GroupDesiredCapacity`, `GroupInServiceCapacity`, `GroupPendingCapacity`, `GroupMinSize`, `GroupMaxSize`, `GroupInServiceInstances`, `GroupPendingInstances`, `GroupStandbyInstances`, `GroupStandbyCapacity`, `GroupTerminatingCapacity`, `GroupTerminatingInstances`, `GroupTotalCapacity`, `GroupTotalInstances` | list(string) | false |
|
|
||||||
use_mixed_instances_policy | Determines whether to use a mixed instances policy in the autoscaling group or not | bool | false |
|
|
||||||
termination_policies | A list of policies to decide how the instances in the Auto Scaling Group should be terminated. The allowed values are `OldestInstance`, `NewestInstance`, `OldestLaunchConfiguration`, `ClosestToNextInstanceHour`, `OldestLaunchTemplate`, `AllocationStrategy`, `Default` | list(string) | false |
|
termination_policies | A list of policies to decide how the instances in the Auto Scaling Group should be terminated. The allowed values are `OldestInstance`, `NewestInstance`, `OldestLaunchConfiguration`, `ClosestToNextInstanceHour`, `OldestLaunchTemplate`, `AllocationStrategy`, `Default` | list(string) | false |
|
||||||
|
service_linked_role_arn | The ARN of the service-linked role that the ASG will use to call other AWS services | string | false |
|
||||||
|
kernel_id | The kernel ID | string | false |
|
||||||
|
update_default_version | Whether to update Default Version each update. Conflicts with `default_version` | string | false |
|
||||||
|
placement | The placement of the instance | map(string) | false |
|
||||||
|
tag_specifications | The tags to apply to the resources during launch | list(any) | false |
|
||||||
|
min_elb_capacity | Setting this causes Terraform to wait for this number of instances to show up healthy in the ELB only on creation. Updates will not wait on ELB instance number changes | number | false |
|
||||||
|
suspended_processes | A list of processes to suspend for the Auto Scaling Group. The allowed values are `Launch`, `Terminate`, `HealthCheck`, `ReplaceUnhealthy`, `AZRebalance`, `AlarmNotification`, `ScheduledActions`, `AddToLoadBalancer`. Note that if you suspend either the `Launch` or `Terminate` process types, it can prevent your Auto Scaling Group from functioning properly | list(string) | false |
|
||||||
|
key_name | The key name that should be used for the instance | string | false |
|
||||||
|
user_data_base64 | The Base64-encoded user data to provide when launching the instance | string | false |
|
||||||
|
launch_template_description | Description of the launch template | string | false |
|
||||||
|
protect_from_scale_in | Allows setting instance protection. The autoscaling group will not select instances with this setting for termination during scale in events. | bool | false |
|
||||||
|
health_check_type | `EC2` or `ELB`. Controls how health checking is done | string | false |
|
||||||
|
default_cooldown | The amount of time, in seconds, after a scaling activity completes before another scaling activity can start | number | false |
|
||||||
|
load_balancers | A list of elastic load balancer names to add to the autoscaling group names. Only valid for classic load balancers. For ALBs, use `target_group_arns` instead | list(string) | false |
|
||||||
|
image_id | The AMI from which to launch the instance | string | false |
|
||||||
|
create_schedule | Determines whether to create autoscaling group schedule or not | bool | false |
|
||||||
|
create | Determines whether to create autoscaling group or not | bool | false |
|
||||||
|
instance_name | Name that is propogated to launched EC2 instances via a tag - if not provided, defaults to `var.name` | string | false |
|
||||||
instance_refresh | If this block is configured, start an Instance Refresh when this Auto Scaling Group is updated | any | false |
|
instance_refresh | If this block is configured, start an Instance Refresh when this Auto Scaling Group is updated | any | false |
|
||||||
enable_monitoring | Enables/disables detailed monitoring | bool | false |
|
block_device_mappings | Specify volumes to attach to the instance besides the volumes specified by the AMI | list(any) | false |
|
||||||
|
hibernation_options | The hibernation options for the instance | map(string) | false |
|
||||||
|
placement_group | The name of the placement group into which you'll launch your instances, if any | string | false |
|
||||||
|
cpu_options | The CPU options for the instance | map(string) | false |
|
||||||
|
iam_instance_profile_arn | The IAM Instance Profile ARN to launch the instance with | string | false |
|
||||||
|
enabled_metrics | A list of metrics to collect. The allowed values are `GroupDesiredCapacity`, `GroupInServiceCapacity`, `GroupPendingCapacity`, `GroupMinSize`, `GroupMaxSize`, `GroupInServiceInstances`, `GroupPendingInstances`, `GroupStandbyInstances`, `GroupStandbyCapacity`, `GroupTerminatingCapacity`, `GroupTerminatingInstances`, `GroupTotalCapacity`, `GroupTotalInstances` | list(string) | false |
|
||||||
|
iam_instance_profile_name | The name attribute of the IAM instance profile to associate with launched instances | string | false |
|
||||||
|
default_version | Default Version of the launch template | string | false |
|
||||||
|
elastic_inference_accelerator | Configuration block containing an Elastic Inference Accelerator to attach to the instance | map(string) | false |
|
||||||
|
schedules | Map of autoscaling group schedule to create | map(any) | false |
|
||||||
|
vpc_zone_identifier | A list of subnet IDs to launch resources in. Subnets automatically determine which availability zones the group will reside. Conflicts with `availability_zones` | list(string) | false |
|
||||||
metadata_options | Customize the metadata options for the instance | map(string) | false |
|
metadata_options | Customize the metadata options for the instance | map(string) | false |
|
||||||
use_lc | Determines whether to use a launch configuration in the autoscaling group or not | bool | false |
|
create_launch_template | Determines whether to create launch template or not | bool | false |
|
||||||
create_asg | Determines whether to create autoscaling group or not | bool | false |
|
ram_disk_id | The ID of the ram disk | string | false |
|
||||||
|
scaling_policies | Map of target scaling policy schedule to create | any | false |
|
||||||
|
license_specifications | A list of license specifications to associate with | map(string) | false |
|
||||||
|
launch_template_version | Launch template version. Can be version number, `$Latest`, or `$Default` | string | false |
|
||||||
|
initial_lifecycle_hooks | One or more Lifecycle Hooks to attach to the Auto Scaling Group before instances are launched. The syntax is exactly the same as the separate `aws_autoscaling_lifecycle_hook` resource, without the `autoscaling_group_name` attribute. Please note that this will only work when creating a new Auto Scaling Group. For all other use-cases, please use `aws_autoscaling_lifecycle_hook` resource | list(map(string)) | false |
|
||||||
|
disable_api_termination | If true, enables EC2 instance termination protection | bool | false |
|
||||||
|
credit_specification | Customize the credit specification of the instance | map(string) | false |
|
||||||
|
instance_market_options | The market (purchasing) option for the instance | any | false |
|
||||||
|
launch_template_use_name_prefix | Determines whether to use `launch_template_name` as is or create a unique name beginning with the `launch_template_name` as the prefix | bool | false |
|
||||||
|
network_interfaces | Customize network interfaces to be attached at instance boot time | list(any) | false |
|
||||||
|
create_scaling_policy | Determines whether to create target scaling policy schedule or not | bool | false |
|
||||||
|
target_group_arns | A set of `aws_alb_target_group` ARNs, for use with Application or Network Load Balancing | list(string) | false |
|
||||||
|
force_delete | Allows deleting the Auto Scaling Group without waiting for all instances in the pool to terminate. You can force an Auto Scaling Group to delete even if it's in the process of scaling a resource. Normally, Terraform drains all the instances before deleting the group. This bypasses that behavior and potentially leaves resources dangling | bool | false |
|
||||||
|
metrics_granularity | The granularity to associate with the metrics to collect. The only valid value is `1Minute` | string | false |
|
||||||
|
ebs_optimized | If true, the launched EC2 instance will be EBS-optimized | bool | false |
|
||||||
|
elastic_gpu_specifications | The elastic GPU to attach to the instance | map(string) | false |
|
||||||
|
delete_timeout | Delete timeout to wait for destroying autoscaling group | string | false |
|
||||||
|
name | Name used across the resources created | string | true |
|
||||||
|
availability_zone | A list of one or more availability zones for the group. Used for EC2-Classic and default subnets when not specified with `vpc_zone_identifier` argument. Conflicts with `vpc_zone_identifier` | list(string) | false |
|
||||||
|
desired_capacity | The number of Amazon EC2 instances that should be running in the autoscaling group | number | false |
|
||||||
|
wait_for_elb_capacity | Setting this will cause Terraform to wait for exactly this number of healthy instances in all attached load balancers on both create and update operations. Takes precedence over `min_elb_capacity` behavior. | number | false |
|
||||||
|
use_mixed_instances_policy | Determines whether to use a mixed instances policy in the autoscaling group or not | bool | false |
|
||||||
|
use_name_prefix | Determines whether to use `name` as is or create a unique name beginning with the `name` as the prefix | bool | false |
|
||||||
|
max_size | The maximum size of the autoscaling group | number | false |
|
||||||
|
capacity_rebalance | Indicates whether capacity rebalance is enabled | bool | false |
|
||||||
|
security_groups | A list of security group IDs to associate | list(string) | false |
|
||||||
|
capacity_reservation_specification | Targeting for EC2 capacity reservations | any | false |
|
||||||
|
tags | A map of tags to assign to resources | map(string) | false |
|
||||||
|
instance_type | The type of the instance to launch | string | false |
|
||||||
launch_template | Name of an existing launch template to be used (created outside of this module) | string | false |
|
launch_template | Name of an existing launch template to be used (created outside of this module) | string | false |
|
||||||
health_check_grace_period | Time (in seconds) after instance comes into service before checking health | number | false |
|
health_check_grace_period | Time (in seconds) after instance comes into service before checking health | number | false |
|
||||||
capacity_reservation_specification | (LT) Targeting for EC2 capacity reservations | any | false |
|
max_instance_lifetime | The maximum amount of time, in seconds, that an instance can be in service, values must be either equal to 0 or between 86400 and 31536000 seconds | number | false |
|
||||||
enclave_options | (LT) Enable Nitro Enclaves on launched instances | map(string) | false |
|
instance_initiated_shutdown_behavior | Shutdown behavior for the instance. Can be `stop` or `terminate`. (Default: `stop`) | string | false |
|
||||||
iam_instance_profile_arn | (LT) The IAM Instance Profile ARN to launch the instance with | string | false |
|
putin_khuylo | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | bool | false |
|
||||||
associate_public_ip_address | (LC) Associate a public ip address with an instance in a VPC | bool | false |
|
|
||||||
availability_zone | A list of one or more availability zones for the group. Used for EC2-Classic and default subnets when not specified with `vpc_zone_identifier` argument. Conflicts with `vpc_zone_identifier` | list(string) | false |
|
|
||||||
tags | A list of tag blocks. Each element should have keys named key, value, and propagate_at_launch | list(map(string)) | false |
|
|
||||||
create_lc | Determines whether to create launch configuration or not | bool | false |
|
|
||||||
placement_group | The name of the placement group into which you'll launch your instances, if any | string | false |
|
|
||||||
description | (LT) Description of the launch template | string | false |
|
|
||||||
placement | (LT) The placement of the instance | map(string) | false |
|
|
||||||
metrics_granularity | The granularity to associate with the metrics to collect. The only valid value is `1Minute` | string | false |
|
|
||||||
user_data_base64 | The Base64-encoded user data to provide when launching the instance. You should use this for Launch Templates instead user_data | string | false |
|
|
||||||
security_groups | A list of security group IDs to associate | list(string) | false |
|
|
||||||
lc_name | Name of launch configuration to be created | string | false |
|
|
||||||
ephemeral_block_device | (LC) Customize Ephemeral (also known as 'Instance Store') volumes on the instance | list(map(string)) | false |
|
|
||||||
name | Name used across the resources created | string | true |
|
|
||||||
wait_for_elb_capacity | Setting this will cause Terraform to wait for exactly this number of healthy instances in all attached load balancers on both create and update operations. Takes precedence over `min_elb_capacity` behavior. | number | false |
|
|
||||||
wait_for_capacity_timeout | A maximum duration that Terraform should wait for ASG instances to be healthy before timing out. (See also Waiting for Capacity below.) Setting this to '0' causes Terraform to skip all Capacity Waiting behavior. | string | false |
|
|
||||||
schedules | Map of autoscaling group schedule to create | map(any) | false |
|
|
||||||
lt_use_name_prefix | Determines whether to use `lt_name` as is or create a unique name beginning with the `lt_name` as the prefix | bool | false |
|
|
||||||
instance_market_options | (LT) The market (purchasing) option for the instance | any | false |
|
|
||||||
create_schedule | Determines whether to create autoscaling group schedule or not | bool | false |
|
|
||||||
tags_as_map | A map of tags and values in the same format as other resources accept. This will be converted into the non-standard format that the aws_autoscaling_group requires. | map(string) | false |
|
|
||||||
user_data | (LC) The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument nor when using Launch Templates; see `user_data_base64` instead | string | false |
|
|
||||||
lt_name | Name of launch template to be created | string | false |
|
|
||||||
network_interfaces | (LT) Customize network interfaces to be attached at instance boot time | list(any) | false |
|
|
||||||
tag_specifications | (LT) The tags to apply to the resources during launch | list(any) | false |
|
|
||||||
protect_from_scale_in | Allows setting instance protection. The autoscaling group will not select instances with this setting for termination during scale in events. | bool | false |
|
|
||||||
ebs_optimized | If true, the launched EC2 instance will be EBS-optimized | bool | false |
|
|
||||||
key_name | The key name that should be used for the instance | string | false |
|
|
||||||
image_id | The AMI from which to launch the instance | string | false |
|
|
||||||
update_default_version | (LT) Whether to update Default Version each update. Conflicts with `default_version` | string | false |
|
|
||||||
kernel_id | (LT) The kernel ID | string | false |
|
|
||||||
create_scaling_policy | Determines whether to create target scaling policy schedule or not | bool | false |
|
|
||||||
lt_version | Launch template version. Can be version number, `$Latest`, or `$Default` | string | false |
|
|
||||||
target_group_arns | A set of `aws_alb_target_group` ARNs, for use with Application or Network Load Balancing | list(string) | false |
|
|
||||||
suspended_processes | A list of processes to suspend for the Auto Scaling Group. The allowed values are `Launch`, `Terminate`, `HealthCheck`, `ReplaceUnhealthy`, `AZRebalance`, `AlarmNotification`, `ScheduledActions`, `AddToLoadBalancer`. Note that if you suspend either the `Launch` or `Terminate` process types, it can prevent your Auto Scaling Group from functioning properly | list(string) | false |
|
|
||||||
instance_type | The type of the instance to launch | string | false |
|
|
||||||
placement_tenancy | (LC) The tenancy of the instance. Valid values are `default` or `dedicated` | string | false |
|
|
||||||
disable_api_termination | (LT) If true, enables EC2 instance termination protection | bool | false |
|
|
||||||
cpu_options | (LT) The CPU options for the instance | map(string) | false |
|
|
||||||
launch_configuration | Name of an existing launch configuration to be used (created outside of this module) | string | false |
|
|
||||||
min_size | The minimum size of the autoscaling group | number | false |
|
min_size | The minimum size of the autoscaling group | number | false |
|
||||||
mixed_instances_policy | Configuration block containing settings to define launch targets for Auto Scaling groups | any | false |
|
mixed_instances_policy | Configuration block containing settings to define launch targets for Auto Scaling groups | any | false |
|
||||||
propagate_name | Determines whether to propagate the `var.instance_name`/`var.name` tag to launch instances | bool | false |
|
|
||||||
warm_pool | If this block is configured, add a Warm Pool to the specified Auto Scaling group | any | false |
|
warm_pool | If this block is configured, add a Warm Pool to the specified Auto Scaling group | any | false |
|
||||||
scaling_policies | Map of target scaling policy schedule to create | any | false |
|
enable_monitoring | Enables/disables detailed monitoring | bool | false |
|
||||||
elastic_gpu_specifications | (LT) The elastic GPU to attach to the instance | map(string) | false |
|
launch_template_name | Name of launch template to be created | string | false |
|
||||||
elastic_inference_accelerator | (LT) Configuration block containing an Elastic Inference Accelerator to attach to the instance | map(string) | false |
|
|
||||||
instance_name | Name that is propogated to launched EC2 instances via a tag - if not provided, defaults to `var.name` | string | false |
|
|
||||||
capacity_rebalance | Indicates whether capacity rebalance is enabled | bool | false |
|
|
||||||
initial_lifecycle_hooks | One or more Lifecycle Hooks to attach to the Auto Scaling Group before instances are launched. The syntax is exactly the same as the separate `aws_autoscaling_lifecycle_hook` resource, without the `autoscaling_group_name` attribute. Please note that this will only work when creating a new Auto Scaling Group. For all other use-cases, please use `aws_autoscaling_lifecycle_hook` resource | list(map(string)) | false |
|
|
||||||
iam_instance_profile_name | The name attribute of the IAM instance profile to associate with launched instances | string | false |
|
|
||||||
root_block_device | (LC) Customize details about the root block device of the instance | list(map(string)) | false |
|
|
||||||
max_instance_lifetime | The maximum amount of time, in seconds, that an instance can be in service, values must be either equal to 0 or between 86400 and 31536000 seconds | number | false |
|
|
||||||
lc_use_name_prefix | Determines whether to use `lc_name` as is or create a unique name beginning with the `lc_name` as the prefix | bool | false |
|
|
||||||
default_version | (LT) Default Version of the launch template | string | false |
|
|
||||||
block_device_mappings | (LT) Specify volumes to attach to the instance besides the volumes specified by the AMI | list(any) | false |
|
|
||||||
vpc_zone_identifier | A list of subnet IDs to launch resources in. Subnets automatically determine which availability zones the group will reside. Conflicts with `availability_zones` | list(string) | false |
|
|
||||||
max_size | The maximum size of the autoscaling group | number | false |
|
|
||||||
min_elb_capacity | Setting this causes Terraform to wait for this number of instances to show up healthy in the ELB only on creation. Updates will not wait on ELB instance number changes | number | false |
|
|
||||||
instance_initiated_shutdown_behavior | (LT) Shutdown behavior for the instance. Can be `stop` or `terminate`. (Default: `stop`) | string | false |
|
|
||||||
credit_specification | (LT) Customize the credit specification of the instance | map(string) | false |
|
|
||||||
health_check_type | `EC2` or `ELB`. Controls how health checking is done | string | false |
|
|
||||||
delete_timeout | Delete timeout to wait for destroying autoscaling group | string | false |
|
|
||||||
use_lt | Determines whether to use a launch template in the autoscaling group or not | bool | false |
|
|
||||||
ram_disk_id | (LT) The ID of the ram disk | string | false |
|
|
||||||
hibernation_options | (LT) The hibernation options for the instance | map(string) | false |
|
|
||||||
service_linked_role_arn | The ARN of the service-linked role that the ASG will use to call other AWS services | string | false |
|
|
||||||
spot_price | (LC) The maximum price to use for reserving spot instances (defaults to on-demand price) | string | false |
|
|
||||||
ebs_block_device | (LC) Additional EBS block devices to attach to the instance | list(map(string)) | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,7 @@ Bridgecrew READ ONLY integration module
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
bridgecrew_account_id | The Bridgecrew AWS account ID from which scans will originate. This value should not typically be modified, but is provided here to support testing and troubleshooting, if needed. | string | false |
|
||||||
role_name | The name for the Bridgecrew read-only IAM role. | string | false |
|
role_name | The name for the Bridgecrew read-only IAM role. | string | false |
|
||||||
org_name | The name of the company the integration is for. Must be alphanumeric. | string | true |
|
org_name | The name of the company the integration is for. Must be alphanumeric. | string | true |
|
||||||
account_alias | The alias of the account the CF is deployed in. This will be prepended to all the resources in the stack. Default is {org_name}-bc | string | false |
|
account_alias | The alias of the account the CF is deployed in. This will be prepended to all the resources in the stack. Default is {org_name}-bc | string | false |
|
||||||
|
|
@ -20,7 +21,6 @@ Bridgecrew READ ONLY integration module
|
||||||
api_token | This is your Bridgecrew platform Api token Set as and Environment variable TF_VAR_api_token | string | true |
|
api_token | This is your Bridgecrew platform Api token Set as and Environment variable TF_VAR_api_token | string | true |
|
||||||
common_tags | Implements the common tags scheme | map(any) | false |
|
common_tags | Implements the common tags scheme | map(any) | false |
|
||||||
topic_name | The name of the SNS topic for Bridgecrew to receive notifications. This value should not typically be modified, but is provided here to support testing and troubleshooting, if needed. | string | false |
|
topic_name | The name of the SNS topic for Bridgecrew to receive notifications. This value should not typically be modified, but is provided here to support testing and troubleshooting, if needed. | string | false |
|
||||||
bridgecrew_account_id | The Bridgecrew AWS account ID from which scans will originate. This value should not typically be modified, but is provided here to support testing and troubleshooting, if needed. | string | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,33 @@
|
||||||
|
---
|
||||||
|
title: AWS CIS-ALARMS
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
create | Whether to create the Cloudwatch log metric filter and metric alarms | bool | false |
|
||||||
|
alarm_actions | List of ARNs to put as Cloudwatch Alarms actions (eg, ARN of SNS topic) | list(string) | false |
|
||||||
|
actions_enabled | Indicates whether or not actions should be executed during any changes to the alarm's state. | bool | false |
|
||||||
|
use_random_name_prefix | Whether to prefix resource names with random prefix | bool | false |
|
||||||
|
name_prefix | A name prefix for the cloudwatch alarm (if use_random_name_prefix is true, this will be ignored) | string | false |
|
||||||
|
disabled_controls | List of IDs of disabled CIS controls | list(string) | false |
|
||||||
|
namespace | The namespace where metric filter and metric alarm should be cleated | string | false |
|
||||||
|
log_group_name | The name of the log group to associate the metric filter with | string | false |
|
||||||
|
tags | A mapping of tags to assign to all resources | map(string) | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -13,91 +13,91 @@ Terraform module to easily provision CloudFront CDN backed by an S3 origin
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
origin_path | An optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin. It must begin with a /. Do not add a / at the end of the path. | string | false |
|
cache_policy_id | The unique identifier of the existing cache policy to attach to the default cache behavior.\nIf not provided, this module will add a default cache policy using other provided inputs.\n | string | false |
|
||||||
geo_restriction_locations | List of country codes for which CloudFront either to distribute content (whitelist) or not distribute your content (blacklist) | list(string) | false |
|
logging_enabled | DEPRECATED. Use `cloudfront_access_logging_enabled` instead. | bool | false |
|
||||||
dns_alias_enabled | Create a DNS alias for the CDN. Requires `parent_zone_id` or `parent_zone_name` | bool | false |
|
default_root_object | Object that CloudFront return when requests the root URL | string | false |
|
||||||
lambda_function_association | A config block that triggers a lambda@edge function with specific actions | list(object({\n event_type = string\n include_body = bool\n lambda_arn = string\n })) | false |
|
custom_origins | A list of additional custom website [origins](https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#origin-arguments) for this distribution.\n | list(object({\n domain_name = string\n origin_id = string\n origin_path = string\n custom_headers = list(object({\n name = string\n value = string\n }))\n custom_origin_config = object({\n http_port = number\n https_port = number\n origin_protocol_policy = string\n origin_ssl_protocols = list(string)\n origin_keepalive_timeout = number\n origin_read_timeout = number\n })\n })) | false |
|
||||||
encryption_enabled | When set to 'true' the resource will have aes256 encryption enabled by default | bool | false |
|
cloudfront_origin_access_identity_iam_arn | Existing cloudfront origin access identity iam arn that is supplied in the s3 bucket policy | string | false |
|
||||||
log_glacier_transition_days | Number of days after object creation to move Cloudfront Access Log objects to the glacier tier.\nOnly effective if `cloudfront_access_log_create_bucket` is `true`.\n | number | false |
|
|
||||||
trusted_key_groups | A list of key group IDs that CloudFront can use to validate signed URLs or signed cookies. | list(string) | false |
|
|
||||||
cors_allowed_methods | List of allowed methods (e.g. GET, PUT, POST, DELETE, HEAD) for S3 bucket | list(string) | false |
|
|
||||||
origin_request_policy_id | The unique identifier of the origin request policy that is attached to the behavior.\nShould be used in conjunction with `cache_policy_id`.\n | string | false |
|
|
||||||
default_ttl | Default amount of time (in seconds) that an object is in a CloudFront cache | number | false |
|
|
||||||
website_enabled | Set to true to enable the created S3 bucket to serve as a website independently of Cloudfront,\nand to use that website as the origin. See the README for details and caveats. See also `s3_website_password_enabled`.\n | bool | false |
|
|
||||||
custom_origin_headers | A list of origin header parameters that will be sent to origin | list(object({ name = string, value = string })) | false |
|
|
||||||
realtime_log_config_arn | The ARN of the real-time log configuration that is attached to this cache behavior | string | false |
|
|
||||||
external_aliases | List of FQDN's - Used to set the Alternate Domain Names (CNAMEs) setting on Cloudfront. No new route53 records will be created for these | list(string) | false |
|
|
||||||
compress | Compress content for web requests that include Accept-Encoding: gzip in the request header | bool | false |
|
|
||||||
s3_origins | A list of S3 [origins](https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#origin-arguments) (in addition to the one created by this module) for this distribution.\nS3 buckets configured as websites are `custom_origins`, not `s3_origins`.\nSpecifying `s3_origin_config.origin_access_identity` as `null` or `""` will have it translated to the `origin_access_identity` used by the origin created by the module.\n | list(object({\n domain_name = string\n origin_id = string\n origin_path = string\n s3_origin_config = object({\n origin_access_identity = string\n })\n })) | false |
|
|
||||||
extra_origin_attributes | Additional attributes to put onto the origin label | list(string) | false |
|
|
||||||
min_ttl | Minimum amount of time that you want objects to stay in CloudFront caches | number | false |
|
|
||||||
custom_error_response | List of one or more custom error response element maps | list(object({\n error_caching_min_ttl = string\n error_code = string\n response_code = string\n response_page_path = string\n })) | false |
|
|
||||||
cloudfront_origin_access_identity_path | Existing cloudfront origin access identity path used in the cloudfront distribution's s3_origin_config content | string | false |
|
cloudfront_origin_access_identity_path | Existing cloudfront origin access identity path used in the cloudfront distribution's s3_origin_config content | string | false |
|
||||||
distribution_enabled | Set to `false` to create the distribution but still prevent CloudFront from serving requests. | bool | false |
|
origin_ssl_protocols | The SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. | list(string) | false |
|
||||||
origin_groups | List of [Origin Groups](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution#origin-group-arguments) to create in the distribution.\nThe values of `primary_origin_id` and `failover_origin_id` must correspond to origin IDs existing in `var.s3_origins` or `var.custom_origins`.\n\nIf `primary_origin_id` is set to `null` or `""`, then the origin id of the origin created by this module will be used in its place.\nThis is to allow for the use case of making the origin created by this module the primary origin in an origin group.\n | list(object({\n primary_origin_id = string\n failover_origin_id = string\n failover_criteria = list(string)\n })) | false |
|
|
||||||
aliases | List of FQDN's - Used to set the Alternate Domain Names (CNAMEs) setting on Cloudfront | list(string) | false |
|
|
||||||
log_standard_transition_days | Number of days after object creation to move Cloudfront Access Log objects to the infrequent access tier.\nOnly effective if `cloudfront_access_log_create_bucket` is `true`.\n | number | false |
|
|
||||||
log_expiration_days | Number of days after object creation to expire Cloudfront Access Log objects.\nOnly effective if `cloudfront_access_log_create_bucket` is `true`.\n | number | false |
|
|
||||||
cors_max_age_seconds | Time in seconds that browser can cache the response for S3 bucket | number | false |
|
|
||||||
deployment_principal_arns | (Optional) Map of IAM Principal ARNs to lists of S3 path prefixes to grant `deployment_actions` permissions.\nResource list will include the bucket itself along with all the prefixes. Prefixes should not begin with '/'.\n | map(list(string)) | false |
|
|
||||||
cloudfront_access_log_bucket_name | When `cloudfront_access_log_create_bucket` is `false`, this is the name of the existing S3 Bucket where\nCloudfront Access Logs are to be delivered and is required. IGNORED when `cloudfront_access_log_create_bucket` is `true`.\n | string | false |
|
|
||||||
cloudfront_access_log_include_cookies | Set true to include cookies in Cloudfront Access Logs | bool | false |
|
|
||||||
log_prefix | DEPRECATED. Use `cloudfront_access_log_prefix` instead. | string | false |
|
|
||||||
extra_logs_attributes | Additional attributes to add to the end of the generated Cloudfront Access Log S3 Bucket name.\nOnly effective if `cloudfront_access_log_create_bucket` is `true`.\n | list(string) | false |
|
|
||||||
override_origin_bucket_policy | When using an existing origin bucket (through var.origin_bucket), setting this to 'false' will make it so the existing bucket policy will not be overriden | bool | false |
|
|
||||||
forward_query_string | Forward query strings to the origin that is associated with this cache behavior (incompatible with `cache_policy_id`) | bool | false |
|
|
||||||
viewer_protocol_policy | Limit the protocol users can use to access content. One of `allow-all`, `https-only`, or `redirect-to-https` | string | false |
|
|
||||||
parent_zone_id | ID of the hosted zone to contain this record (or specify `parent_zone_name`). Requires `dns_alias_enabled` set to true | string | false |
|
|
||||||
index_document | Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders | string | false |
|
|
||||||
versioning_enabled | When set to 'true' the s3 origin bucket will have versioning enabled | bool | false |
|
|
||||||
s3_access_logging_enabled | Set `true` to deliver S3 Access Logs to the `s3_access_log_bucket_name` bucket.\nDefaults to `false` if `s3_access_log_bucket_name` is empty (the default), `true` otherwise.\nMust be set explicitly if the access log bucket is being created at the same time as this module is being invoked.\n | bool | false |
|
|
||||||
access_log_bucket_name | DEPRECATED. Use `s3_access_log_bucket_name` instead. | string | false |
|
|
||||||
log_include_cookies | DEPRECATED. Use `cloudfront_access_log_include_cookies` instead. | bool | false |
|
|
||||||
s3_access_log_bucket_name | Name of the existing S3 bucket where S3 Access Logs will be delivered. Default is not to enable S3 Access Logging. | string | false |
|
s3_access_log_bucket_name | Name of the existing S3 bucket where S3 Access Logs will be delivered. Default is not to enable S3 Access Logging. | string | false |
|
||||||
query_string_cache_keys | When `forward_query_string` is enabled, only the query string keys listed in this argument are cached (incompatible with `cache_policy_id`) | list(string) | false |
|
cloudfront_access_log_include_cookies | Set true to include cookies in Cloudfront Access Logs | bool | false |
|
||||||
web_acl_id | ID of the AWS WAF web ACL that is associated with the distribution | string | false |
|
aliases | List of FQDN's - Used to set the Alternate Domain Names (CNAMEs) setting on Cloudfront | list(string) | false |
|
||||||
|
compress | Compress content for web requests that include Accept-Encoding: gzip in the request header | bool | false |
|
||||||
|
log_glacier_transition_days | Number of days after object creation to move Cloudfront Access Log objects to the glacier tier.\nOnly effective if `cloudfront_access_log_create_bucket` is `true`.\n | number | false |
|
||||||
|
origin_request_policy_id | The unique identifier of the origin request policy that is attached to the behavior.\nShould be used in conjunction with `cache_policy_id`.\n | string | false |
|
||||||
|
min_ttl | Minimum amount of time that you want objects to stay in CloudFront caches | number | false |
|
||||||
|
geo_restriction_locations | List of country codes for which CloudFront either to distribute content (whitelist) or not distribute your content (blacklist) | list(string) | false |
|
||||||
|
custom_error_response | List of one or more custom error response element maps | list(object({\n error_caching_min_ttl = string\n error_code = string\n response_code = string\n response_page_path = string\n })) | false |
|
||||||
|
lambda_function_association | A config block that triggers a lambda@edge function with specific actions | list(object({\n event_type = string\n include_body = bool\n lambda_arn = string\n })) | false |
|
||||||
|
additional_bucket_policy | Additional policies for the bucket. If included in the policies, the variables `${bucket_name}`, `${origin_path}` and `${cloudfront_origin_access_identity_iam_arn}` will be substituted.\nIt is also possible to override the default policy statements by providing statements with `S3GetObjectForCloudFront` and `S3ListBucketForCloudFront` sid.\n | string | false |
|
||||||
|
cloudfront_access_log_bucket_name | When `cloudfront_access_log_create_bucket` is `false`, this is the name of the existing S3 Bucket where\nCloudfront Access Logs are to be delivered and is required. IGNORED when `cloudfront_access_log_create_bucket` is `true`.\n | string | false |
|
||||||
|
deployment_actions | List of actions to permit `deployment_principal_arns` to perform on bucket and bucket prefixes (see `deployment_principal_arns`) | list(string) | false |
|
||||||
|
cloudfront_access_log_create_bucket | When `true` and `cloudfront_access_logging_enabled` is also true, this module will create a new,\nseparate S3 bucket to receive Cloudfront Access Logs.\n | bool | false |
|
||||||
|
parent_zone_id | ID of the hosted zone to contain this record (or specify `parent_zone_name`). Requires `dns_alias_enabled` set to true | string | false |
|
||||||
|
response_headers_policy_id | The identifier for a response headers policy | string | false |
|
||||||
|
geo_restriction_type | Method that use to restrict distribution of your content by country: `none`, `whitelist`, or `blacklist` | string | false |
|
||||||
|
ordered_cache | An ordered list of [cache behaviors](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution#cache-behavior-arguments) resource for this distribution.\nList in order of precedence (first match wins). This is in addition to the default cache policy.\nSet `target_origin_id` to `""` to specify the S3 bucket origin created by this module.\n | list(object({\n target_origin_id = string\n path_pattern = string\n\n allowed_methods = list(string)\n cached_methods = list(string)\n compress = bool\n trusted_signers = list(string)\n trusted_key_groups = list(string)\n\n cache_policy_id = string\n origin_request_policy_id = string\n\n viewer_protocol_policy = string\n min_ttl = number\n default_ttl = number\n max_ttl = number\n response_headers_policy_id = string\n\n forward_query_string = bool\n forward_header_values = list(string)\n forward_cookies = string\n forward_cookies_whitelisted_names = list(string)\n\n lambda_function_association = list(object({\n event_type = string\n include_body = bool\n lambda_arn = string\n }))\n\n function_association = list(object({\n event_type = string\n function_arn = string\n }))\n })) | false |
|
||||||
|
s3_access_log_prefix | Prefix to use for S3 Access Log object keys. Defaults to `logs/${module.this.id}` | string | false |
|
||||||
|
realtime_log_config_arn | The ARN of the real-time log configuration that is attached to this cache behavior | string | false |
|
||||||
|
acm_certificate_arn | Existing ACM Certificate ARN | string | false |
|
||||||
|
s3_origins | A list of S3 [origins](https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#origin-arguments) (in addition to the one created by this module) for this distribution.\nS3 buckets configured as websites are `custom_origins`, not `s3_origins`.\nSpecifying `s3_origin_config.origin_access_identity` as `null` or `""` will have it translated to the `origin_access_identity` used by the origin created by the module.\n | list(object({\n domain_name = string\n origin_id = string\n origin_path = string\n s3_origin_config = object({\n origin_access_identity = string\n })\n })) | false |
|
||||||
|
versioning_enabled | When set to 'true' the s3 origin bucket will have versioning enabled | bool | false |
|
||||||
|
ipv6_enabled | Set to true to enable an AAAA DNS record to be set as well as the A record | bool | false |
|
||||||
|
origin_path | An optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin. It must begin with a /. Do not add a / at the end of the path. | string | false |
|
||||||
|
override_origin_bucket_policy | When using an existing origin bucket (through var.origin_bucket), setting this to 'false' will make it so the existing bucket policy will not be overriden | bool | false |
|
||||||
|
trusted_signers | The AWS accounts, if any, that you want to allow to create signed URLs for private content. 'self' is acceptable. | list(string) | false |
|
||||||
|
routing_rules | A json array containing routing rules describing redirect behavior and when redirects are applied | string | false |
|
||||||
|
deployment_principal_arns | (Optional) Map of IAM Principal ARNs to lists of S3 path prefixes to grant `deployment_actions` permissions.\nResource list will include the bucket itself along with all the prefixes. Prefixes should not begin with '/'.\n | map(list(string)) | false |
|
||||||
|
block_origin_public_access_enabled | When set to 'true' the s3 origin bucket will have public access block enabled | bool | false |
|
||||||
|
cloudfront_access_log_prefix | Prefix to use for Cloudfront Access Log object keys. Defaults to no prefix. | string | false |
|
||||||
|
comment | Comment for the origin access identity | string | false |
|
||||||
|
forward_query_string | Forward query strings to the origin that is associated with this cache behavior (incompatible with `cache_policy_id`) | bool | false |
|
||||||
|
forward_cookies | Specifies whether you want CloudFront to forward all or no cookies to the origin. Can be 'all' or 'none' | string | false |
|
||||||
|
cached_methods | List of cached methods (e.g. GET, PUT, POST, DELETE, HEAD) | list(string) | false |
|
||||||
wait_for_deployment | When set to 'true' the resource will wait for the distribution status to change from InProgress to Deployed | bool | false |
|
wait_for_deployment | When set to 'true' the resource will wait for the distribution status to change from InProgress to Deployed | bool | false |
|
||||||
redirect_all_requests_to | A hostname to redirect all website requests for this distribution to. If this is set, it overrides other website settings | string | false |
|
redirect_all_requests_to | A hostname to redirect all website requests for this distribution to. If this is set, it overrides other website settings | string | false |
|
||||||
error_document | An absolute path to the document to return in case of a 4XX error | string | false |
|
s3_access_logging_enabled | Set `true` to deliver S3 Access Logs to the `s3_access_log_bucket_name` bucket.\nDefaults to `false` if `s3_access_log_bucket_name` is empty (the default), `true` otherwise.\nMust be set explicitly if the access log bucket is being created at the same time as this module is being invoked.\n | bool | false |
|
||||||
deployment_actions | List of actions to permit `deployment_principal_arns` to perform on bucket and bucket prefixes (see `deployment_principal_arns`) | list(string) | false |
|
log_include_cookies | DEPRECATED. Use `cloudfront_access_log_include_cookies` instead. | bool | false |
|
||||||
cloudfront_origin_access_identity_iam_arn | Existing cloudfront origin access identity iam arn that is supplied in the s3 bucket policy | string | false |
|
external_aliases | List of FQDN's - Used to set the Alternate Domain Names (CNAMEs) setting on Cloudfront. No new route53 records will be created for these | list(string) | false |
|
||||||
s3_website_password_enabled | If set to true, and `website_enabled` is also true, a password will be required in the `Referrer` field of the\nHTTP request in order to access the website, and Cloudfront will be configured to pass this password in its requests.\nThis will make it much harder for people to bypass Cloudfront and access the S3 website directly via its website endpoint.\n | bool | false |
|
|
||||||
allow_ssl_requests_only | Set to `true` to require requests to use Secure Socket Layer (HTTPS/SSL). This will explicitly deny access to HTTP requests | bool | false |
|
|
||||||
log_versioning_enabled | Set `true` to enable object versioning in the created Cloudfront Access Log S3 Bucket.\nOnly effective if `cloudfront_access_log_create_bucket` is `true`.\n | bool | false |
|
|
||||||
origin_bucket | Name of an existing S3 bucket to use as the origin. If this is not provided, it will create a new s3 bucket using `var.name` and other context related inputs | string | false |
|
|
||||||
ordered_cache | An ordered list of [cache behaviors](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution#cache-behavior-arguments) resource for this distribution.\nList in order of precedence (first match wins). This is in addition to the default cache policy.\nSet `target_origin_id` to `""` to specify the S3 bucket origin created by this module.\n | list(object({\n target_origin_id = string\n path_pattern = string\n\n allowed_methods = list(string)\n cached_methods = list(string)\n compress = bool\n trusted_signers = list(string)\n trusted_key_groups = list(string)\n\n cache_policy_id = string\n origin_request_policy_id = string\n\n viewer_protocol_policy = string\n min_ttl = number\n default_ttl = number\n max_ttl = number\n response_headers_policy_id = string\n\n forward_query_string = bool\n forward_header_values = list(string)\n forward_cookies = string\n forward_cookies_whitelisted_names = list(string)\n\n lambda_function_association = list(object({\n event_type = string\n include_body = bool\n lambda_arn = string\n }))\n\n function_association = list(object({\n event_type = string\n function_arn = string\n }))\n })) | false |
|
|
||||||
origin_ssl_protocols | The SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. | list(string) | false |
|
|
||||||
cloudfront_access_logging_enabled | Set true to enable delivery of Cloudfront Access Logs to an S3 bucket | bool | false |
|
|
||||||
cloudfront_access_log_create_bucket | When `true` and `cloudfront_access_logging_enabled` is also true, this module will create a new,\nseparate S3 bucket to receive Cloudfront Access Logs.\n | bool | false |
|
|
||||||
cors_allowed_origins | List of allowed origins (e.g. example.com, test.com) for S3 bucket | list(string) | false |
|
|
||||||
cached_methods | List of cached methods (e.g. GET, PUT, POST, DELETE, HEAD) | list(string) | false |
|
|
||||||
cloudfront_access_log_prefix | Prefix to use for Cloudfront Access Log object keys. Defaults to no prefix. | string | false |
|
|
||||||
logging_enabled | DEPRECATED. Use `cloudfront_access_logging_enabled` instead. | bool | false |
|
|
||||||
minimum_protocol_version | Cloudfront TLS minimum protocol version.\nIf `var.acm_certificate_arn` is unset, only "TLSv1" can be specified. See: [AWS Cloudfront create-distribution documentation](https://docs.aws.amazon.com/cli/latest/reference/cloudfront/create-distribution.html)\nand [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) for more information.\nDefaults to "TLSv1.2_2019" unless `var.acm_certificate_arn` is unset, in which case it defaults to `TLSv1`\n | string | false |
|
|
||||||
cors_allowed_headers | List of allowed headers for S3 bucket | list(string) | false |
|
|
||||||
forward_header_values | A list of whitelisted header values to forward to the origin (incompatible with `cache_policy_id`) | list(string) | false |
|
|
||||||
response_headers_policy_id | The identifier for a response headers policy | string | false |
|
|
||||||
cache_policy_id | The unique identifier of the existing cache policy to attach to the default cache behavior.\nIf not provided, this module will add a default cache policy using other provided inputs.\n | string | false |
|
|
||||||
custom_origins | A list of additional custom website [origins](https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#origin-arguments) for this distribution.\n | list(object({\n domain_name = string\n origin_id = string\n origin_path = string\n custom_headers = list(object({\n name = string\n value = string\n }))\n custom_origin_config = object({\n http_port = number\n https_port = number\n origin_protocol_policy = string\n origin_ssl_protocols = list(string)\n origin_keepalive_timeout = number\n origin_read_timeout = number\n })\n })) | false |
|
|
||||||
acm_certificate_arn | Existing ACM Certificate ARN | string | false |
|
|
||||||
additional_bucket_policy | Additional policies for the bucket. If included in the policies, the variables `${bucket_name}`, `${origin_path}` and `${cloudfront_origin_access_identity_iam_arn}` will be substituted.\nIt is also possible to override the default policy statements by providing statements with `S3GetObjectForCloudFront` and `S3ListBucketForCloudFront` sid.\n | string | false |
|
|
||||||
cors_expose_headers | List of expose header in the response for S3 bucket | list(string) | false |
|
|
||||||
max_ttl | Maximum amount of time (in seconds) that an object is in a CloudFront cache | number | false |
|
max_ttl | Maximum amount of time (in seconds) that an object is in a CloudFront cache | number | false |
|
||||||
block_origin_public_access_enabled | When set to 'true' the s3 origin bucket will have public access block enabled | bool | false |
|
trusted_key_groups | A list of key group IDs that CloudFront can use to validate signed URLs or signed cookies. | list(string) | false |
|
||||||
s3_access_log_prefix | Prefix to use for S3 Access Log object keys. Defaults to `logs/${module.this.id}` | string | false |
|
encryption_enabled | When set to 'true' the resource will have aes256 encryption enabled by default | bool | false |
|
||||||
comment | Comment for the origin access identity | string | false |
|
error_document | An absolute path to the document to return in case of a 4XX error | string | false |
|
||||||
forward_cookies | Specifies whether you want CloudFront to forward all or no cookies to the origin. Can be 'all' or 'none' | string | false |
|
extra_logs_attributes | Additional attributes to add to the end of the generated Cloudfront Access Log S3 Bucket name.\nOnly effective if `cloudfront_access_log_create_bucket` is `true`.\n | list(string) | false |
|
||||||
trusted_signers | The AWS accounts, if any, that you want to allow to create signed URLs for private content. 'self' is acceptable. | list(string) | false |
|
origin_groups | List of [Origin Groups](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution#origin-group-arguments) to create in the distribution.\nThe values of `primary_origin_id` and `failover_origin_id` must correspond to origin IDs existing in `var.s3_origins` or `var.custom_origins`.\n\nIf `primary_origin_id` is set to `null` or `""`, then the origin id of the origin created by this module will be used in its place.\nThis is to allow for the use case of making the origin created by this module the primary origin in an origin group.\n | list(object({\n primary_origin_id = string\n failover_origin_id = string\n failover_criteria = list(string)\n })) | false |
|
||||||
parent_zone_name | Name of the hosted zone to contain this record (or specify `parent_zone_id`). Requires `dns_alias_enabled` set to true | string | false |
|
log_prefix | DEPRECATED. Use `cloudfront_access_log_prefix` instead. | string | false |
|
||||||
s3_object_ownership | Specifies the S3 object ownership control on the origin bucket. Valid values are `ObjectWriter`, `BucketOwnerPreferred`, and 'BucketOwnerEnforced'. | string | false |
|
|
||||||
origin_force_destroy | Delete all objects from the bucket so that the bucket can be destroyed without error (e.g. `true` or `false`) | bool | false |
|
|
||||||
default_root_object | Object that CloudFront return when requests the root URL | string | false |
|
|
||||||
price_class | Price class for this distribution: `PriceClass_All`, `PriceClass_200`, `PriceClass_100` | string | false |
|
price_class | Price class for this distribution: `PriceClass_All`, `PriceClass_200`, `PriceClass_100` | string | false |
|
||||||
|
query_string_cache_keys | When `forward_query_string` is enabled, only the query string keys listed in this argument are cached (incompatible with `cache_policy_id`) | list(string) | false |
|
||||||
|
cors_allowed_methods | List of allowed methods (e.g. GET, PUT, POST, DELETE, HEAD) for S3 bucket | list(string) | false |
|
||||||
|
parent_zone_name | Name of the hosted zone to contain this record (or specify `parent_zone_id`). Requires `dns_alias_enabled` set to true | string | false |
|
||||||
|
website_enabled | Set to true to enable the created S3 bucket to serve as a website independently of Cloudfront,\nand to use that website as the origin. See the README for details and caveats. See also `s3_website_password_enabled`.\n | bool | false |
|
||||||
|
allow_ssl_requests_only | Set to `true` to require requests to use Secure Socket Layer (HTTPS/SSL). This will explicitly deny access to HTTP requests | bool | false |
|
||||||
|
log_standard_transition_days | Number of days after object creation to move Cloudfront Access Log objects to the infrequent access tier.\nOnly effective if `cloudfront_access_log_create_bucket` is `true`.\n | number | false |
|
||||||
|
s3_object_ownership | Specifies the S3 object ownership control on the origin bucket. Valid values are `ObjectWriter`, `BucketOwnerPreferred`, and 'BucketOwnerEnforced'. | string | false |
|
||||||
|
cloudfront_access_logging_enabled | Set true to enable delivery of Cloudfront Access Logs to an S3 bucket | bool | false |
|
||||||
allowed_methods | List of allowed methods (e.g. GET, PUT, POST, DELETE, HEAD) for AWS CloudFront | list(string) | false |
|
allowed_methods | List of allowed methods (e.g. GET, PUT, POST, DELETE, HEAD) for AWS CloudFront | list(string) | false |
|
||||||
geo_restriction_type | Method that use to restrict distribution of your content by country: `none`, `whitelist`, or `blacklist` | string | false |
|
cors_allowed_origins | List of allowed origins (e.g. example.com, test.com) for S3 bucket | list(string) | false |
|
||||||
routing_rules | A json array containing routing rules describing redirect behavior and when redirects are applied | string | false |
|
index_document | Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders | string | false |
|
||||||
ipv6_enabled | Set to true to enable an AAAA DNS record to be set as well as the A record | bool | false |
|
custom_origin_headers | A list of origin header parameters that will be sent to origin | list(object({ name = string, value = string })) | false |
|
||||||
|
minimum_protocol_version | Cloudfront TLS minimum protocol version.\nIf `var.acm_certificate_arn` is unset, only "TLSv1" can be specified. See: [AWS Cloudfront create-distribution documentation](https://docs.aws.amazon.com/cli/latest/reference/cloudfront/create-distribution.html)\nand [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) for more information.\nDefaults to "TLSv1.2_2019" unless `var.acm_certificate_arn` is unset, in which case it defaults to `TLSv1`\n | string | false |
|
||||||
|
origin_bucket | Name of an existing S3 bucket to use as the origin. If this is not provided, it will create a new s3 bucket using `var.name` and other context related inputs | string | false |
|
||||||
|
cors_expose_headers | List of expose header in the response for S3 bucket | list(string) | false |
|
||||||
|
forward_header_values | A list of whitelisted header values to forward to the origin (incompatible with `cache_policy_id`) | list(string) | false |
|
||||||
|
dns_alias_enabled | Create a DNS alias for the CDN. Requires `parent_zone_id` or `parent_zone_name` | bool | false |
|
||||||
function_association | A config block that triggers a CloudFront function with specific actions.\nSee the [aws_cloudfront_distribution](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution#function-association)\ndocumentation for more information.\n | list(object({\n event_type = string\n function_arn = string\n })) | false |
|
function_association | A config block that triggers a CloudFront function with specific actions.\nSee the [aws_cloudfront_distribution](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution#function-association)\ndocumentation for more information.\n | list(object({\n event_type = string\n function_arn = string\n })) | false |
|
||||||
|
extra_origin_attributes | Additional attributes to put onto the origin label | list(string) | false |
|
||||||
|
log_versioning_enabled | Set `true` to enable object versioning in the created Cloudfront Access Log S3 Bucket.\nOnly effective if `cloudfront_access_log_create_bucket` is `true`.\n | bool | false |
|
||||||
|
cors_allowed_headers | List of allowed headers for S3 bucket | list(string) | false |
|
||||||
|
cors_max_age_seconds | Time in seconds that browser can cache the response for S3 bucket | number | false |
|
||||||
|
default_ttl | Default amount of time (in seconds) that an object is in a CloudFront cache | number | false |
|
||||||
|
distribution_enabled | Set to `false` to create the distribution but still prevent CloudFront from serving requests. | bool | false |
|
||||||
|
s3_website_password_enabled | If set to true, and `website_enabled` is also true, a password will be required in the `Referrer` field of the\nHTTP request in order to access the website, and Cloudfront will be configured to pass this password in its requests.\nThis will make it much harder for people to bypass Cloudfront and access the S3 website directly via its website endpoint.\n | bool | false |
|
||||||
|
access_log_bucket_name | DEPRECATED. Use `s3_access_log_bucket_name` instead. | string | false |
|
||||||
|
origin_force_destroy | Delete all objects from the bucket so that the bucket can be destroyed without error (e.g. `true` or `false`) | bool | false |
|
||||||
|
viewer_protocol_policy | Limit the protocol users can use to access content. One of `allow-all`, `https-only`, or `redirect-to-https` | string | false |
|
||||||
|
web_acl_id | ID of the AWS WAF web ACL that is associated with the distribution | string | false |
|
||||||
|
log_expiration_days | Number of days after object creation to expire Cloudfront Access Log objects.\nOnly effective if `cloudfront_access_log_create_bucket` is `true`.\n | number | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,30 +13,30 @@ Terraform module which creates CloudFront resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
default_cache_behavior | The default cache behavior for this distribution | any | false |
|
default_root_object | The object that you want CloudFront to return (for example, index.html) when an end user requests the root URL. | string | false |
|
||||||
ordered_cache_behavior | An ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0. | any | false |
|
|
||||||
realtime_metrics_subscription_status | A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution. Valid values are `Enabled` and `Disabled`. | string | false |
|
|
||||||
aliases | Extra CNAMEs (alternate domain names), if any, for this distribution. | list(string) | false |
|
|
||||||
geo_restriction | The restriction configuration for this distribution (geo_restrictions) | any | false |
|
|
||||||
custom_error_response | One or more custom error response elements | any | false |
|
|
||||||
tags | A map of tags to assign to the resource. | map(string) | false |
|
|
||||||
origin | One or more origins for this distribution (multiples allowed). | any | false |
|
|
||||||
viewer_certificate | The SSL configuration for this distribution | any | false |
|
|
||||||
http_version | The maximum HTTP version to support on the distribution. Allowed values are http1.1 and http2. The default is http2. | string | false |
|
|
||||||
is_ipv6_enabled | Whether the IPv6 is enabled for the distribution. | bool | false |
|
|
||||||
price_class | The price class for this distribution. One of PriceClass_All, PriceClass_200, PriceClass_100 | string | false |
|
price_class | The price class for this distribution. One of PriceClass_All, PriceClass_200, PriceClass_100 | string | false |
|
||||||
|
retain_on_delete | Disables the distribution instead of deleting it when destroying the resource through Terraform. If this is set, the distribution needs to be deleted manually afterwards. | bool | false |
|
||||||
wait_for_deployment | If enabled, the resource will wait for the distribution status to change from InProgress to Deployed. Setting this tofalse will skip the process. | bool | false |
|
wait_for_deployment | If enabled, the resource will wait for the distribution status to change from InProgress to Deployed. Setting this tofalse will skip the process. | bool | false |
|
||||||
web_acl_id | If you're using AWS WAF to filter CloudFront requests, the Id of the AWS WAF web ACL that is associated with the distribution. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must have waf:GetWebACL permissions assigned. If using WAFv2, provide the ARN of the web ACL. | string | false |
|
web_acl_id | If you're using AWS WAF to filter CloudFront requests, the Id of the AWS WAF web ACL that is associated with the distribution. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must have waf:GetWebACL permissions assigned. If using WAFv2, provide the ARN of the web ACL. | string | false |
|
||||||
origin_group | One or more origin_group for this distribution (multiples allowed). | any | false |
|
|
||||||
create_origin_access_identity | Controls if CloudFront origin access identity should be created | bool | false |
|
create_origin_access_identity | Controls if CloudFront origin access identity should be created | bool | false |
|
||||||
comment | Any comments you want to include about the distribution. | string | false |
|
|
||||||
default_root_object | The object that you want CloudFront to return (for example, index.html) when an end user requests the root URL. | string | false |
|
|
||||||
retain_on_delete | Disables the distribution instead of deleting it when destroying the resource through Terraform. If this is set, the distribution needs to be deleted manually afterwards. | bool | false |
|
|
||||||
logging_config | The logging configuration that controls how logs are written to your distribution (maximum one). | any | false |
|
|
||||||
create_monitoring_subscription | If enabled, the resource for monitoring subscription will created. | bool | false |
|
|
||||||
create_distribution | Controls if CloudFront distribution should be created | bool | false |
|
|
||||||
origin_access_identities | Map of CloudFront origin access identities (value as a comment) | map(string) | false |
|
origin_access_identities | Map of CloudFront origin access identities (value as a comment) | map(string) | false |
|
||||||
|
aliases | Extra CNAMEs (alternate domain names), if any, for this distribution. | list(string) | false |
|
||||||
|
ordered_cache_behavior | An ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0. | any | false |
|
||||||
|
create_monitoring_subscription | If enabled, the resource for monitoring subscription will created. | bool | false |
|
||||||
|
origin_group | One or more origin_group for this distribution (multiples allowed). | any | false |
|
||||||
|
viewer_certificate | The SSL configuration for this distribution | any | false |
|
||||||
|
default_cache_behavior | The default cache behavior for this distribution | any | false |
|
||||||
|
custom_error_response | One or more custom error response elements | any | false |
|
||||||
|
comment | Any comments you want to include about the distribution. | string | false |
|
||||||
|
is_ipv6_enabled | Whether the IPv6 is enabled for the distribution. | bool | false |
|
||||||
|
geo_restriction | The restriction configuration for this distribution (geo_restrictions) | any | false |
|
||||||
|
http_version | The maximum HTTP version to support on the distribution. Allowed values are http1.1 and http2. The default is http2. | string | false |
|
||||||
|
realtime_metrics_subscription_status | A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution. Valid values are `Enabled` and `Disabled`. | string | false |
|
||||||
|
origin | One or more origins for this distribution (multiples allowed). | any | false |
|
||||||
|
logging_config | The logging configuration that controls how logs are written to your distribution (maximum one). | any | false |
|
||||||
|
create_distribution | Controls if CloudFront distribution should be created | bool | false |
|
||||||
enabled | Whether the distribution is enabled to accept end user requests for content. | bool | false |
|
enabled | Whether the distribution is enabled to accept end user requests for content. | bool | false |
|
||||||
|
tags | A map of tags to assign to the resource. | map(string) | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,15 +13,15 @@ Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
use_random_name_prefix | Whether to prefix resource names with random prefix | bool | false |
|
name_prefix | A name prefix for the cloudwatch alarm (if use_random_name_prefix is true, this will be ignored) | string | false |
|
||||||
namespace | The namespace where metric filter and metric alarm should be cleated | string | false |
|
|
||||||
log_group_name | The name of the log group to associate the metric filter with | string | false |
|
|
||||||
alarm_actions | List of ARNs to put as Cloudwatch Alarms actions (eg, ARN of SNS topic) | list(string) | false |
|
alarm_actions | List of ARNs to put as Cloudwatch Alarms actions (eg, ARN of SNS topic) | list(string) | false |
|
||||||
actions_enabled | Indicates whether or not actions should be executed during any changes to the alarm's state. | bool | false |
|
actions_enabled | Indicates whether or not actions should be executed during any changes to the alarm's state. | bool | false |
|
||||||
create | Whether to create the Cloudwatch log metric filter and metric alarms | bool | false |
|
|
||||||
name_prefix | A name prefix for the cloudwatch alarm (if use_random_name_prefix is true, this will be ignored) | string | false |
|
|
||||||
disabled_controls | List of IDs of disabled CIS controls | list(string) | false |
|
|
||||||
tags | A mapping of tags to assign to all resources | map(string) | false |
|
tags | A mapping of tags to assign to all resources | map(string) | false |
|
||||||
|
create | Whether to create the Cloudwatch log metric filter and metric alarms | bool | false |
|
||||||
|
use_random_name_prefix | Whether to prefix resource names with random prefix | bool | false |
|
||||||
|
log_group_name | The name of the log group to associate the metric filter with | string | false |
|
||||||
|
disabled_controls | List of IDs of disabled CIS controls | list(string) | false |
|
||||||
|
namespace | The namespace where metric filter and metric alarm should be cleated | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,12 +13,12 @@ Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
create | Whether to create the Cloudwatch log group | bool | false |
|
|
||||||
name | A name for the log group | string | false |
|
|
||||||
name_prefix | A name prefix for the log group | string | false |
|
name_prefix | A name prefix for the log group | string | false |
|
||||||
retention_in_days | Specifies the number of days you want to retain log events in the specified log group | number | false |
|
retention_in_days | Specifies the number of days you want to retain log events in the specified log group | number | false |
|
||||||
kms_key_id | The ARN of the KMS Key to use when encrypting logs | string | false |
|
kms_key_id | The ARN of the KMS Key to use when encrypting logs | string | false |
|
||||||
tags | A map of tags to add to Cloudwatch log group | map(string) | false |
|
tags | A map of tags to add to Cloudwatch log group | map(string) | false |
|
||||||
|
create | Whether to create the Cloudwatch log group | bool | false |
|
||||||
|
name | A name for the log group | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,14 +13,14 @@ Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
log_group_name | The name of the log group to associate the metric filter with | string | true |
|
|
||||||
metric_transformation_name | The name of the CloudWatch metric to which the monitored log information should be published (e.g. ErrorCount) | string | true |
|
|
||||||
metric_transformation_namespace | The destination namespace of the CloudWatch metric. | string | true |
|
|
||||||
metric_transformation_value | What to publish to the metric. For example, if you're counting the occurrences of a particular term like 'Error', the value will be '1' for each occurrence. If you're counting the bytes transferred the published value will be the value in the log event. | string | false |
|
metric_transformation_value | What to publish to the metric. For example, if you're counting the occurrences of a particular term like 'Error', the value will be '1' for each occurrence. If you're counting the bytes transferred the published value will be the value in the log event. | string | false |
|
||||||
metric_transformation_default_value | The value to emit when a filter pattern does not match a log event. | string | false |
|
metric_transformation_default_value | The value to emit when a filter pattern does not match a log event. | string | false |
|
||||||
create_cloudwatch_log_metric_filter | Whether to create the Cloudwatch log metric filter | bool | false |
|
create_cloudwatch_log_metric_filter | Whether to create the Cloudwatch log metric filter | bool | false |
|
||||||
name | A name for the metric filter. | string | true |
|
name | A name for the metric filter. | string | true |
|
||||||
pattern | A valid CloudWatch Logs filter pattern for extracting metric data out of ingested log events. | string | true |
|
pattern | A valid CloudWatch Logs filter pattern for extracting metric data out of ingested log events. | string | true |
|
||||||
|
log_group_name | The name of the log group to associate the metric filter with | string | true |
|
||||||
|
metric_transformation_name | The name of the CloudWatch metric to which the monitored log information should be published (e.g. ErrorCount) | string | true |
|
||||||
|
metric_transformation_namespace | The destination namespace of the CloudWatch metric. | string | true |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,28 +13,29 @@ Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
unit | The unit for the alarm's associated metric. | string | false |
|
|
||||||
statistic | The statistic to apply to the alarm's associated metric. Either of the following is supported: SampleCount, Average, Sum, Minimum, Maximum | string | false |
|
|
||||||
dimensions | The dimensions for the alarm's associated metric. | any | false |
|
|
||||||
treat_missing_data | Sets how this alarm is to handle missing data points. The following values are supported: missing, ignore, breaching and notBreaching. | string | false |
|
treat_missing_data | Sets how this alarm is to handle missing data points. The following values are supported: missing, ignore, breaching and notBreaching. | string | false |
|
||||||
tags | A mapping of tags to assign to all resources | map(string) | false |
|
|
||||||
create_metric_alarm | Whether to create the Cloudwatch metric alarm | bool | false |
|
|
||||||
threshold | The value against which the specified statistic is compared. | number | true |
|
|
||||||
namespace | The namespace for the alarm's associated metric. See docs for the list of namespaces. See docs for supported metrics. | string | false |
|
|
||||||
period | The period in seconds over which the specified statistic is applied. | string | false |
|
|
||||||
actions_enabled | Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to true. | bool | false |
|
|
||||||
datapoints_to_alarm | The number of datapoints that must be breaching to trigger the alarm. | number | false |
|
|
||||||
alarm_actions | The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
|
||||||
metric_query | Enables you to create an alarm based on a metric math expression. You may specify at most 20. | any | false |
|
metric_query | Enables you to create an alarm based on a metric math expression. You may specify at most 20. | any | false |
|
||||||
comparison_operator | The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold. | string | true |
|
create_metric_alarm | Whether to create the Cloudwatch metric alarm | bool | false |
|
||||||
metric_name | The name for the alarm's associated metric. See docs for supported metrics. | string | false |
|
namespace | The namespace for the alarm's associated metric. See docs for the list of namespaces. See docs for supported metrics. | string | false |
|
||||||
|
dimensions | The dimensions for the alarm's associated metric. | any | false |
|
||||||
|
alarm_actions | The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
extended_statistic | The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100. | string | false |
|
||||||
|
evaluate_low_sample_count_percentiles | Used only for alarms based on percentiles. If you specify ignore, the alarm state will not change during periods with too few data points to be statistically significant. If you specify evaluate or omit this parameter, the alarm will always be evaluated and possibly change state no matter how many data points are available. The following values are supported: ignore, and evaluate. | string | false |
|
||||||
|
period | The period in seconds over which the specified statistic is applied. | string | false |
|
||||||
|
statistic | The statistic to apply to the alarm's associated metric. Either of the following is supported: SampleCount, Average, Sum, Minimum, Maximum | string | false |
|
||||||
|
datapoints_to_alarm | The number of datapoints that must be breaching to trigger the alarm. | number | false |
|
||||||
insufficient_data_actions | The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
insufficient_data_actions | The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
ok_actions | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
ok_actions | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
evaluate_low_sample_count_percentiles | Used only for alarms based on percentiles. If you specify ignore, the alarm state will not change during periods with too few data points to be statistically significant. If you specify evaluate or omit this parameter, the alarm will always be evaluated and possibly change state no matter how many data points are available. The following values are supported: ignore, and evaluate. | string | false |
|
metric_name | The name for the alarm's associated metric. See docs for supported metrics. | string | false |
|
||||||
alarm_name | The descriptive name for the alarm. This name must be unique within the user's AWS account. | string | true |
|
alarm_name | The descriptive name for the alarm. This name must be unique within the user's AWS account. | string | true |
|
||||||
alarm_description | The description for the alarm. | string | false |
|
alarm_description | The description for the alarm. | string | false |
|
||||||
|
comparison_operator | The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold. | string | true |
|
||||||
evaluation_periods | The number of periods over which data is compared to the specified threshold. | number | true |
|
evaluation_periods | The number of periods over which data is compared to the specified threshold. | number | true |
|
||||||
extended_statistic | The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100. | string | false |
|
threshold | The value against which the specified statistic is compared. | number | false |
|
||||||
|
threshold_metric_id | If this is an alarm based on an anomaly detection model, make this value match the ID of the ANOMALY_DETECTION_BAND function. | string | false |
|
||||||
|
unit | The unit for the alarm's associated metric. | string | false |
|
||||||
|
actions_enabled | Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to true. | bool | false |
|
||||||
|
tags | A mapping of tags to assign to all resources | map(string) | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,46 @@
|
||||||
|
---
|
||||||
|
title: AWS CLOUDWATCH-METRIC-ALARMS-BY-MULTIPLE-DIMENSIONS
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
alarm_description | The description for the alarm. | string | false |
|
||||||
|
threshold | The value against which the specified statistic is compared. | number | true |
|
||||||
|
unit | The unit for the alarm's associated metric. | string | false |
|
||||||
|
dimensions | The dimensions for the alarm's associated metric. | any | false |
|
||||||
|
alarm_name | The descriptive name for the alarm. This name must be unique within the user's AWS account. | string | true |
|
||||||
|
evaluation_periods | The number of periods over which data is compared to the specified threshold. | number | true |
|
||||||
|
actions_enabled | Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to true. | bool | false |
|
||||||
|
alarm_actions | The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
insufficient_data_actions | The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
evaluate_low_sample_count_percentiles | Used only for alarms based on percentiles. If you specify ignore, the alarm state will not change during periods with too few data points to be statistically significant. If you specify evaluate or omit this parameter, the alarm will always be evaluated and possibly change state no matter how many data points are available. The following values are supported: ignore, and evaluate. | string | false |
|
||||||
|
create_metric_alarm | Whether to create the Cloudwatch metric alarm | bool | false |
|
||||||
|
comparison_operator | The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold. | string | true |
|
||||||
|
metric_name | The name for the alarm's associated metric. See docs for supported metrics. | string | false |
|
||||||
|
namespace | The namespace for the alarm's associated metric. See docs for the list of namespaces. See docs for supported metrics. | string | false |
|
||||||
|
statistic | The statistic to apply to the alarm's associated metric. Either of the following is supported: SampleCount, Average, Sum, Minimum, Maximum | string | false |
|
||||||
|
ok_actions | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
treat_missing_data | Sets how this alarm is to handle missing data points. The following values are supported: missing, ignore, breaching and notBreaching. | string | false |
|
||||||
|
tags | A mapping of tags to assign to all resources | map(string) | false |
|
||||||
|
period | The period in seconds over which the specified statistic is applied. | string | false |
|
||||||
|
datapoints_to_alarm | The number of datapoints that must be breaching to trigger the alarm. | number | false |
|
||||||
|
extended_statistic | The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100. | string | false |
|
||||||
|
metric_query | Enables you to create an alarm based on a metric math expression. You may specify at most 20. | any | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -13,28 +13,28 @@ Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
treat_missing_data | Sets how this alarm is to handle missing data points. The following values are supported: missing, ignore, breaching and notBreaching. | string | false |
|
||||||
|
evaluate_low_sample_count_percentiles | Used only for alarms based on percentiles. If you specify ignore, the alarm state will not change during periods with too few data points to be statistically significant. If you specify evaluate or omit this parameter, the alarm will always be evaluated and possibly change state no matter how many data points are available. The following values are supported: ignore, and evaluate. | string | false |
|
||||||
|
evaluation_periods | The number of periods over which data is compared to the specified threshold. | number | true |
|
||||||
|
namespace | The namespace for the alarm's associated metric. See docs for the list of namespaces. See docs for supported metrics. | string | false |
|
||||||
|
dimensions | The dimensions for the alarm's associated metric. | any | false |
|
||||||
|
extended_statistic | The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100. | string | false |
|
||||||
|
create_metric_alarm | Whether to create the Cloudwatch metric alarm | bool | false |
|
||||||
metric_query | Enables you to create an alarm based on a metric math expression. You may specify at most 20. | any | false |
|
metric_query | Enables you to create an alarm based on a metric math expression. You may specify at most 20. | any | false |
|
||||||
comparison_operator | The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold. | string | true |
|
|
||||||
period | The period in seconds over which the specified statistic is applied. | string | false |
|
|
||||||
actions_enabled | Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to true. | bool | false |
|
actions_enabled | Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to true. | bool | false |
|
||||||
datapoints_to_alarm | The number of datapoints that must be breaching to trigger the alarm. | number | false |
|
datapoints_to_alarm | The number of datapoints that must be breaching to trigger the alarm. | number | false |
|
||||||
insufficient_data_actions | The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
insufficient_data_actions | The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
extended_statistic | The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100. | string | false |
|
|
||||||
evaluate_low_sample_count_percentiles | Used only for alarms based on percentiles. If you specify ignore, the alarm state will not change during periods with too few data points to be statistically significant. If you specify evaluate or omit this parameter, the alarm will always be evaluated and possibly change state no matter how many data points are available. The following values are supported: ignore, and evaluate. | string | false |
|
|
||||||
create_metric_alarm | Whether to create the Cloudwatch metric alarm | bool | false |
|
|
||||||
unit | The unit for the alarm's associated metric. | string | false |
|
|
||||||
statistic | The statistic to apply to the alarm's associated metric. Either of the following is supported: SampleCount, Average, Sum, Minimum, Maximum | string | false |
|
|
||||||
ok_actions | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
ok_actions | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
treat_missing_data | Sets how this alarm is to handle missing data points. The following values are supported: missing, ignore, breaching and notBreaching. | string | false |
|
|
||||||
tags | A mapping of tags to assign to all resources | map(string) | false |
|
|
||||||
alarm_name | The descriptive name for the alarm. This name must be unique within the user's AWS account. | string | true |
|
alarm_name | The descriptive name for the alarm. This name must be unique within the user's AWS account. | string | true |
|
||||||
alarm_description | The description for the alarm. | string | false |
|
comparison_operator | The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold. | string | true |
|
||||||
dimensions | The dimensions for the alarm's associated metric. | any | false |
|
unit | The unit for the alarm's associated metric. | string | false |
|
||||||
alarm_actions | The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
|
||||||
evaluation_periods | The number of periods over which data is compared to the specified threshold. | number | true |
|
|
||||||
threshold | The value against which the specified statistic is compared. | number | true |
|
|
||||||
metric_name | The name for the alarm's associated metric. See docs for supported metrics. | string | false |
|
metric_name | The name for the alarm's associated metric. See docs for supported metrics. | string | false |
|
||||||
namespace | The namespace for the alarm's associated metric. See docs for the list of namespaces. See docs for supported metrics. | string | false |
|
alarm_actions | The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
tags | A mapping of tags to assign to all resources | map(string) | false |
|
||||||
|
alarm_description | The description for the alarm. | string | false |
|
||||||
|
threshold | The value against which the specified statistic is compared. | number | true |
|
||||||
|
period | The period in seconds over which the specified statistic is applied. | string | false |
|
||||||
|
statistic | The statistic to apply to the alarm's associated metric. Either of the following is supported: SampleCount, Average, Sum, Minimum, Maximum | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -14,21 +14,21 @@ This module configures AWS Config, a service that enables you to assess, audit,
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
sns_encryption_key_id | The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK. | string | false |
|
sns_encryption_key_id | The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK. | string | false |
|
||||||
|
subscribers | A map of subscription configurations for SNS topics\n\nFor more information, see:\nhttps://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription#argument-reference\n\nprotocol:\n The protocol to use. The possible values for this are: sqs, sms, lambda, application. (http or https are partially\n supported, see link) (email is an option but is unsupported in terraform, see link).\nendpoint:\n The endpoint to send data to, the contents will vary with the protocol. (see link for more information)\nendpoint_auto_confirms (Optional):\n Boolean indicating whether the end point is capable of auto confirming subscription e.g., PagerDuty. Default is\n false\nraw_message_delivery (Optional):\n Boolean indicating whether or not to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property). Default is false.\n | map(any) | false |
|
||||||
|
iam_role_arn | The ARN for an IAM Role AWS Config uses to make read or write requests to the delivery channel and to describe the\nAWS resources associated with the account. This is only used if create_iam_role is false.\n\nIf you want to use an existing IAM Role, set the value of this to the ARN of the existing topic and set\ncreate_iam_role to false.\n\nSee the AWS Docs for further information:\nhttp://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html\n | string | false |
|
||||||
|
global_resource_collector_region | The region that collects AWS Config data for global resources such as IAM | string | true |
|
||||||
|
managed_rules | A list of AWS Managed Rules that should be enabled on the account.\n\nSee the following for a list of possible rules to enable:\nhttps://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html\n | map(object({\n description = string\n identifier = string\n input_parameters = any\n tags = map(string)\n enabled = bool\n })) | false |
|
||||||
|
s3_bucket_id | The id (name) of the S3 bucket used to store the configuration history | string | true |
|
||||||
|
create_sns_topic | Flag to indicate whether an SNS topic should be created for notifications\nIf you want to send findings to a new SNS topic, set this to true and provide a valid configuration for subscribers\n | bool | false |
|
||||||
sqs_queue_kms_master_key_id | The ID of an AWS-managed customer master key (CMK) for Amazon SQS Queue or a custom CMK | string | false |
|
sqs_queue_kms_master_key_id | The ID of an AWS-managed customer master key (CMK) for Amazon SQS Queue or a custom CMK | string | false |
|
||||||
|
central_resource_collector_account | The account ID of a central account that will aggregate AWS Config from other accounts | string | false |
|
||||||
child_resource_collector_accounts | The account IDs of other accounts that will send their AWS Configuration to this account | set(string) | false |
|
child_resource_collector_accounts | The account IDs of other accounts that will send their AWS Configuration to this account | set(string) | false |
|
||||||
force_destroy | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable | bool | false |
|
force_destroy | A boolean that indicates all objects should be deleted from the bucket so that the bucket can be destroyed without error. These objects are not recoverable | bool | false |
|
||||||
create_iam_role | Flag to indicate whether an IAM Role should be created to grant the proper permissions for AWS Config | bool | false |
|
|
||||||
global_resource_collector_region | The region that collects AWS Config data for global resources such as IAM | string | true |
|
|
||||||
central_resource_collector_account | The account ID of a central account that will aggregate AWS Config from other accounts | string | false |
|
|
||||||
disabled_aggregation_regions | A list of regions where config aggregation is disabled | list(string) | false |
|
|
||||||
s3_bucket_id | The id (name) of the S3 bucket used to store the configuration history | string | true |
|
|
||||||
iam_role_arn | The ARN for an IAM Role AWS Config uses to make read or write requests to the delivery channel and to describe the\nAWS resources associated with the account. This is only used if create_iam_role is false.\n\nIf you want to use an existing IAM Role, set the value of this to the ARN of the existing topic and set\ncreate_iam_role to false.\n\nSee the AWS Docs for further information:\nhttp://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html\n | string | false |
|
|
||||||
s3_key_prefix | The prefix for AWS Config objects stored in the the S3 bucket. If this variable is set to null, the default, no\nprefix will be used.\n\nExamples:\n\nwith prefix: {S3_BUCKET NAME}:/{S3_KEY_PREFIX}/AWSLogs/{ACCOUNT_ID}/Config/*.\nwithout prefix: {S3_BUCKET NAME}:/AWSLogs/{ACCOUNT_ID}/Config/*.\n | string | false |
|
|
||||||
s3_bucket_arn | The ARN of the S3 bucket used to store the configuration history | string | true |
|
|
||||||
create_sns_topic | Flag to indicate whether an SNS topic should be created for notifications\nIf you want to send findings to a new SNS topic, set this to true and provide a valid configuration for subscribers\n | bool | false |
|
|
||||||
subscribers | A map of subscription configurations for SNS topics\n\nFor more information, see:\nhttps://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription#argument-reference\n\nprotocol:\n The protocol to use. The possible values for this are: sqs, sms, lambda, application. (http or https are partially\n supported, see link) (email is an option but is unsupported in terraform, see link).\nendpoint:\n The endpoint to send data to, the contents will vary with the protocol. (see link for more information)\nendpoint_auto_confirms (Optional):\n Boolean indicating whether the end point is capable of auto confirming subscription e.g., PagerDuty. Default is\n false\nraw_message_delivery (Optional):\n Boolean indicating whether or not to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property). Default is false.\n | map(any) | false |
|
|
||||||
findings_notification_arn | The ARN for an SNS topic to send findings notifications to. This is only used if create_sns_topic is false.\nIf you want to send findings to an existing SNS topic, set the value of this to the ARN of the existing topic and set\ncreate_sns_topic to false.\n | string | false |
|
findings_notification_arn | The ARN for an SNS topic to send findings notifications to. This is only used if create_sns_topic is false.\nIf you want to send findings to an existing SNS topic, set the value of this to the ARN of the existing topic and set\ncreate_sns_topic to false.\n | string | false |
|
||||||
managed_rules | A list of AWS Managed Rules that should be enabled on the account.\n\nSee the following for a list of possible rules to enable:\nhttps://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html\n | map(object({\n description = string\n identifier = string\n input_parameters = any\n tags = map(string)\n enabled = bool\n })) | false |
|
s3_bucket_arn | The ARN of the S3 bucket used to store the configuration history | string | true |
|
||||||
|
create_iam_role | Flag to indicate whether an IAM Role should be created to grant the proper permissions for AWS Config | bool | false |
|
||||||
|
s3_key_prefix | The prefix for AWS Config objects stored in the the S3 bucket. If this variable is set to null, the default, no\nprefix will be used.\n\nExamples:\n\nwith prefix: {S3_BUCKET NAME}:/{S3_KEY_PREFIX}/AWSLogs/{ACCOUNT_ID}/Config/*.\nwithout prefix: {S3_BUCKET NAME}:/AWSLogs/{ACCOUNT_ID}/Config/*.\n | string | false |
|
||||||
|
disabled_aggregation_regions | A list of regions where config aggregation is disabled | list(string) | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,26 @@
|
||||||
|
---
|
||||||
|
title: AWS DELEGATION-SETS
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform module which creates Route53 resources on AWS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
create | Whether to create Route53 delegation sets | bool | false |
|
||||||
|
delegation_sets | Map of Route53 delegation set parameters | any | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -13,31 +13,31 @@ Terraform module which creates DynamoDB table on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
write_capacity | The number of write units for this table. If the billing_mode is PROVISIONED, this field should be greater than 0 | number | false |
|
||||||
|
tags | A map of tags to add to all resources | map(string) | false |
|
||||||
|
timeouts | Updated Terraform resource management timeouts | map(string) | false |
|
||||||
|
attributes | List of nested attribute definitions. Only required for hash_key and range_key attributes. Each attribute has two properties: name - (Required) The name of the attribute, type - (Required) Attribute type, which must be a scalar type: S, N, or B for (S)tring, (N)umber or (B)inary data | list(map(string)) | false |
|
||||||
hash_key | The attribute to use as the hash (partition) key. Must also be defined as an attribute | string | false |
|
hash_key | The attribute to use as the hash (partition) key. Must also be defined as an attribute | string | false |
|
||||||
|
replica_regions | Region names for creating replicas for a global DynamoDB table. | any | false |
|
||||||
|
stream_enabled | Indicates whether Streams are to be enabled (true) or disabled (false). | bool | false |
|
||||||
|
stream_view_type | When an item in the table is modified, StreamViewType determines what information is written to the table's stream. Valid values are KEYS_ONLY, NEW_IMAGE, OLD_IMAGE, NEW_AND_OLD_IMAGES. | string | false |
|
||||||
|
autoscaling_defaults | A map of default autoscaling settings | map(string) | false |
|
||||||
|
autoscaling_indexes | A map of index autoscaling configurations. See example in examples/autoscaling | map(map(string)) | false |
|
||||||
|
autoscaling_write | A map of write autoscaling settings. `max_capacity` is the only required key. See example in examples/autoscaling | map(string) | false |
|
||||||
|
name | Name of the DynamoDB table | string | false |
|
||||||
point_in_time_recovery_enabled | Whether to enable point-in-time recovery | bool | false |
|
point_in_time_recovery_enabled | Whether to enable point-in-time recovery | bool | false |
|
||||||
ttl_attribute_name | The name of the table attribute to store the TTL timestamp in | string | false |
|
ttl_attribute_name | The name of the table attribute to store the TTL timestamp in | string | false |
|
||||||
local_secondary_indexes | Describe an LSI on the table; these can only be allocated at creation so you cannot change this definition after you have created the resource. | any | false |
|
local_secondary_indexes | Describe an LSI on the table; these can only be allocated at creation so you cannot change this definition after you have created the resource. | any | false |
|
||||||
autoscaling_defaults | A map of default autoscaling settings | map(string) | false |
|
|
||||||
timeouts | Updated Terraform resource management timeouts | map(string) | false |
|
|
||||||
range_key | The attribute to use as the range (sort) key. Must also be defined as an attribute | string | false |
|
|
||||||
global_secondary_indexes | Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. | any | false |
|
|
||||||
stream_view_type | When an item in the table is modified, StreamViewType determines what information is written to the table's stream. Valid values are KEYS_ONLY, NEW_IMAGE, OLD_IMAGE, NEW_AND_OLD_IMAGES. | string | false |
|
|
||||||
server_side_encryption_kms_key_arn | The ARN of the CMK that should be used for the AWS KMS encryption. This attribute should only be specified if the key is different from the default DynamoDB CMK, alias/aws/dynamodb. | string | false |
|
|
||||||
tags | A map of tags to add to all resources | map(string) | false |
|
|
||||||
autoscaling_write | A map of write autoscaling settings. `max_capacity` is the only required key. See example in examples/autoscaling | map(string) | false |
|
|
||||||
create_table | Controls if DynamoDB table and associated resources are created | bool | false |
|
|
||||||
billing_mode | Controls how you are billed for read/write throughput and how you manage capacity. The valid values are PROVISIONED or PAY_PER_REQUEST | string | false |
|
|
||||||
read_capacity | The number of read units for this table. If the billing_mode is PROVISIONED, this field should be greater than 0 | number | false |
|
|
||||||
stream_enabled | Indicates whether Streams are to be enabled (true) or disabled (false). | bool | false |
|
|
||||||
autoscaling_read | A map of read autoscaling settings. `max_capacity` is the only required key. See example in examples/autoscaling | map(string) | false |
|
|
||||||
server_side_encryption_enabled | Whether or not to enable encryption at rest using an AWS managed KMS customer master key (CMK) | bool | false |
|
server_side_encryption_enabled | Whether or not to enable encryption at rest using an AWS managed KMS customer master key (CMK) | bool | false |
|
||||||
autoscaling_enabled | Whether or not to enable autoscaling. See note in README about this setting | bool | false |
|
autoscaling_enabled | Whether or not to enable autoscaling. See note in README about this setting | bool | false |
|
||||||
autoscaling_indexes | A map of index autoscaling configurations. See example in examples/autoscaling | map(map(string)) | false |
|
autoscaling_read | A map of read autoscaling settings. `max_capacity` is the only required key. See example in examples/autoscaling | map(string) | false |
|
||||||
name | Name of the DynamoDB table | string | false |
|
create_table | Controls if DynamoDB table and associated resources are created | bool | false |
|
||||||
attributes | List of nested attribute definitions. Only required for hash_key and range_key attributes. Each attribute has two properties: name - (Required) The name of the attribute, type - (Required) Attribute type, which must be a scalar type: S, N, or B for (S)tring, (N)umber or (B)inary data | list(map(string)) | false |
|
range_key | The attribute to use as the range (sort) key. Must also be defined as an attribute | string | false |
|
||||||
write_capacity | The number of write units for this table. If the billing_mode is PROVISIONED, this field should be greater than 0 | number | false |
|
billing_mode | Controls how you are billed for read/write throughput and how you manage capacity. The valid values are PROVISIONED or PAY_PER_REQUEST | string | false |
|
||||||
|
read_capacity | The number of read units for this table. If the billing_mode is PROVISIONED, this field should be greater than 0 | number | false |
|
||||||
ttl_enabled | Indicates whether ttl is enabled | bool | false |
|
ttl_enabled | Indicates whether ttl is enabled | bool | false |
|
||||||
replica_regions | Region names for creating replicas for a global DynamoDB table. | any | false |
|
global_secondary_indexes | Describe a GSI for the table; subject to the normal limits on the number of GSIs, projected attributes, etc. | any | false |
|
||||||
|
server_side_encryption_kms_key_arn | The ARN of the CMK that should be used for the AWS KMS encryption. This attribute should only be specified if the key is different from the default DynamoDB CMK, alias/aws/dynamodb. | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,56 +13,57 @@ Terraform module which creates EC2 instance(s) on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
ami | ID of AMI to use for the instance | string | false |
|
|
||||||
associate_public_ip_address | Whether to associate a public IP address with an instance in a VPC | bool | false |
|
|
||||||
cpu_credits | The credit option for CPU usage (unlimited or standard) | string | false |
|
|
||||||
spot_launch_group | A launch group is a group of spot instances that launch together and terminate together. If left empty instances are launched and terminated individually | string | false |
|
|
||||||
spot_valid_until | The end date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ) | string | false |
|
|
||||||
name | Name to be used on EC2 instance created | string | false |
|
|
||||||
ebs_optimized | If true, the launched EC2 instance will be EBS-optimized | bool | false |
|
|
||||||
ephemeral_block_device | Customize Ephemeral (also known as Instance Store) volumes on the instance | list(map(string)) | false |
|
|
||||||
hibernation | If true, the launched EC2 instance will support hibernation | bool | false |
|
|
||||||
instance_type | The type of instance to start | string | false |
|
|
||||||
metadata_options | Customize the metadata options of the instance | map(string) | false |
|
|
||||||
subnet_id | The VPC Subnet ID to launch in | string | false |
|
subnet_id | The VPC Subnet ID to launch in | string | false |
|
||||||
spot_wait_for_fulfillment | If set, Terraform will wait for the Spot Request to be fulfilled, and will throw an error if the timeout of 10m is reached | bool | false |
|
vpc_security_group_ids | A list of security group IDs to associate with | list(string) | false |
|
||||||
disable_api_termination | If true, enables EC2 Instance Termination Protection | bool | false |
|
|
||||||
iam_instance_profile | IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile | string | false |
|
|
||||||
placement_group | The Placement Group to start the instance in | string | false |
|
|
||||||
user_data_base64 | Can be used instead of user_data to pass base64-encoded binary data directly. Use this instead of user_data whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. | string | false |
|
|
||||||
cpu_threads_per_core | Sets the number of CPU threads per core for an instance (has no effect unless cpu_core_count is also set). | number | false |
|
cpu_threads_per_core | Sets the number of CPU threads per core for an instance (has no effect unless cpu_core_count is also set). | number | false |
|
||||||
get_password_data | If true, wait for password data to become available and retrieve it. | bool | false |
|
associate_public_ip_address | Whether to associate a public IP address with an instance in a VPC | bool | false |
|
||||||
|
instance_type | The type of instance to start | string | false |
|
||||||
|
launch_template | Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template | map(string) | false |
|
||||||
|
metadata_options | Customize the metadata options of the instance | map(string) | false |
|
||||||
|
ebs_optimized | If true, the launched EC2 instance will be EBS-optimized | bool | false |
|
||||||
|
source_dest_check | Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. | bool | false |
|
||||||
|
spot_price | The maximum price to request on the spot market. Defaults to on-demand price | string | false |
|
||||||
instance_initiated_shutdown_behavior | Shutdown behavior for the instance. Amazon defaults this to stop for EBS-backed instances and terminate for instance-store instances. Cannot be set on instance-store instance | string | false |
|
instance_initiated_shutdown_behavior | Shutdown behavior for the instance. Amazon defaults this to stop for EBS-backed instances and terminate for instance-store instances. Cannot be set on instance-store instance | string | false |
|
||||||
|
root_block_device | Customize details about the root block device of the instance. See Block Devices below for details | list(any) | false |
|
||||||
|
volume_tags | A mapping of tags to assign to the devices created by the instance at launch time | map(string) | false |
|
||||||
|
enable_volume_tags | Whether to enable volume tags (if enabled it conflicts with root_block_device tags) | bool | false |
|
||||||
|
create | Whether to create an instance | bool | false |
|
||||||
|
enclave_options_enabled | Whether Nitro Enclaves will be enabled on the instance. Defaults to `false` | bool | false |
|
||||||
|
ephemeral_block_device | Customize Ephemeral (also known as Instance Store) volumes on the instance | list(map(string)) | false |
|
||||||
|
iam_instance_profile | IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile | string | false |
|
||||||
|
timeouts | Define maximum timeout for creating, updating, and deleting EC2 instance resources | map(string) | false |
|
||||||
|
ipv6_address_count | A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet | number | false |
|
||||||
|
tags | A mapping of tags to assign to the resource | map(string) | false |
|
||||||
|
tenancy | The tenancy of the instance (if the instance is running in a VPC). Available values: default, dedicated, host. | string | false |
|
||||||
|
name | Name to be used on EC2 instance created | string | false |
|
||||||
|
ami | ID of AMI to use for the instance | string | false |
|
||||||
|
hibernation | If true, the launched EC2 instance will support hibernation | bool | false |
|
||||||
|
secondary_private_ips | A list of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e. referenced in a `network_interface block` | list(string) | false |
|
||||||
|
placement_group | The Placement Group to start the instance in | string | false |
|
||||||
|
cpu_core_count | Sets the number of CPU cores for an instance. | number | false |
|
||||||
|
spot_block_duration_minutes | The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360) | number | false |
|
||||||
|
capacity_reservation_specification | Describes an instance's Capacity Reservation targeting option | any | false |
|
||||||
|
get_password_data | If true, wait for password data to become available and retrieve it. | bool | false |
|
||||||
key_name | Key name of the Key Pair to use for the instance; which can be managed using the `aws_key_pair` resource | string | false |
|
key_name | Key name of the Key Pair to use for the instance; which can be managed using the `aws_key_pair` resource | string | false |
|
||||||
network_interface | Customize network interfaces to be attached at instance boot time | list(map(string)) | false |
|
network_interface | Customize network interfaces to be attached at instance boot time | list(map(string)) | false |
|
||||||
source_dest_check | Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. | bool | false |
|
|
||||||
tags | A mapping of tags to assign to the resource | map(string) | false |
|
|
||||||
create_spot_instance | Depicts if the instance is a spot instance | bool | false |
|
|
||||||
spot_valid_from | The start date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ) | string | false |
|
|
||||||
ebs_block_device | Additional EBS block devices to attach to the instance | list(map(string)) | false |
|
|
||||||
launch_template | Specifies a Launch Template to configure the instance. Parameters configured on this resource will override the corresponding parameters in the Launch Template | map(string) | false |
|
|
||||||
private_ip | Private IP address to associate with the instance in a VPC | string | false |
|
|
||||||
tenancy | The tenancy of the instance (if the instance is running in a VPC). Available values: default, dedicated, host. | string | false |
|
|
||||||
availability_zone | AZ to start the instance in | string | false |
|
|
||||||
monitoring | If true, the launched EC2 instance will have detailed monitoring enabled | bool | false |
|
|
||||||
enable_volume_tags | Whether to enable volume tags (if enabled it conflicts with root_block_device tags) | bool | false |
|
|
||||||
vpc_security_group_ids | A list of security group IDs to associate with | list(string) | false |
|
|
||||||
timeouts | Define maximum timeout for creating, updating, and deleting EC2 instance resources | map(string) | false |
|
|
||||||
capacity_reservation_specification | Describes an instance's Capacity Reservation targeting option | any | false |
|
|
||||||
ipv6_address_count | A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet | number | false |
|
|
||||||
root_block_device | Customize details about the root block device of the instance. See Block Devices below for details | list(any) | false |
|
|
||||||
user_data | The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see user_data_base64 instead. | string | false |
|
|
||||||
volume_tags | A mapping of tags to assign to the devices created by the instance at launch time | map(string) | false |
|
|
||||||
cpu_core_count | Sets the number of CPU cores for an instance. | number | false |
|
|
||||||
spot_type | If set to one-time, after the instance is terminated, the spot request will be closed. Default `persistent` | string | false |
|
spot_type | If set to one-time, after the instance is terminated, the spot request will be closed. Default `persistent` | string | false |
|
||||||
create | Whether to create an instance | bool | false |
|
spot_launch_group | A launch group is a group of spot instances that launch together and terminate together. If left empty instances are launched and terminated individually | string | false |
|
||||||
host_id | ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host | string | false |
|
|
||||||
ipv6_addresses | Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface | list(string) | false |
|
|
||||||
secondary_private_ips | A list of secondary private IPv4 addresses to assign to the instance's primary network interface (eth0) in a VPC. Can only be assigned to the primary network interface (eth0) attached at instance creation, not a pre-existing network interface i.e. referenced in a `network_interface block` | list(string) | false |
|
|
||||||
spot_price | The maximum price to request on the spot market. Defaults to on-demand price | string | false |
|
|
||||||
spot_block_duration_minutes | The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360) | number | false |
|
|
||||||
spot_instance_interruption_behavior | Indicates Spot instance behavior when it is interrupted. Valid values are `terminate`, `stop`, or `hibernate` | string | false |
|
spot_instance_interruption_behavior | Indicates Spot instance behavior when it is interrupted. Valid values are `terminate`, `stop`, or `hibernate` | string | false |
|
||||||
enclave_options_enabled | Whether Nitro Enclaves will be enabled on the instance. Defaults to `false` | bool | false |
|
spot_valid_until | The end date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ) | string | false |
|
||||||
|
cpu_credits | The credit option for CPU usage (unlimited or standard) | string | false |
|
||||||
|
monitoring | If true, the launched EC2 instance will have detailed monitoring enabled | bool | false |
|
||||||
|
user_data_base64 | Can be used instead of user_data to pass base64-encoded binary data directly. Use this instead of user_data whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption. | string | false |
|
||||||
|
spot_wait_for_fulfillment | If set, Terraform will wait for the Spot Request to be fulfilled, and will throw an error if the timeout of 10m is reached | bool | false |
|
||||||
|
spot_valid_from | The start date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ) | string | false |
|
||||||
|
ipv6_addresses | Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface | list(string) | false |
|
||||||
|
private_ip | Private IP address to associate with the instance in a VPC | string | false |
|
||||||
|
user_data | The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see user_data_base64 instead. | string | false |
|
||||||
|
create_spot_instance | Depicts if the instance is a spot instance | bool | false |
|
||||||
|
availability_zone | AZ to start the instance in | string | false |
|
||||||
|
disable_api_termination | If true, enables EC2 Instance Termination Protection | bool | false |
|
||||||
|
ebs_block_device | Additional EBS block devices to attach to the instance | list(map(string)) | false |
|
||||||
|
host_id | ID of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host | string | false |
|
||||||
|
putin_khuylo | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | bool | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,48 +13,48 @@ Terraform module to generate well-formed JSON documents (container definitions)
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
disable_networking | When this parameter is true, networking is disabled within the container. | bool | false |
|
port_mappings | The port mappings to configure for the container. This is a list of maps. Each map should contain "containerPort", "hostPort", and "protocol", where "protocol" is one of "tcp" or "udp". If using containers in a task with the awsvpc or host network mode, the hostPort can either be left blank or set to the same value as the containerPort | list(object({\n containerPort = number\n hostPort = number\n protocol = string\n })) | false |
|
||||||
resource_requirements | The type and amount of a resource to assign to a container. The only supported resource is a GPU. | list(object({\n type = string\n value = string\n })) | false |
|
|
||||||
container_memory | The amount of memory (in MiB) to allow the container to use. This is a hard limit, if the container attempts to exceed the container_memory, the container is killed. This field is optional for Fargate launch type and the total amount of container_memory of all containers in a task will need to be lower than the task memory value | number | false |
|
|
||||||
healthcheck | A map containing command (string), timeout, interval (duration in seconds), retries (1-10, number of times to retry before marking container unhealthy), and startPeriod (0-300, optional grace period to wait, in seconds, before failed healthchecks count toward retries) | object({\n command = list(string)\n retries = number\n timeout = number\n interval = number\n startPeriod = number\n }) | false |
|
|
||||||
start_timeout | Time duration (in seconds) to wait before giving up on resolving dependencies for a container | number | false |
|
|
||||||
map_environment | The environment variables to pass to the container. This is a map of string: {key: value}. map_environment overrides environment | map(string) | false |
|
|
||||||
readonly_root_filesystem | Determines whether a container is given read-only access to its root filesystem. Due to how Terraform type casts booleans in json it is required to double quote this value | bool | false |
|
|
||||||
dns_servers | Container DNS servers. This is a list of strings specifying the IP addresses of the DNS servers | list(string) | false |
|
|
||||||
volumes_from | A list of VolumesFrom maps which contain "sourceContainer" (name of the container that has the volumes to mount) and "readOnly" (whether the container can write to the volume) | list(object({\n sourceContainer = string\n readOnly = bool\n })) | false |
|
|
||||||
container_image | The image used to start the container. Images in the Docker Hub registry available by default | string | true |
|
|
||||||
container_cpu | The number of cpu units to reserve for the container. This is optional for tasks using Fargate launch type and the total amount of container_cpu of all containers in a task will need to be lower than the task-level cpu value | number | false |
|
|
||||||
essential | Determines whether all other containers in a task are stopped, if this container fails or stops for any reason. Due to how Terraform type casts booleans in json it is required to double quote this value | bool | false |
|
|
||||||
repository_credentials | Container repository credentials; required when using a private repo. This map currently supports a single key; "credentialsParameter", which should be the ARN of a Secrets Manager's secret holding the credentials | map(string) | false |
|
|
||||||
system_controls | A list of namespaced kernel parameters to set in the container, mapping to the --sysctl option to docker run. This is a list of maps: { namespace = "", value = ""} | list(map(string)) | false |
|
|
||||||
hostname | The hostname to use for your container. | string | false |
|
|
||||||
linux_parameters | Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more details, see https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LinuxParameters.html | object({\n capabilities = object({\n add = list(string)\n drop = list(string)\n })\n devices = list(object({\n containerPath = string\n hostPath = string\n permissions = list(string)\n }))\n initProcessEnabled = bool\n maxSwap = number\n sharedMemorySize = number\n swappiness = number\n tmpfs = list(object({\n containerPath = string\n mountOptions = list(string)\n size = number\n }))\n }) | false |
|
|
||||||
ulimits | Container ulimit settings. This is a list of maps, where each map should contain "name", "hardLimit" and "softLimit" | list(object({\n name = string\n hardLimit = number\n softLimit = number\n })) | false |
|
|
||||||
docker_security_options | A list of strings to provide custom labels for SELinux and AppArmor multi-level security systems. | list(string) | false |
|
|
||||||
entrypoint | The entry point that is passed to the container | list(string) | false |
|
|
||||||
command | The command that is passed to the container | list(string) | false |
|
command | The command that is passed to the container | list(string) | false |
|
||||||
|
resource_requirements | The type and amount of a resource to assign to a container. The only supported resource is a GPU. | list(object({\n type = string\n value = string\n })) | false |
|
||||||
|
container_cpu | The number of cpu units to reserve for the container. This is optional for tasks using Fargate launch type and the total amount of container_cpu of all containers in a task will need to be lower than the task-level cpu value | number | false |
|
||||||
|
entrypoint | The entry point that is passed to the container | list(string) | false |
|
||||||
|
map_environment | The environment variables to pass to the container. This is a map of string: {key: value}. map_environment overrides environment | map(string) | false |
|
||||||
|
system_controls | A list of namespaced kernel parameters to set in the container, mapping to the --sysctl option to docker run. This is a list of maps: { namespace = "", value = ""} | list(map(string)) | false |
|
||||||
|
links | List of container names this container can communicate with without port mappings | list(string) | false |
|
||||||
|
start_timeout | Time duration (in seconds) to wait before giving up on resolving dependencies for a container | number | false |
|
||||||
|
pseudo_terminal | When this parameter is true, a TTY is allocated. | bool | false |
|
||||||
|
docker_labels | The configuration options to send to the `docker_labels` | map(string) | false |
|
||||||
|
hostname | The hostname to use for your container. | string | false |
|
||||||
|
working_directory | The working directory to run commands inside the container | string | false |
|
||||||
|
ulimits | Container ulimit settings. This is a list of maps, where each map should contain "name", "hardLimit" and "softLimit" | list(object({\n name = string\n hardLimit = number\n softLimit = number\n })) | false |
|
||||||
|
volumes_from | A list of VolumesFrom maps which contain "sourceContainer" (name of the container that has the volumes to mount) and "readOnly" (whether the container can write to the volume) | list(object({\n sourceContainer = string\n readOnly = bool\n })) | false |
|
||||||
|
user | The user to run as inside the container. Can be any of these formats: user, user:group, uid, uid:gid, user:gid, uid:group. The default (null) will use the container's configured `USER` directive or root if not set. | string | false |
|
||||||
secrets | The secrets to pass to the container. This is a list of maps | list(object({\n name = string\n valueFrom = string\n })) | false |
|
secrets | The secrets to pass to the container. This is a list of maps | list(object({\n name = string\n valueFrom = string\n })) | false |
|
||||||
|
log_configuration | Log configuration options to send to a custom log driver for the container. For more details, see https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html | any | false |
|
||||||
firelens_configuration | The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more details, see https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_FirelensConfiguration.html | object({\n type = string\n options = map(string)\n }) | false |
|
firelens_configuration | The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more details, see https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_FirelensConfiguration.html | object({\n type = string\n options = map(string)\n }) | false |
|
||||||
mount_points | Container mount points. This is a list of maps, where each map should contain `containerPath`, `sourceVolume` and `readOnly` | list(object({\n containerPath = string\n sourceVolume = string\n readOnly = bool\n })) | false |
|
mount_points | Container mount points. This is a list of maps, where each map should contain `containerPath`, `sourceVolume` and `readOnly` | list(object({\n containerPath = string\n sourceVolume = string\n readOnly = bool\n })) | false |
|
||||||
|
container_memory | The amount of memory (in MiB) to allow the container to use. This is a hard limit, if the container attempts to exceed the container_memory, the container is killed. This field is optional for Fargate launch type and the total amount of container_memory of all containers in a task will need to be lower than the task memory value | number | false |
|
||||||
|
container_memory_reservation | The amount of memory (in MiB) to reserve for the container. If container needs to exceed this threshold, it can do so up to the set container_memory hard limit | number | false |
|
||||||
|
healthcheck | A map containing command (string), timeout, interval (duration in seconds), retries (1-10, number of times to retry before marking container unhealthy), and startPeriod (0-300, optional grace period to wait, in seconds, before failed healthchecks count toward retries) | object({\n command = list(string)\n retries = number\n timeout = number\n interval = number\n startPeriod = number\n }) | false |
|
||||||
|
extra_hosts | A list of hostnames and IP address mappings to append to the /etc/hosts file on the container. This is a list of maps | list(object({\n ipAddress = string\n hostname = string\n })) | false |
|
||||||
|
dns_servers | Container DNS servers. This is a list of strings specifying the IP addresses of the DNS servers | list(string) | false |
|
||||||
dns_search_domains | Container DNS search domains. A list of DNS search domains that are presented to the container | list(string) | false |
|
dns_search_domains | Container DNS search domains. A list of DNS search domains that are presented to the container | list(string) | false |
|
||||||
|
container_depends_on | The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. The condition can be one of START, COMPLETE, SUCCESS or HEALTHY | list(object({\n containerName = string\n condition = string\n })) | false |
|
||||||
|
interactive | When this parameter is true, this allows you to deploy containerized applications that require stdin or a tty to be allocated. | bool | false |
|
||||||
stop_timeout | Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own | number | false |
|
stop_timeout | Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own | number | false |
|
||||||
|
disable_networking | When this parameter is true, networking is disabled within the container. | bool | false |
|
||||||
container_name | The name of the container. Up to 255 characters ([a-z], [A-Z], [0-9], -, _ allowed) | string | true |
|
container_name | The name of the container. Up to 255 characters ([a-z], [A-Z], [0-9], -, _ allowed) | string | true |
|
||||||
|
container_image | The image used to start the container. Images in the Docker Hub registry available by default | string | true |
|
||||||
|
essential | Determines whether all other containers in a task are stopped, if this container fails or stops for any reason. Due to how Terraform type casts booleans in json it is required to double quote this value | bool | false |
|
||||||
|
environment_files | One or more files containing the environment variables to pass to the container. This maps to the --env-file option to docker run. The file must be hosted in Amazon S3. This option is only available to tasks using the EC2 launch type. This is a list of maps | list(object({\n value = string\n type = string\n })) | false |
|
||||||
|
environment | The environment variables to pass to the container. This is a list of maps. map_environment overrides environment | list(object({\n name = string\n value = string\n })) | false |
|
||||||
|
readonly_root_filesystem | Determines whether a container is given read-only access to its root filesystem. Due to how Terraform type casts booleans in json it is required to double quote this value | bool | false |
|
||||||
|
linux_parameters | Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more details, see https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LinuxParameters.html | object({\n capabilities = object({\n add = list(string)\n drop = list(string)\n })\n devices = list(object({\n containerPath = string\n hostPath = string\n permissions = list(string)\n }))\n initProcessEnabled = bool\n maxSwap = number\n sharedMemorySize = number\n swappiness = number\n tmpfs = list(object({\n containerPath = string\n mountOptions = list(string)\n size = number\n }))\n }) | false |
|
||||||
|
repository_credentials | Container repository credentials; required when using a private repo. This map currently supports a single key; "credentialsParameter", which should be the ARN of a Secrets Manager's secret holding the credentials | map(string) | false |
|
||||||
container_definition | Container definition overrides which allows for extra keys or overriding existing keys. | map(any) | false |
|
container_definition | Container definition overrides which allows for extra keys or overriding existing keys. | map(any) | false |
|
||||||
map_secrets | The secrets variables to pass to the container. This is a map of string: {key: value}. map_secrets overrides secrets | map(string) | false |
|
map_secrets | The secrets variables to pass to the container. This is a map of string: {key: value}. map_secrets overrides secrets | map(string) | false |
|
||||||
docker_labels | The configuration options to send to the `docker_labels` | map(string) | false |
|
|
||||||
container_memory_reservation | The amount of memory (in MiB) to reserve for the container. If container needs to exceed this threshold, it can do so up to the set container_memory hard limit | number | false |
|
|
||||||
environment_files | One or more files containing the environment variables to pass to the container. This maps to the --env-file option to docker run. The file must be hosted in Amazon S3. This option is only available to tasks using the EC2 launch type. This is a list of maps | list(object({\n value = string\n type = string\n })) | false |
|
|
||||||
log_configuration | Log configuration options to send to a custom log driver for the container. For more details, see https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html | any | false |
|
|
||||||
pseudo_terminal | When this parameter is true, a TTY is allocated. | bool | false |
|
|
||||||
port_mappings | The port mappings to configure for the container. This is a list of maps. Each map should contain "containerPort", "hostPort", and "protocol", where "protocol" is one of "tcp" or "udp". If using containers in a task with the awsvpc or host network mode, the hostPort can either be left blank or set to the same value as the containerPort | list(object({\n containerPort = number\n hostPort = number\n protocol = string\n })) | false |
|
|
||||||
environment | The environment variables to pass to the container. This is a list of maps. map_environment overrides environment | list(object({\n name = string\n value = string\n })) | false |
|
|
||||||
interactive | When this parameter is true, this allows you to deploy containerized applications that require stdin or a tty to be allocated. | bool | false |
|
|
||||||
user | The user to run as inside the container. Can be any of these formats: user, user:group, uid, uid:gid, user:gid, uid:group. The default (null) will use the container's configured `USER` directive or root if not set. | string | false |
|
|
||||||
container_depends_on | The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. The condition can be one of START, COMPLETE, SUCCESS or HEALTHY | list(object({\n containerName = string\n condition = string\n })) | false |
|
|
||||||
privileged | When this variable is `true`, the container is given elevated privileges on the host container instance (similar to the root user). This parameter is not supported for Windows containers or tasks using the Fargate launch type. | bool | false |
|
privileged | When this variable is `true`, the container is given elevated privileges on the host container instance (similar to the root user). This parameter is not supported for Windows containers or tasks using the Fargate launch type. | bool | false |
|
||||||
working_directory | The working directory to run commands inside the container | string | false |
|
docker_security_options | A list of strings to provide custom labels for SELinux and AppArmor multi-level security systems. | list(string) | false |
|
||||||
extra_hosts | A list of hostnames and IP address mappings to append to the /etc/hosts file on the container. This is a list of maps | list(object({\n ipAddress = string\n hostname = string\n })) | false |
|
|
||||||
links | List of container names this container can communicate with without port mappings | list(string) | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,30 +13,30 @@ AWS Eks-Cluster-Autoscaler
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
k8s_namespace | The K8s namespace in which the node-problem-detector service account has been created | string | false |
|
settings | Additional settings which will be passed to the Helm chart values, see https://hub.helm.sh/charts/stable/cluster-autoscaler | map(any) | false |
|
||||||
k8s_irsa_role_create | Whether to create IRSA role and annotate service account | bool | false |
|
argo_application_enabled | If set to true, the module will be deployed as ArgoCD application, otherwise it will be deployed as a Helm release | bool | false |
|
||||||
values | Additional yaml encoded values which will be passed to the Helm chart, see https://hub.helm.sh/charts/stable/cluster-autoscaler | string | false |
|
|
||||||
argo_application_values | Value overrides to use when deploying argo application object with helm | | false |
|
|
||||||
argo_project | ArgoCD Application project | string | false |
|
|
||||||
cluster_identity_oidc_issuer | The OIDC Identity issuer for the cluster | string | true |
|
|
||||||
cluster_identity_oidc_issuer_arn | The OIDC Identity issuer ARN for the cluster that can be used to associate IAM roles with a service account | string | true |
|
|
||||||
helm_repo_url | Helm repository | string | false |
|
|
||||||
argo_sync_policy | ArgoCD syncPolicy manifest parameter | | false |
|
|
||||||
helm_chart_name | Helm chart name to be installed | string | false |
|
|
||||||
helm_chart_version | Version of the Helm chart | string | false |
|
helm_chart_version | Version of the Helm chart | string | false |
|
||||||
k8s_rbac_create | Whether to create and use RBAC resources | bool | false |
|
k8s_service_account_create | Whether to create Service Account | bool | false |
|
||||||
|
helm_release_name | Helm release name | string | false |
|
||||||
|
helm_repo_url | Helm repository | string | false |
|
||||||
|
k8s_namespace | The K8s namespace in which the node-problem-detector service account has been created | string | false |
|
||||||
k8s_service_account_name | The k8s cluster-autoscaler service account name | | false |
|
k8s_service_account_name | The k8s cluster-autoscaler service account name | | false |
|
||||||
|
argo_application_values | Value overrides to use when deploying argo application object with helm | | false |
|
||||||
|
argo_sync_policy | ArgoCD syncPolicy manifest parameter | | false |
|
||||||
|
enabled | Variable indicating whether deployment is enabled | bool | false |
|
||||||
|
helm_chart_name | Helm chart name to be installed | string | false |
|
||||||
|
k8s_rbac_create | Whether to create and use RBAC resources | bool | false |
|
||||||
|
k8s_irsa_role_create | Whether to create IRSA role and annotate service account | bool | false |
|
||||||
|
argo_namespace | Namespace to deploy ArgoCD application CRD to | string | false |
|
||||||
argo_application_use_helm | If set to true, the ArgoCD Application manifest will be deployed using Kubernetes provider as a Helm release. Otherwise it'll be deployed as a Kubernetes manifest. See Readme for more info | bool | false |
|
argo_application_use_helm | If set to true, the ArgoCD Application manifest will be deployed using Kubernetes provider as a Helm release. Otherwise it'll be deployed as a Kubernetes manifest. See Readme for more info | bool | false |
|
||||||
argo_destionation_server | Destination server for ArgoCD Application | string | false |
|
argo_destionation_server | Destination server for ArgoCD Application | string | false |
|
||||||
cluster_name | The name of the cluster | string | true |
|
cluster_identity_oidc_issuer | The OIDC Identity issuer for the cluster | string | true |
|
||||||
helm_release_name | Helm release name | string | false |
|
|
||||||
k8s_service_account_create | Whether to create Service Account | bool | false |
|
|
||||||
argo_namespace | Namespace to deploy ArgoCD application CRD to | string | false |
|
|
||||||
argo_application_enabled | If set to true, the module will be deployed as ArgoCD application, otherwise it will be deployed as a Helm release | bool | false |
|
|
||||||
argo_info | ArgoCD info manifest parameter | | false |
|
|
||||||
enabled | Variable indicating whether deployment is enabled | bool | false |
|
|
||||||
helm_create_namespace | Create the namespace if it does not yet exist | bool | false |
|
helm_create_namespace | Create the namespace if it does not yet exist | bool | false |
|
||||||
settings | Additional settings which will be passed to the Helm chart values, see https://hub.helm.sh/charts/stable/cluster-autoscaler | map(any) | false |
|
values | Additional yaml encoded values which will be passed to the Helm chart, see https://hub.helm.sh/charts/stable/cluster-autoscaler | string | false |
|
||||||
|
argo_project | ArgoCD Application project | string | false |
|
||||||
|
argo_info | ArgoCD info manifest parameter | | false |
|
||||||
|
cluster_name | The name of the cluster | string | true |
|
||||||
|
cluster_identity_oidc_issuer_arn | The OIDC Identity issuer ARN for the cluster that can be used to associate IAM roles with a service account | string | true |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,36 +13,36 @@ AWS Eks-External-Dns
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
helm_release_name | Helm release name | string | false |
|
|
||||||
helm_repo_url | Helm repository | string | false |
|
|
||||||
enabled | Variable indicating whether deployment is enabled | bool | false |
|
|
||||||
k8s_service_account_create | Whether to create Service Account | bool | false |
|
|
||||||
k8s_service_account_name | The k8s external-dns service account name | | false |
|
|
||||||
argo_destionation_server | Destination server for ArgoCD Application | string | false |
|
|
||||||
helm_chart_version | Version of the Helm chart | string | false |
|
|
||||||
k8s_irsa_role_name_prefix | The IRSA role name prefix for prometheus | string | false |
|
|
||||||
k8s_assume_role_arn | Assume role arn. Assume role must be enabled. | | false |
|
|
||||||
argo_application_enabled | If set to true, the module will be deployed as ArgoCD application, otherwise it will be deployed as a Helm release | bool | false |
|
|
||||||
argo_application_values | Value overrides to use when deploying argo application object with helm | | false |
|
|
||||||
argo_sync_policy | ArgoCD syncPolicy manifest parameter | | false |
|
|
||||||
helm_chart_name | Helm chart name to be installed | string | false |
|
|
||||||
policy_allowed_zone_ids | List of the Route53 zone ids for service account IAM role access | list(string) | false |
|
|
||||||
settings | Additional settings which will be passed to the Helm chart values, see https://hub.helm.sh/charts/bitnami/external-dns | map(any) | false |
|
|
||||||
k8s_irsa_role_create | Whether to create IRSA role and annotate service account | bool | false |
|
|
||||||
k8s_irsa_policy_enabled | Whether to create opinionated policy to allow operations on specified zones in `policy_allowed_zone_ids`. | bool | false |
|
k8s_irsa_policy_enabled | Whether to create opinionated policy to allow operations on specified zones in `policy_allowed_zone_ids`. | bool | false |
|
||||||
|
argo_application_enabled | If set to true, the module will be deployed as ArgoCD application, otherwise it will be deployed as a Helm release | bool | false |
|
||||||
|
argo_destionation_server | Destination server for ArgoCD Application | string | false |
|
||||||
argo_project | ArgoCD Application project | string | false |
|
argo_project | ArgoCD Application project | string | false |
|
||||||
tags | AWS resources tags | map(string) | false |
|
|
||||||
k8s_irsa_additional_policies | Map of the additional policies to be attached to default role. Where key is arbiraty id and value is policy arn. | map(string) | false |
|
|
||||||
argo_namespace | Namespace to deploy ArgoCD application CRD to | string | false |
|
|
||||||
cluster_identity_oidc_issuer | The OIDC Identity issuer for the cluster | string | true |
|
|
||||||
cluster_identity_oidc_issuer_arn | The OIDC Identity issuer ARN for the cluster that can be used to associate IAM roles with a service account | string | true |
|
|
||||||
helm_create_namespace | Whether to create k8s namespace with name defined by `k8s_namespace` | bool | false |
|
|
||||||
k8s_namespace | The K8s namespace in which the external-dns will be installed | string | false |
|
|
||||||
k8s_rbac_create | Whether to create and use RBAC resources | bool | false |
|
|
||||||
k8s_assume_role_enabled | Whether IRSA is allowed to assume role defined by k8s_assume_role_arn. Useful for hosted zones in another AWS account. | bool | false |
|
|
||||||
argo_application_use_helm | If set to true, the ArgoCD Application manifest will be deployed using Kubernetes provider as a Helm release. Otherwise it'll be deployed as a Kubernetes manifest. See Readme for more info | bool | false |
|
|
||||||
values | Additional yaml encoded values which will be passed to the Helm chart, see https://hub.helm.sh/charts/bitnami/external-dns | string | false |
|
values | Additional yaml encoded values which will be passed to the Helm chart, see https://hub.helm.sh/charts/bitnami/external-dns | string | false |
|
||||||
|
k8s_rbac_create | Whether to create and use RBAC resources | bool | false |
|
||||||
|
k8s_service_account_name | The k8s external-dns service account name | | false |
|
||||||
|
k8s_irsa_role_create | Whether to create IRSA role and annotate service account | bool | false |
|
||||||
|
k8s_irsa_additional_policies | Map of the additional policies to be attached to default role. Where key is arbiraty id and value is policy arn. | map(string) | false |
|
||||||
argo_info | ArgoCD info manifest parameter | | false |
|
argo_info | ArgoCD info manifest parameter | | false |
|
||||||
|
cluster_identity_oidc_issuer | The OIDC Identity issuer for the cluster | string | true |
|
||||||
|
k8s_assume_role_arn | Assume role arn. Assume role must be enabled. | | false |
|
||||||
|
policy_allowed_zone_ids | List of the Route53 zone ids for service account IAM role access | list(string) | false |
|
||||||
|
argo_application_use_helm | If set to true, the ArgoCD Application manifest will be deployed using Kubernetes provider as a Helm release. Otherwise it'll be deployed as a Kubernetes manifest. See Readme for more info | bool | false |
|
||||||
|
enabled | Variable indicating whether deployment is enabled | bool | false |
|
||||||
|
helm_chart_name | Helm chart name to be installed | string | false |
|
||||||
|
k8s_irsa_role_name_prefix | The IRSA role name prefix for prometheus | string | false |
|
||||||
|
argo_application_values | Value overrides to use when deploying argo application object with helm | | false |
|
||||||
|
cluster_identity_oidc_issuer_arn | The OIDC Identity issuer ARN for the cluster that can be used to associate IAM roles with a service account | string | true |
|
||||||
|
helm_chart_version | Version of the Helm chart | string | false |
|
||||||
|
helm_repo_url | Helm repository | string | false |
|
||||||
|
k8s_namespace | The K8s namespace in which the external-dns will be installed | string | false |
|
||||||
|
k8s_service_account_create | Whether to create Service Account | bool | false |
|
||||||
|
k8s_assume_role_enabled | Whether IRSA is allowed to assume role defined by k8s_assume_role_arn. Useful for hosted zones in another AWS account. | bool | false |
|
||||||
|
helm_release_name | Helm release name | string | false |
|
||||||
|
helm_create_namespace | Whether to create k8s namespace with name defined by `k8s_namespace` | bool | false |
|
||||||
|
settings | Additional settings which will be passed to the Helm chart values, see https://hub.helm.sh/charts/bitnami/external-dns | map(any) | false |
|
||||||
|
argo_namespace | Namespace to deploy ArgoCD application CRD to | string | false |
|
||||||
|
argo_sync_policy | ArgoCD syncPolicy manifest parameter | | false |
|
||||||
|
tags | AWS resources tags | map(string) | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,15 +13,15 @@ AWS Eks-Kube-State-Metrics
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
helm_chart_name | Helm chart name to be installed | string | false |
|
values | Additional yaml encoded values which will be passed to the Helm chart. | string | false |
|
||||||
helm_release_name | Helm release name | string | false |
|
|
||||||
helm_repo_url | Helm repository | string | false |
|
|
||||||
k8s_namespace | The K8s namespace in which the kube-state-metrics service account has been created | string | false |
|
k8s_namespace | The K8s namespace in which the kube-state-metrics service account has been created | string | false |
|
||||||
settings | Additional settings which will be passed to the Helm chart values, see https://hub.helm.sh/charts/stable/kube-state-metrics | map(any) | false |
|
settings | Additional settings which will be passed to the Helm chart values, see https://hub.helm.sh/charts/stable/kube-state-metrics | map(any) | false |
|
||||||
|
helm_chart_name | Helm chart name to be installed | string | false |
|
||||||
|
helm_chart_version | Version of the Helm chart | string | false |
|
||||||
|
helm_release_name | Helm release name | string | false |
|
||||||
|
helm_repo_url | Helm repository | string | false |
|
||||||
enabled | Variable indicating whether deployment is enabled | bool | false |
|
enabled | Variable indicating whether deployment is enabled | bool | false |
|
||||||
helm_create_namespace | Create the namespace if it does not yet exist | bool | false |
|
helm_create_namespace | Create the namespace if it does not yet exist | bool | false |
|
||||||
helm_chart_version | Version of the Helm chart | string | false |
|
|
||||||
values | Additional yaml encoded values which will be passed to the Helm chart. | string | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,23 +13,23 @@ A terraform module to deploy a node problem detector on Amazon EKS cluster
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
argo_application_enabled | If set to true, the module will be deployed as ArgoCD application, otherwise it will be deployed as a Helm release | bool | false |
|
|
||||||
argo_info | ArgoCD info manifest parameter | | false |
|
|
||||||
argo_destionation_server | Destination server for ArgoCD Application | string | false |
|
|
||||||
argo_project | ArgoCD Application project | string | false |
|
|
||||||
argo_sync_policy | ArgoCD syncPolicy manifest parameter | | false |
|
|
||||||
helm_chart_version | Version of the Helm chart | string | false |
|
helm_chart_version | Version of the Helm chart | string | false |
|
||||||
|
argo_application_use_helm | If set to true, the ArgoCD Application manifest will be deployed using Kubernetes provider as a Helm release. Otherwise it'll be deployed as a Kubernetes manifest. See Readme for more info | bool | false |
|
||||||
|
argo_application_values | Value overrides to use when deploying argo application object with helm | | false |
|
||||||
|
argo_info | ArgoCD info manifest parameter | | false |
|
||||||
helm_repo_url | Helm repository | string | false |
|
helm_repo_url | Helm repository | string | false |
|
||||||
|
k8s_namespace | The K8s namespace in which the node-problem-detector service account has been created | string | false |
|
||||||
|
settings | Additional settings which will be passed to the Helm chart values, see https://hub.helm.sh/charts/stable/node-problem-detector | map(any) | false |
|
||||||
|
argo_sync_policy | ArgoCD syncPolicy manifest parameter | | false |
|
||||||
|
enabled | Variable indicating whether deployment is enabled | bool | false |
|
||||||
|
helm_release_name | Helm release name | string | false |
|
||||||
|
argo_application_enabled | If set to true, the module will be deployed as ArgoCD application, otherwise it will be deployed as a Helm release | bool | false |
|
||||||
|
argo_project | ArgoCD Application project | string | false |
|
||||||
|
argo_destionation_server | Destination server for ArgoCD Application | string | false |
|
||||||
|
helm_create_namespace | Create the namespace if it does not yet exist | bool | false |
|
||||||
|
helm_chart_name | Helm chart name to be installed | string | false |
|
||||||
values | Additional yaml encoded values which will be passed to the Helm chart | string | false |
|
values | Additional yaml encoded values which will be passed to the Helm chart | string | false |
|
||||||
argo_namespace | Namespace to deploy ArgoCD application CRD to | string | false |
|
argo_namespace | Namespace to deploy ArgoCD application CRD to | string | false |
|
||||||
argo_application_use_helm | If set to true, the ArgoCD Application manifest will be deployed using Kubernetes provider as a Helm release. Otherwise it'll be deployed as a Kubernetes manifest. See Readme for more info | bool | false |
|
|
||||||
helm_create_namespace | Create the namespace if it does not yet exist | bool | false |
|
|
||||||
settings | Additional settings which will be passed to the Helm chart values, see https://hub.helm.sh/charts/stable/node-problem-detector | map(any) | false |
|
|
||||||
helm_release_name | Helm release name | string | false |
|
|
||||||
k8s_namespace | The K8s namespace in which the node-problem-detector service account has been created | string | false |
|
|
||||||
argo_application_values | Value overrides to use when deploying argo application object with helm | | false |
|
|
||||||
enabled | Variable indicating whether deployment is enabled | bool | false |
|
|
||||||
helm_chart_name | Helm chart name to be installed | string | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,59 +13,68 @@ Terraform module to create an Elastic Kubernetes (EKS) cluster and associated wo
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
cluster_additional_security_group_ids | List of additional, externally created security group IDs to attach to the cluster control plane | list(string) | false |
|
|
||||||
openid_connect_audiences | List of OpenID Connect audience client IDs to add to the IRSA provider | list(string) | false |
|
|
||||||
iam_role_path | Cluster IAM role path | string | false |
|
|
||||||
cluster_name | Name of the EKS cluster | string | false |
|
|
||||||
cloudwatch_log_group_kms_key_id | If a KMS Key ARN is set, this key will be used to encrypt the corresponding log group. Please be sure that the KMS Key has an appropriate key policy (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html) | string | false |
|
|
||||||
cluster_security_group_id | Existing security group ID to be attached to the cluster. Required if `create_cluster_security_group` = `false` | string | false |
|
|
||||||
cluster_security_group_additional_rules | List of additional security group rules to add to the cluster security group created. Set `source_node_security_group = true` inside rules to set the `node_security_group` as source | any | false |
|
|
||||||
cluster_security_group_tags | A map of additional tags to add to the cluster security group created | map(string) | false |
|
|
||||||
node_security_group_id | ID of an existing security group to attach to the node groups created | string | false |
|
|
||||||
node_security_group_additional_rules | List of additional security group rules to add to the node security group created. Set `source_cluster_security_group = true` inside rules to set the `cluster_security_group` as source | any | false |
|
|
||||||
enable_irsa | Determines whether to create an OpenID Connect Provider for EKS to enable IRSA | bool | false |
|
|
||||||
iam_role_use_name_prefix | Determines whether the IAM role name (`iam_role_name`) is used as a prefix | string | false |
|
|
||||||
self_managed_node_groups | Map of self-managed node group definitions to create | any | false |
|
|
||||||
cluster_service_ipv4_cidr | The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks | string | false |
|
|
||||||
eks_managed_node_groups | Map of EKS managed node group definitions to create | any | false |
|
|
||||||
cluster_endpoint_public_access_cidrs | List of CIDR blocks which can access the Amazon EKS public API server endpoint | list(string) | false |
|
|
||||||
cluster_timeouts | Create, update, and delete timeout configurations for the cluster | map(string) | false |
|
|
||||||
cluster_security_group_description | Description of the cluster security group created | string | false |
|
|
||||||
iam_role_additional_policies | Additional policies to be added to the IAM role | list(string) | false |
|
|
||||||
subnet_ids | A list of subnet IDs where the EKS cluster (ENIs) will be provisioned along with the nodes/node groups. Node groups can be deployed within a different set of subnet IDs from within the node group configuration | list(string) | false |
|
|
||||||
cluster_encryption_config | Configuration block with encryption configuration for the cluster | list(object({\n provider_key_arn = string\n resources = list(string)\n })) | false |
|
|
||||||
cluster_security_group_name | Name to use on cluster security group created | string | false |
|
|
||||||
create_node_security_group | Determines whether to create a security group for the node groups or use the existing `node_security_group_id` | bool | false |
|
|
||||||
iam_role_arn | Existing IAM role ARN for the cluster. Required if `create_iam_role` is set to `false` | string | false |
|
|
||||||
iam_role_tags | A map of additional tags to add to the IAM role created | map(string) | false |
|
|
||||||
cluster_endpoint_public_access | Indicates whether or not the Amazon EKS public API server endpoint is enabled | bool | false |
|
|
||||||
cluster_tags | A map of additional tags to add to the cluster | map(string) | false |
|
|
||||||
create_cloudwatch_log_group | Determines whether a log group is created by this module for the cluster logs. If not, AWS will automatically create one if logging is enabled | bool | false |
|
|
||||||
create_cluster_security_group | Determines if a security group is created for the cluster or use the existing `cluster_security_group_id` | bool | false |
|
|
||||||
tags | A map of tags to add to all resources | map(string) | false |
|
|
||||||
node_security_group_use_name_prefix | Determines whether node security group name (`node_security_group_name`) is used as a prefix | string | false |
|
|
||||||
create_iam_role | Determines whether a an IAM role is created or to use an existing IAM role | bool | false |
|
|
||||||
create | Controls if EKS resources should be created (affects nearly all resources) | bool | false |
|
create | Controls if EKS resources should be created (affects nearly all resources) | bool | false |
|
||||||
cloudwatch_log_group_retention_in_days | Number of days to retain log events. Default retention - 90 days | number | false |
|
cluster_name | Name of the EKS cluster | string | false |
|
||||||
|
cluster_timeouts | Create, update, and delete timeout configurations for the cluster | map(string) | false |
|
||||||
create_cni_ipv6_iam_policy | Determines whether to create an [`AmazonEKS_CNI_IPv6_Policy`](https://docs.aws.amazon.com/eks/latest/userguide/cni-iam-role.html#cni-iam-role-create-ipv6-policy) | bool | false |
|
create_cni_ipv6_iam_policy | Determines whether to create an [`AmazonEKS_CNI_IPv6_Policy`](https://docs.aws.amazon.com/eks/latest/userguide/cni-iam-role.html#cni-iam-role-create-ipv6-policy) | bool | false |
|
||||||
node_security_group_tags | A map of additional tags to add to the node security group created | map(string) | false |
|
node_security_group_use_name_prefix | Determines whether node security group name (`node_security_group_name`) is used as a prefix | string | false |
|
||||||
|
fargate_profile_defaults | Map of Fargate Profile default configurations | any | false |
|
||||||
|
custom_oidc_thumbprints | Additional list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s) | list(string) | false |
|
||||||
|
iam_role_additional_policies | Additional policies to be added to the IAM role | list(string) | false |
|
||||||
|
eks_managed_node_groups | Map of EKS managed node group definitions to create | any | false |
|
||||||
|
eks_managed_node_group_defaults | Map of EKS managed node group default configurations | any | false |
|
||||||
|
cluster_version | Kubernetes `<major>.<minor>` version to use for the EKS cluster (i.e.: `1.21`) | string | false |
|
||||||
|
cluster_security_group_use_name_prefix | Determines whether cluster security group name (`cluster_security_group_name`) is used as a prefix | string | false |
|
||||||
|
cluster_iam_role_dns_suffix | Base DNS domain name for the current partition (e.g., amazonaws.com in AWS Commercial, amazonaws.com.cn in AWS China) | string | false |
|
||||||
|
cluster_endpoint_public_access | Indicates whether or not the Amazon EKS public API server endpoint is enabled | bool | false |
|
||||||
iam_role_description | Description of the role | string | false |
|
iam_role_description | Description of the role | string | false |
|
||||||
|
tags | A map of tags to add to all resources | map(string) | false |
|
||||||
|
cluster_security_group_name | Name to use on cluster security group created | string | false |
|
||||||
|
node_security_group_id | ID of an existing security group to attach to the node groups created | string | false |
|
||||||
|
node_security_group_name | Name to use on node security group created | string | false |
|
||||||
|
iam_role_path | Cluster IAM role path | string | false |
|
||||||
|
attach_cluster_encryption_policy | Indicates whether or not to attach an additional policy for the cluster IAM role to utilize the encryption key provided | bool | false |
|
||||||
|
fargate_profiles | Map of Fargate Profile definitions to create | any | false |
|
||||||
|
cluster_endpoint_public_access_cidrs | List of CIDR blocks which can access the Amazon EKS public API server endpoint | list(string) | false |
|
||||||
|
cluster_encryption_config | Configuration block with encryption configuration for the cluster | list(object({\n provider_key_arn = string\n resources = list(string)\n })) | false |
|
||||||
|
create_iam_role | Determines whether a an IAM role is created or to use an existing IAM role | bool | false |
|
||||||
|
self_managed_node_groups | Map of self-managed node group definitions to create | any | false |
|
||||||
|
putin_khuylo | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | bool | false |
|
||||||
|
cluster_additional_security_group_ids | List of additional, externally created security group IDs to attach to the cluster control plane | list(string) | false |
|
||||||
|
cluster_endpoint_private_access | Indicates whether or not the Amazon EKS private API server endpoint is enabled | bool | false |
|
||||||
|
vpc_id | ID of the VPC where the cluster and its nodes will be provisioned | string | false |
|
||||||
|
cluster_security_group_tags | A map of additional tags to add to the cluster security group created | map(string) | false |
|
||||||
|
iam_role_use_name_prefix | Determines whether the IAM role name (`iam_role_name`) is used as a prefix | string | false |
|
||||||
|
cluster_encryption_policy_name | Name to use on cluster encryption policy created | string | false |
|
||||||
|
cluster_encryption_policy_tags | A map of additional tags to add to the cluster encryption policy created | map(string) | false |
|
||||||
|
cluster_security_group_additional_rules | List of additional security group rules to add to the cluster security group created. Set `source_node_security_group = true` inside rules to set the `node_security_group` as source | any | false |
|
||||||
|
node_security_group_description | Description of the node security group created | string | false |
|
||||||
|
iam_role_tags | A map of additional tags to add to the IAM role created | map(string) | false |
|
||||||
|
self_managed_node_group_defaults | Map of self-managed node group default configurations | any | false |
|
||||||
|
cloudwatch_log_group_retention_in_days | Number of days to retain log events. Default retention - 90 days | number | false |
|
||||||
|
node_security_group_additional_rules | List of additional security group rules to add to the node security group created. Set `source_cluster_security_group = true` inside rules to set the `cluster_security_group` as source | any | false |
|
||||||
|
node_security_group_tags | A map of additional tags to add to the node security group created | map(string) | false |
|
||||||
|
iam_role_arn | Existing IAM role ARN for the cluster. Required if `create_iam_role` is set to `false` | string | false |
|
||||||
iam_role_name | Name to use on IAM role created | string | false |
|
iam_role_name | Name to use on IAM role created | string | false |
|
||||||
|
cluster_encryption_policy_use_name_prefix | Determines whether cluster encryption policy name (`cluster_encryption_policy_name`) is used as a prefix | string | false |
|
||||||
|
cluster_identity_providers | Map of cluster identity provider configurations to enable for the cluster. Note - this is different/separate from IRSA | any | false |
|
||||||
|
cloudwatch_log_group_kms_key_id | If a KMS Key ARN is set, this key will be used to encrypt the corresponding log group. Please be sure that the KMS Key has an appropriate key policy (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html) | string | false |
|
||||||
|
create_cluster_security_group | Determines if a security group is created for the cluster or use the existing `cluster_security_group_id` | bool | false |
|
||||||
|
openid_connect_audiences | List of OpenID Connect audience client IDs to add to the IRSA provider | list(string) | false |
|
||||||
prefix_separator | The separator to use between the prefix and the generated timestamp for resource names | string | false |
|
prefix_separator | The separator to use between the prefix and the generated timestamp for resource names | string | false |
|
||||||
cluster_ip_family | The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created | string | false |
|
cluster_ip_family | The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created | string | false |
|
||||||
vpc_id | ID of the VPC where the cluster and its nodes will be provisioned | string | false |
|
cluster_service_ipv4_cidr | The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks | string | false |
|
||||||
cluster_security_group_use_name_prefix | Determines whether cluster security group name (`cluster_security_group_name`) is used as a prefix | string | false |
|
cluster_tags | A map of additional tags to add to the cluster | map(string) | false |
|
||||||
node_security_group_name | Name to use on node security group created | string | false |
|
create_cloudwatch_log_group | Determines whether a log group is created by this module for the cluster logs. If not, AWS will automatically create one if logging is enabled | bool | false |
|
||||||
cluster_identity_providers | Map of cluster identity provider configurations to enable for the cluster. Note - this is different/separate from IRSA | any | false |
|
cluster_security_group_description | Description of the cluster security group created | string | false |
|
||||||
self_managed_node_group_defaults | Map of self-managed node group default configurations | any | false |
|
subnet_ids | A list of subnet IDs where the EKS cluster (ENIs) will be provisioned along with the nodes/node groups. Node groups can be deployed within a different set of subnet IDs from within the node group configuration | list(string) | false |
|
||||||
eks_managed_node_group_defaults | Map of EKS managed node group default configurations | any | false |
|
enable_irsa | Determines whether to create an OpenID Connect Provider for EKS to enable IRSA | bool | false |
|
||||||
|
cluster_encryption_policy_description | Description of the cluster encryption policy created | string | false |
|
||||||
cluster_enabled_log_types | A list of the desired control plane logs to enable. For more information, see Amazon EKS Control Plane Logging documentation (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) | list(string) | false |
|
cluster_enabled_log_types | A list of the desired control plane logs to enable. For more information, see Amazon EKS Control Plane Logging documentation (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html) | list(string) | false |
|
||||||
cluster_endpoint_private_access | Indicates whether or not the Amazon EKS private API server endpoint is enabled | bool | false |
|
create_node_security_group | Determines whether to create a security group for the node groups or use the existing `node_security_group_id` | bool | false |
|
||||||
fargate_profiles | Map of Fargate Profile definitions to create | any | false |
|
cluster_security_group_id | Existing security group ID to be attached to the cluster. Required if `create_cluster_security_group` = `false` | string | false |
|
||||||
cluster_version | Kubernetes `<major>.<minor>` version to use for the EKS cluster (i.e.: `1.21`) | string | false |
|
|
||||||
iam_role_permissions_boundary | ARN of the policy that is used to set the permissions boundary for the IAM role | string | false |
|
iam_role_permissions_boundary | ARN of the policy that is used to set the permissions boundary for the IAM role | string | false |
|
||||||
fargate_profile_defaults | Map of Fargate Profile default configurations | any | false |
|
cluster_encryption_policy_path | Cluster encryption policy path | string | false |
|
||||||
node_security_group_description | Description of the node security group created | string | false |
|
|
||||||
cluster_addons | Map of cluster addon configurations to enable for the cluster. Addon name can be the map keys or set with `name` | any | false |
|
cluster_addons | Map of cluster addon configurations to enable for the cluster. Addon name can be the map keys or set with `name` | any | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,42 +13,42 @@ Terraform module to provision an ElastiCache Redis Cluster
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
maintenance_window | Maintenance window | string | false |
|
|
||||||
elasticache_subnet_group_name | Subnet group name for the ElastiCache instance | string | false |
|
|
||||||
alarm_actions | Alarm action list | list(string) | false |
|
|
||||||
vpc_id | VPC ID | string | true |
|
|
||||||
alarm_memory_threshold_bytes | Ram threshold alarm level | number | false |
|
|
||||||
availability_zones | Availability zone IDs | list(string) | false |
|
|
||||||
cloudwatch_metric_alarms_enabled | Boolean flag to enable/disable CloudWatch metrics alarms | bool | false |
|
|
||||||
parameter_group_description | Managed by Terraform | string | false |
|
|
||||||
cluster_size | Number of nodes in cluster. *Ignored when `cluster_mode_enabled` == `true`* | number | false |
|
|
||||||
instance_type | Elastic cache instance type | string | false |
|
instance_type | Elastic cache instance type | string | false |
|
||||||
transit_encryption_enabled | Set `true` to enable encryption in transit. Forced `true` if `var.auth_token` is set.\nIf this is enabled, use the [following guide](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/in-transit-encryption.html#connect-tls) to access redis.\n | bool | false |
|
|
||||||
notification_topic_arn | Notification topic arn | string | false |
|
|
||||||
dns_subdomain | The subdomain to use for the CNAME record. If not provided then the CNAME record will use var.name. | string | false |
|
|
||||||
auth_token | Auth token for password protecting redis, `transit_encryption_enabled` must be set to `true`. Password must be longer than 16 chars | string | false |
|
|
||||||
snapshot_arns | A single-element string list containing an Amazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3. Example: arn:aws:s3:::my_bucket/snapshot1.rdb | list(string) | false |
|
|
||||||
subnets | Subnet IDs | list(string) | false |
|
|
||||||
apply_immediately | Apply changes immediately | bool | false |
|
apply_immediately | Apply changes immediately | bool | false |
|
||||||
snapshot_window | The daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. | string | false |
|
auth_token | Auth token for password protecting redis, `transit_encryption_enabled` must be set to `true`. Password must be longer than 16 chars | string | false |
|
||||||
cluster_mode_enabled | Flag to enable/disable creation of a native redis cluster. `automatic_failover_enabled` must be set to `true`. Only 1 `cluster_mode` block is allowed | bool | false |
|
|
||||||
ok_actions | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Number (ARN) | list(string) | false |
|
|
||||||
automatic_failover_enabled | Automatic failover (Not available for T1/T2 instances) | bool | false |
|
|
||||||
multi_az_enabled | Multi AZ (Automatic Failover must also be enabled. If Cluster Mode is enabled, Multi AZ is on by default, and this setting is ignored) | bool | false |
|
|
||||||
replication_group_id | Replication group ID with the following constraints: \nA name must contain from 1 to 20 alphanumeric characters or hyphens. \n The first character must be a letter. \n A name cannot end with a hyphen or contain two consecutive hyphens. | string | false |
|
|
||||||
cluster_mode_replicas_per_node_group | Number of replica nodes in each node group. Valid values are 0 to 5. Changing this number will force a new resource | number | false |
|
|
||||||
family | Redis family | string | false |
|
|
||||||
zone_id | Route53 DNS Zone ID as list of string (0 or 1 items). If empty, no custom DNS name will be published.\nIf the list contains a single Zone ID, a custom DNS name will be pulished in that zone.\nCan also be a plain string, but that use is DEPRECATED because of Terraform issues.\n | any | false |
|
|
||||||
kms_key_id | The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. `at_rest_encryption_enabled` must be set to `true` | string | false |
|
|
||||||
final_snapshot_identifier | The name of your final node group (shard) snapshot. ElastiCache creates the snapshot from the primary node in the cluster. If omitted, no final snapshot will be made. | string | false |
|
|
||||||
cluster_mode_num_node_groups | Number of node groups (shards) for this Redis replication group. Changing this number will trigger an online resizing operation before other settings modifications | number | false |
|
|
||||||
parameter | A list of Redis parameters to apply. Note that parameters may differ from one Redis family to another | list(object({\n name = string\n value = string\n })) | false |
|
|
||||||
engine_version | Redis engine version | string | false |
|
|
||||||
at_rest_encryption_enabled | Enable encryption at rest | bool | false |
|
|
||||||
alarm_cpu_threshold_percent | CPU threshold alarm level | number | false |
|
|
||||||
snapshot_name | The name of a snapshot from which to restore data into the new node group. Changing the snapshot_name forces a new resource. | string | false |
|
snapshot_name | The name of a snapshot from which to restore data into the new node group. Changing the snapshot_name forces a new resource. | string | false |
|
||||||
snapshot_retention_limit | The number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. | number | false |
|
vpc_id | VPC ID | string | true |
|
||||||
|
subnets | Subnet IDs | list(string) | false |
|
||||||
|
dns_subdomain | The subdomain to use for the CNAME record. If not provided then the CNAME record will use var.name. | string | false |
|
||||||
|
engine_version | Redis engine version | string | false |
|
||||||
|
alarm_cpu_threshold_percent | CPU threshold alarm level | number | false |
|
||||||
|
multi_az_enabled | Multi AZ (Automatic Failover must also be enabled. If Cluster Mode is enabled, Multi AZ is on by default, and this setting is ignored) | bool | false |
|
||||||
|
kms_key_id | The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. `at_rest_encryption_enabled` must be set to `true` | string | false |
|
||||||
|
replication_group_id | Replication group ID with the following constraints: \nA name must contain from 1 to 20 alphanumeric characters or hyphens. \n The first character must be a letter. \n A name cannot end with a hyphen or contain two consecutive hyphens. | string | false |
|
||||||
|
elasticache_subnet_group_name | Subnet group name for the ElastiCache instance | string | false |
|
||||||
|
maintenance_window | Maintenance window | string | false |
|
||||||
|
parameter | A list of Redis parameters to apply. Note that parameters may differ from one Redis family to another | list(object({\n name = string\n value = string\n })) | false |
|
||||||
|
cluster_mode_enabled | Flag to enable/disable creation of a native redis cluster. `automatic_failover_enabled` must be set to `true`. Only 1 `cluster_mode` block is allowed | bool | false |
|
||||||
|
family | Redis family | string | false |
|
||||||
|
at_rest_encryption_enabled | Enable encryption at rest | bool | false |
|
||||||
|
transit_encryption_enabled | Set `true` to enable encryption in transit. Forced `true` if `var.auth_token` is set.\nIf this is enabled, use the [following guide](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/in-transit-encryption.html#connect-tls) to access redis.\n | bool | false |
|
||||||
|
alarm_memory_threshold_bytes | Ram threshold alarm level | number | false |
|
||||||
|
automatic_failover_enabled | Automatic failover (Not available for T1/T2 instances) | bool | false |
|
||||||
|
availability_zones | Availability zone IDs | list(string) | false |
|
||||||
|
parameter_group_description | Managed by Terraform | string | false |
|
||||||
|
notification_topic_arn | Notification topic arn | string | false |
|
||||||
|
ok_actions | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Number (ARN) | list(string) | false |
|
||||||
|
cluster_mode_replicas_per_node_group | Number of replica nodes in each node group. Valid values are 0 to 5. Changing this number will force a new resource | number | false |
|
||||||
|
snapshot_arns | A single-element string list containing an Amazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3. Example: arn:aws:s3:::my_bucket/snapshot1.rdb | list(string) | false |
|
||||||
|
snapshot_window | The daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. | string | false |
|
||||||
|
final_snapshot_identifier | The name of your final node group (shard) snapshot. ElastiCache creates the snapshot from the primary node in the cluster. If omitted, no final snapshot will be made. | string | false |
|
||||||
|
cluster_size | Number of nodes in cluster. *Ignored when `cluster_mode_enabled` == `true`* | number | false |
|
||||||
port | Redis port | number | false |
|
port | Redis port | number | false |
|
||||||
|
alarm_actions | Alarm action list | list(string) | false |
|
||||||
|
zone_id | Route53 DNS Zone ID as list of string (0 or 1 items). If empty, no custom DNS name will be published.\nIf the list contains a single Zone ID, a custom DNS name will be pulished in that zone.\nCan also be a plain string, but that use is DEPRECATED because of Terraform issues.\n | any | false |
|
||||||
|
snapshot_retention_limit | The number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. | number | false |
|
||||||
|
cluster_mode_num_node_groups | Number of node groups (shards) for this Redis replication group. Changing this number will trigger an online resizing operation before other settings modifications | number | false |
|
||||||
|
cloudwatch_metric_alarms_enabled | Boolean flag to enable/disable CloudWatch metrics alarms | bool | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,22 +13,22 @@ Terraform module which creates ELB resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
internal | If true, ELB will be an internal ELB | bool | false |
|
|
||||||
idle_timeout | The time in seconds that the connection is allowed to be idle | number | false |
|
|
||||||
connection_draining_timeout | The time in seconds to allow for connections to drain | number | false |
|
|
||||||
create_elb | Create the elb or not | bool | false |
|
|
||||||
subnets | A list of subnet IDs to attach to the ELB | list(string) | true |
|
|
||||||
access_logs | An access logs block | map(string) | false |
|
|
||||||
number_of_instances | Number of instances to attach to ELB | number | false |
|
|
||||||
tags | A mapping of tags to assign to the resource | map(string) | false |
|
|
||||||
name | The name of the ELB | string | false |
|
name | The name of the ELB | string | false |
|
||||||
security_groups | A list of security group IDs to assign to the ELB | list(string) | true |
|
|
||||||
connection_draining | Boolean to enable connection draining | bool | false |
|
|
||||||
health_check | A health check block | map(string) | true |
|
|
||||||
instances | List of instances ID to place in the ELB pool | list(string) | false |
|
|
||||||
name_prefix | The prefix name of the ELB | string | false |
|
name_prefix | The prefix name of the ELB | string | false |
|
||||||
cross_zone_load_balancing | Enable cross-zone load balancing | bool | false |
|
|
||||||
listener | A list of listener blocks | list(map(string)) | true |
|
listener | A list of listener blocks | list(map(string)) | true |
|
||||||
|
number_of_instances | Number of instances to attach to ELB | number | false |
|
||||||
|
health_check | A health check block | map(string) | true |
|
||||||
|
create_elb | Create the elb or not | bool | false |
|
||||||
|
security_groups | A list of security group IDs to assign to the ELB | list(string) | true |
|
||||||
|
subnets | A list of subnet IDs to attach to the ELB | list(string) | true |
|
||||||
|
internal | If true, ELB will be an internal ELB | bool | false |
|
||||||
|
cross_zone_load_balancing | Enable cross-zone load balancing | bool | false |
|
||||||
|
connection_draining | Boolean to enable connection draining | bool | false |
|
||||||
|
connection_draining_timeout | The time in seconds to allow for connections to drain | number | false |
|
||||||
|
tags | A mapping of tags to assign to the resource | map(string) | false |
|
||||||
|
instances | List of instances ID to place in the ELB pool | list(string) | false |
|
||||||
|
idle_timeout | The time in seconds that the connection is allowed to be idle | number | false |
|
||||||
|
access_logs | An access logs block | map(string) | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,102 @@
|
||||||
|
---
|
||||||
|
title: AWS EMR
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform module which creates EMR on AWS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
use_existing_managed_master_security_group | If set to `true`, will use variable `managed_master_security_group` using an existing security group that was created outside of this module | bool | false |
|
||||||
|
use_existing_additional_slave_security_group | If set to `true`, will use variable `additional_slave_security_group` using an existing security group that was created outside of this module | bool | false |
|
||||||
|
master_allowed_security_groups | List of security groups to be allowed to connect to the master instances | list(string) | false |
|
||||||
|
slave_allowed_cidr_blocks | List of CIDR blocks to be allowed to access the slave instances | list(string) | false |
|
||||||
|
ec2_autoscaling_role_enabled | If set to `false`, will use `existing_ec2_autoscaling_role_arn` for an existing EC2 autoscaling IAM role that was created outside of this module | bool | false |
|
||||||
|
release_label | The release label for the Amazon EMR release. https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-release-5x.html | string | false |
|
||||||
|
master_instance_group_ebs_size | Master instances volume size, in gibibytes (GiB) | number | true |
|
||||||
|
kerberos_realm | The name of the Kerberos realm to which all nodes in a cluster belong. For example, EC2.INTERNAL | string | false |
|
||||||
|
ebs_root_volume_size | Size in GiB of the EBS root device volume of the Linux AMI that is used for each EC2 instance. Available in Amazon EMR version 4.x and later | number | false |
|
||||||
|
core_instance_group_ebs_type | Core instances volume type. Valid options are `gp2`, `io1`, `standard` and `st1` | string | false |
|
||||||
|
core_instance_group_ebs_iops | The number of I/O operations per second (IOPS) that the Core volume supports | number | false |
|
||||||
|
task_instance_group_bid_price | Bid price for each EC2 instance in the Task instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances | string | false |
|
||||||
|
kerberos_ad_domain_join_user | Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain. Terraform cannot perform drift detection of this configuration. | string | false |
|
||||||
|
use_existing_service_access_security_group | If set to `true`, will use variable `service_access_security_group` using an existing security group that was created outside of this module | bool | false |
|
||||||
|
slave_allowed_security_groups | List of security groups to be allowed to connect to the slave instances | list(string) | false |
|
||||||
|
core_instance_group_instance_type | EC2 instance type for all instances in the Core instance group | string | true |
|
||||||
|
create_task_instance_group | Whether to create an instance group for Task nodes. For more info: https://www.terraform.io/docs/providers/aws/r/emr_instance_group.html, https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-master-core-task-nodes.html | bool | false |
|
||||||
|
task_instance_group_ebs_optimized | Indicates whether an Amazon EBS volume in the Task instance group is EBS-optimized. Changing this forces a new resource to be created | bool | false |
|
||||||
|
task_instance_group_ebs_type | Task instances volume type. Valid options are `gp2`, `io1`, `standard` and `st1` | string | false |
|
||||||
|
task_instance_group_ebs_iops | The number of I/O operations per second (IOPS) that the Task volume supports | number | false |
|
||||||
|
emr_role_permissions_boundary | The Permissions Boundary ARN to apply to the EMR Role. | string | false |
|
||||||
|
subnet_id | VPC subnet ID where you want the job flow to launch. Cannot specify the `cc1.4xlarge` instance type for nodes of a job flow launched in a Amazon VPC | string | true |
|
||||||
|
kerberos_cross_realm_trust_principal_password | Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms. Terraform cannot perform drift detection of this configuration. | string | false |
|
||||||
|
steps | List of steps to run when creating the cluster. | list(object({\n name = string\n action_on_failure = string\n hadoop_jar_step = object({\n args = list(string)\n jar = string\n main_class = string\n properties = map(string)\n })\n })) | false |
|
||||||
|
managed_slave_security_group | The name of the existing managed security group that will be used for EMR core & task nodes. If empty, a new security group will be created | string | false |
|
||||||
|
service_access_security_group | The name of the existing additional security group that will be used for EMR core & task nodes. If empty, a new security group will be created | string | false |
|
||||||
|
log_uri | The path to the Amazon S3 location where logs for this cluster are stored | string | false |
|
||||||
|
additional_info | A JSON string for selecting additional features such as adding proxy information. Note: Currently there is no API to retrieve the value of this argument after EMR cluster creation from provider, therefore Terraform cannot detect drift from the actual EMR cluster if its value is changed outside Terraform | string | false |
|
||||||
|
task_instance_group_ebs_size | Task instances volume size, in gibibytes (GiB) | number | false |
|
||||||
|
custom_ami_id | A custom Amazon Linux AMI for the cluster (instead of an EMR-owned AMI). Available in Amazon EMR version 5.7.0 and later | string | false |
|
||||||
|
core_instance_group_instance_count | Target number of instances for the Core instance group. Must be at least 1 | number | false |
|
||||||
|
kerberos_kdc_admin_password | The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster. Terraform cannot perform drift detection of this configuration. | string | false |
|
||||||
|
key_name | Amazon EC2 key pair that can be used to ssh to the master node as the user called `hadoop` | string | false |
|
||||||
|
master_instance_group_ebs_iops | The number of I/O operations per second (IOPS) that the Master volume supports | number | false |
|
||||||
|
scale_down_behavior | The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized | string | false |
|
||||||
|
use_existing_managed_slave_security_group | If set to `true`, will use variable `managed_slave_security_group` using an existing security group that was created outside of this module | bool | false |
|
||||||
|
additional_slave_security_group | The name of the existing additional security group that will be used for EMR core & task nodes. If empty, a new security group will be created | string | false |
|
||||||
|
service_role_enabled | If set to `false`, will use `existing_service_role_arn` for an existing IAM role that was created outside of this module | bool | false |
|
||||||
|
core_instance_group_ebs_size | Core instances volume size, in gibibytes (GiB) | number | true |
|
||||||
|
master_instance_group_bid_price | Bid price for each EC2 instance in the Master instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances | string | false |
|
||||||
|
vpc_id | VPC ID to create the cluster in (e.g. `vpc-a22222ee`) | string | true |
|
||||||
|
master_dns_name | Name of the cluster CNAME record to create in the parent DNS zone specified by `zone_id`. If left empty, the name will be auto-asigned using the format `emr-master-var.name` | string | false |
|
||||||
|
existing_service_role_arn | ARN of an existing EMR service role to attach to the cluster | string | false |
|
||||||
|
region | AWS region | string | true |
|
||||||
|
master_instance_group_instance_count | Target number of instances for the Master instance group. Must be at least 1 | number | false |
|
||||||
|
task_instance_group_ebs_volumes_per_instance | The number of EBS volumes with this configuration to attach to each EC2 instance in the Task instance group | number | false |
|
||||||
|
zone_id | Route53 parent zone ID. If provided (not empty), the module will create sub-domain DNS records for the masters and slaves | string | false |
|
||||||
|
master_allowed_cidr_blocks | List of CIDR blocks to be allowed to access the master instances | list(string) | false |
|
||||||
|
existing_ec2_autoscaling_role_arn | ARN of an existing EC2 autoscaling role to attach to the cluster | string | false |
|
||||||
|
configurations_json | A JSON string for supplying list of configurations for the EMR cluster. See https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html for more details | string | false |
|
||||||
|
task_instance_group_autoscaling_policy | String containing the EMR Auto Scaling Policy JSON for the Task instance group | string | false |
|
||||||
|
kerberos_ad_domain_join_password | The Active Directory password for ad_domain_join_user. Terraform cannot perform drift detection of this configuration. | string | false |
|
||||||
|
keep_job_flow_alive_when_no_steps | Switch on/off run cluster with no steps or when all steps are complete | bool | false |
|
||||||
|
bootstrap_action | List of bootstrap actions that will be run before Hadoop is started on the cluster nodes | list(object({\n path = string\n name = string\n args = list(string)\n })) | false |
|
||||||
|
step_concurrency_level | The number of steps that can be executed concurrently. You can specify a maximum of 256 steps. Only valid for EMR clusters with release_label 5.28.0 or greater. | number | false |
|
||||||
|
applications | A list of applications for the cluster. Valid values are: Flink, Ganglia, Hadoop, HBase, HCatalog, Hive, Hue, JupyterHub, Livy, Mahout, MXNet, Oozie, Phoenix, Pig, Presto, Spark, Sqoop, TensorFlow, Tez, Zeppelin, and ZooKeeper (as of EMR 5.25.0). Case insensitive | list(string) | true |
|
||||||
|
core_instance_group_bid_price | Bid price for each EC2 instance in the Core instance group, expressed in USD. By setting this attribute, the instance group is being declared as a Spot Instance, and will implicitly create a Spot request. Leave this blank to use On-Demand Instances | string | false |
|
||||||
|
additional_master_security_group | The name of the existing additional security group that will be used for EMR master node. If empty, a new security group will be created | string | false |
|
||||||
|
ec2_role_enabled | If set to `false`, will use `existing_ec2_instance_profile_arn` for an existing EC2 IAM role that was created outside of this module | bool | false |
|
||||||
|
route_table_id | Route table ID for the VPC S3 Endpoint when launching the EMR cluster in a private subnet. Required when `subnet_type` is `private` | string | false |
|
||||||
|
core_instance_group_autoscaling_policy | String containing the EMR Auto Scaling Policy JSON for the Core instance group | string | false |
|
||||||
|
security_configuration | The security configuration name to attach to the EMR cluster. Only valid for EMR clusters with `release_label` 4.8.0 or greater. See https://www.terraform.io/docs/providers/aws/r/emr_security_configuration.html for more info | string | false |
|
||||||
|
task_instance_group_instance_type | EC2 instance type for all instances in the Task instance group | string | false |
|
||||||
|
ec2_role_permissions_boundary | The Permissions Boundary ARN to apply to the EC2 Role. | string | false |
|
||||||
|
use_existing_additional_master_security_group | If set to `true`, will use variable `additional_master_security_group` using an existing security group that was created outside of this module | bool | false |
|
||||||
|
managed_master_security_group | The name of the existing managed security group that will be used for EMR master node. If empty, a new security group will be created | string | false |
|
||||||
|
master_instance_group_instance_type | EC2 instance type for all instances in the Master instance group | string | true |
|
||||||
|
master_instance_group_ebs_type | Master instances volume type. Valid options are `gp2`, `io1`, `standard` and `st1` | string | false |
|
||||||
|
create_vpc_endpoint_s3 | Set to false to prevent the module from creating VPC S3 Endpoint | bool | false |
|
||||||
|
termination_protection | Switch on/off termination protection (default is false, except when using multiple master nodes). Before attempting to destroy the resource when termination protection is enabled, this configuration must be applied with its value set to false | bool | false |
|
||||||
|
subnet_type | Type of VPC subnet ID where you want the job flow to launch. Supported values are `private` or `public` | string | false |
|
||||||
|
task_instance_group_instance_count | Target number of instances for the Task instance group. Must be at least 1 | number | false |
|
||||||
|
ec2_autoscaling_role_permissions_boundary | The Permissions Boundary ARN to apply to the EC2 Autoscaling Role. | string | false |
|
||||||
|
existing_ec2_instance_profile_arn | ARN of an existing EC2 instance profile | string | false |
|
||||||
|
visible_to_all_users | Whether the job flow is visible to all IAM users of the AWS account associated with the job flow | bool | false |
|
||||||
|
core_instance_group_ebs_volumes_per_instance | The number of EBS volumes with this configuration to attach to each EC2 instance in the Core instance group | number | false |
|
||||||
|
master_instance_group_ebs_volumes_per_instance | The number of EBS volumes with this configuration to attach to each EC2 instance in the Master instance group | number | false |
|
||||||
|
kerberos_enabled | Set to true if EMR cluster will use kerberos_attributes | bool | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -13,18 +13,18 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
minimum_password_length | Minimum length to require for user passwords | number | false |
|
|
||||||
allow_users_to_change_password | Whether to allow users to change their own password | bool | false |
|
|
||||||
require_lowercase_characters | Whether to require lowercase characters for user passwords | bool | false |
|
|
||||||
require_numbers | Whether to require numbers for user passwords | bool | false |
|
|
||||||
get_caller_identity | Whether to get AWS account ID, User ID, and ARN in which Terraform is authorized | bool | false |
|
|
||||||
account_alias | AWS IAM account alias for this account | string | true |
|
|
||||||
create_account_password_policy | Whether to create AWS IAM account password policy | bool | false |
|
create_account_password_policy | Whether to create AWS IAM account password policy | bool | false |
|
||||||
max_password_age | The number of days that an user password is valid. | number | false |
|
max_password_age | The number of days that an user password is valid. | number | false |
|
||||||
require_symbols | Whether to require symbols for user passwords | bool | false |
|
minimum_password_length | Minimum length to require for user passwords | number | false |
|
||||||
|
allow_users_to_change_password | Whether to allow users to change their own password | bool | false |
|
||||||
hard_expiry | Whether users are prevented from setting a new password after their password has expired (i.e. require administrator reset) | bool | false |
|
hard_expiry | Whether users are prevented from setting a new password after their password has expired (i.e. require administrator reset) | bool | false |
|
||||||
password_reuse_prevention | The number of previous passwords that users are prevented from reusing | number | false |
|
get_caller_identity | Whether to get AWS account ID, User ID, and ARN in which Terraform is authorized | bool | false |
|
||||||
|
account_alias | AWS IAM account alias for this account | string | true |
|
||||||
require_uppercase_characters | Whether to require uppercase characters for user passwords | bool | false |
|
require_uppercase_characters | Whether to require uppercase characters for user passwords | bool | false |
|
||||||
|
require_numbers | Whether to require numbers for user passwords | bool | false |
|
||||||
|
require_symbols | Whether to require symbols for user passwords | bool | false |
|
||||||
|
password_reuse_prevention | The number of previous passwords that users are prevented from reusing | number | false |
|
||||||
|
require_lowercase_characters | Whether to require lowercase characters for user passwords | bool | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,23 +13,23 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
aws_account_id | The AWS account ID where the OIDC provider lives, leave empty to use the account for the AWS provider | string | false |
|
role_permissions_boundary_arn | Permissions boundary ARN to use for IAM role | string | false |
|
||||||
role_path | Path of IAM role | string | false |
|
oidc_fully_qualified_subjects | The fully qualified OIDC subjects to be added to the role policy | set(string) | false |
|
||||||
oidc_subjects_with_wildcards | The OIDC subject using wildcards to be added to the role policy | set(string) | false |
|
provider_url | URL of the OIDC Provider. Use provider_urls to specify several URLs. | string | false |
|
||||||
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
|
||||||
tags | A map of tags to add to IAM role resources | map(string) | false |
|
tags | A map of tags to add to IAM role resources | map(string) | false |
|
||||||
role_name | IAM role name | string | false |
|
|
||||||
role_name_prefix | IAM role name prefix | string | false |
|
role_name_prefix | IAM role name prefix | string | false |
|
||||||
role_description | IAM Role description | string | false |
|
role_description | IAM Role description | string | false |
|
||||||
role_permissions_boundary_arn | Permissions boundary ARN to use for IAM role | string | false |
|
role_path | Path of IAM role | string | false |
|
||||||
role_policy_arns | List of ARNs of IAM policies to attach to IAM role | list(string) | false |
|
role_policy_arns | List of ARNs of IAM policies to attach to IAM role | list(string) | false |
|
||||||
number_of_role_policy_arns | Number of IAM policies to attach to IAM role | number | false |
|
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
||||||
create_role | Whether to create a role | bool | false |
|
create_role | Whether to create a role | bool | false |
|
||||||
provider_url | URL of the OIDC Provider. Use provider_urls to specify several URLs. | string | false |
|
aws_account_id | The AWS account ID where the OIDC provider lives, leave empty to use the account for the AWS provider | string | false |
|
||||||
oidc_fully_qualified_subjects | The fully qualified OIDC subjects to be added to the role policy | set(string) | false |
|
oidc_subjects_with_wildcards | The OIDC subject using wildcards to be added to the role policy | set(string) | false |
|
||||||
oidc_fully_qualified_audiences | The audience to be added to the role policy. Set to sts.amazonaws.com for cross-account assumable role. Leave empty otherwise. | set(string) | false |
|
oidc_fully_qualified_audiences | The audience to be added to the role policy. Set to sts.amazonaws.com for cross-account assumable role. Leave empty otherwise. | set(string) | false |
|
||||||
provider_urls | List of URLs of the OIDC Providers | list(string) | false |
|
|
||||||
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
||||||
|
number_of_role_policy_arns | Number of IAM policies to attach to IAM role | number | false |
|
||||||
|
provider_urls | List of URLs of the OIDC Providers | list(string) | false |
|
||||||
|
role_name | IAM role name | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,20 +13,20 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
tags | A map of tags to add to IAM role resources | map(string) | false |
|
|
||||||
role_name_prefix | IAM role name prefix | string | false |
|
role_name_prefix | IAM role name prefix | string | false |
|
||||||
number_of_role_policy_arns | Number of IAM policies to attach to IAM role | number | false |
|
|
||||||
provider_id | ID of the SAML Provider. Use provider_ids to specify several IDs. | string | false |
|
|
||||||
aws_saml_endpoint | AWS SAML Endpoint | string | false |
|
|
||||||
role_path | Path of IAM role | string | false |
|
|
||||||
role_policy_arns | List of ARNs of IAM policies to attach to IAM role | list(string) | false |
|
|
||||||
create_role | Whether to create a role | bool | false |
|
|
||||||
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
||||||
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
||||||
provider_ids | List of SAML Provider IDs | list(string) | false |
|
provider_ids | List of SAML Provider IDs | list(string) | false |
|
||||||
|
aws_saml_endpoint | AWS SAML Endpoint | string | false |
|
||||||
role_name | IAM role name | string | false |
|
role_name | IAM role name | string | false |
|
||||||
role_description | IAM Role description | string | false |
|
role_description | IAM Role description | string | false |
|
||||||
|
create_role | Whether to create a role | bool | false |
|
||||||
|
role_path | Path of IAM role | string | false |
|
||||||
|
provider_id | ID of the SAML Provider. Use provider_ids to specify several IDs. | string | false |
|
||||||
|
tags | A map of tags to add to IAM role resources | map(string) | false |
|
||||||
role_permissions_boundary_arn | Permissions boundary ARN to use for IAM role | string | false |
|
role_permissions_boundary_arn | Permissions boundary ARN to use for IAM role | string | false |
|
||||||
|
role_policy_arns | List of ARNs of IAM policies to attach to IAM role | list(string) | false |
|
||||||
|
number_of_role_policy_arns | Number of IAM policies to attach to IAM role | number | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,30 +13,30 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
trusted_role_actions | Actions of STS | list(string) | false |
|
readonly_role_policy_arn | Policy ARN to use for readonly role | string | false |
|
||||||
|
attach_readonly_policy | Whether to attach a readonly policy to a role | bool | false |
|
||||||
trusted_role_services | AWS Services that can assume these roles | list(string) | false |
|
trusted_role_services | AWS Services that can assume these roles | list(string) | false |
|
||||||
role_name | IAM role name | string | false |
|
role_name | IAM role name | string | false |
|
||||||
role_path | Path of IAM role | string | false |
|
|
||||||
role_permissions_boundary_arn | Permissions boundary ARN to use for IAM role | string | false |
|
|
||||||
custom_role_trust_policy | A custorm role trust policy | string | false |
|
|
||||||
create_instance_profile | Whether to create an instance profile | bool | false |
|
|
||||||
custom_role_policy_arns | List of ARNs of IAM policies to attach to IAM role | list(string) | false |
|
custom_role_policy_arns | List of ARNs of IAM policies to attach to IAM role | list(string) | false |
|
||||||
|
custom_role_trust_policy | A custom role trust policy | string | false |
|
||||||
admin_role_policy_arn | Policy ARN to use for admin role | string | false |
|
admin_role_policy_arn | Policy ARN to use for admin role | string | false |
|
||||||
attach_admin_policy | Whether to attach an admin policy to a role | bool | false |
|
|
||||||
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
|
||||||
trusted_role_arns | ARNs of AWS entities who can assume these roles | list(string) | false |
|
|
||||||
mfa_age | Max age of valid MFA (in seconds) for roles which require MFA | number | false |
|
|
||||||
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
|
||||||
role_requires_mfa | Whether role requires MFA | bool | false |
|
|
||||||
tags | A map of tags to add to IAM role resources | map(string) | false |
|
|
||||||
poweruser_role_policy_arn | Policy ARN to use for poweruser role | string | false |
|
poweruser_role_policy_arn | Policy ARN to use for poweruser role | string | false |
|
||||||
readonly_role_policy_arn | Policy ARN to use for readonly role | string | false |
|
|
||||||
attach_poweruser_policy | Whether to attach a poweruser policy to a role | bool | false |
|
attach_poweruser_policy | Whether to attach a poweruser policy to a role | bool | false |
|
||||||
|
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
||||||
|
create_instance_profile | Whether to create an instance profile | bool | false |
|
||||||
|
role_permissions_boundary_arn | Permissions boundary ARN to use for IAM role | string | false |
|
||||||
|
attach_admin_policy | Whether to attach an admin policy to a role | bool | false |
|
||||||
role_description | IAM Role description | string | false |
|
role_description | IAM Role description | string | false |
|
||||||
role_sts_externalid | STS ExternalId condition values to use with a role (when MFA is not required) | any | false |
|
role_sts_externalid | STS ExternalId condition values to use with a role (when MFA is not required) | any | false |
|
||||||
create_role | Whether to create a role | bool | false |
|
create_role | Whether to create a role | bool | false |
|
||||||
|
role_path | Path of IAM role | string | false |
|
||||||
number_of_custom_role_policy_arns | Number of IAM policies to attach to IAM role | number | false |
|
number_of_custom_role_policy_arns | Number of IAM policies to attach to IAM role | number | false |
|
||||||
attach_readonly_policy | Whether to attach a readonly policy to a role | bool | false |
|
role_requires_mfa | Whether role requires MFA | bool | false |
|
||||||
|
tags | A map of tags to add to IAM role resources | map(string) | false |
|
||||||
|
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
||||||
|
trusted_role_actions | Actions of STS | list(string) | false |
|
||||||
|
trusted_role_arns | ARNs of AWS entities who can assume these roles | list(string) | false |
|
||||||
|
mfa_age | Max age of valid MFA (in seconds) for roles which require MFA | number | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,29 +13,29 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
aws_saml_endpoint | AWS SAML Endpoint | string | false |
|
provider_id | ID of the SAML Provider. Use provider_ids to specify several IDs. | string | false |
|
||||||
admin_role_path | Path of admin IAM role | string | false |
|
poweruser_role_name | IAM role with poweruser access | string | false |
|
||||||
admin_role_permissions_boundary_arn | Permissions boundary ARN to use for admin role | string | false |
|
readonly_role_name | IAM role with readonly access | string | false |
|
||||||
admin_role_tags | A map of tags to add to admin role resource. | map(string) | false |
|
readonly_role_tags | A map of tags to add to readonly role resource. | map(string) | false |
|
||||||
readonly_role_permissions_boundary_arn | Permissions boundary ARN to use for readonly role | string | false |
|
|
||||||
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
|
||||||
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
||||||
provider_ids | List of SAML Provider IDs | list(string) | false |
|
provider_ids | List of SAML Provider IDs | list(string) | false |
|
||||||
create_readonly_role | Whether to create readonly role | bool | false |
|
admin_role_path | Path of admin IAM role | string | false |
|
||||||
readonly_role_name | IAM role with readonly access | string | false |
|
|
||||||
admin_role_policy_arns | List of policy ARNs to use for admin role | list(string) | false |
|
|
||||||
poweruser_role_path | Path of poweruser IAM role | string | false |
|
|
||||||
poweruser_role_policy_arns | List of policy ARNs to use for poweruser role | list(string) | false |
|
|
||||||
readonly_role_path | Path of readonly IAM role | string | false |
|
|
||||||
create_admin_role | Whether to create admin role | bool | false |
|
|
||||||
admin_role_name | IAM role with admin access | string | false |
|
|
||||||
create_poweruser_role | Whether to create poweruser role | bool | false |
|
create_poweruser_role | Whether to create poweruser role | bool | false |
|
||||||
poweruser_role_name | IAM role with poweruser access | string | false |
|
|
||||||
poweruser_role_permissions_boundary_arn | Permissions boundary ARN to use for poweruser role | string | false |
|
poweruser_role_permissions_boundary_arn | Permissions boundary ARN to use for poweruser role | string | false |
|
||||||
poweruser_role_tags | A map of tags to add to poweruser role resource. | map(string) | false |
|
readonly_role_path | Path of readonly IAM role | string | false |
|
||||||
readonly_role_policy_arns | List of policy ARNs to use for readonly role | list(string) | false |
|
readonly_role_policy_arns | List of policy ARNs to use for readonly role | list(string) | false |
|
||||||
readonly_role_tags | A map of tags to add to readonly role resource. | map(string) | false |
|
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
||||||
provider_id | ID of the SAML Provider. Use provider_ids to specify several IDs. | string | false |
|
aws_saml_endpoint | AWS SAML Endpoint | string | false |
|
||||||
|
admin_role_name | IAM role with admin access | string | false |
|
||||||
|
admin_role_permissions_boundary_arn | Permissions boundary ARN to use for admin role | string | false |
|
||||||
|
poweruser_role_policy_arns | List of policy ARNs to use for poweruser role | list(string) | false |
|
||||||
|
create_readonly_role | Whether to create readonly role | bool | false |
|
||||||
|
create_admin_role | Whether to create admin role | bool | false |
|
||||||
|
admin_role_policy_arns | List of policy ARNs to use for admin role | list(string) | false |
|
||||||
|
admin_role_tags | A map of tags to add to admin role resource. | map(string) | false |
|
||||||
|
poweruser_role_path | Path of poweruser IAM role | string | false |
|
||||||
|
poweruser_role_tags | A map of tags to add to poweruser role resource. | map(string) | false |
|
||||||
|
readonly_role_permissions_boundary_arn | Permissions boundary ARN to use for readonly role | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,32 +13,32 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
admin_role_policy_arns | List of policy ARNs to use for admin role | list(string) | false |
|
||||||
|
admin_role_permissions_boundary_arn | Permissions boundary ARN to use for admin role | string | false |
|
||||||
|
poweruser_role_policy_arns | List of policy ARNs to use for poweruser role | list(string) | false |
|
||||||
poweruser_role_permissions_boundary_arn | Permissions boundary ARN to use for poweruser role | string | false |
|
poweruser_role_permissions_boundary_arn | Permissions boundary ARN to use for poweruser role | string | false |
|
||||||
|
readonly_role_path | Path of readonly IAM role | string | false |
|
||||||
|
trusted_role_arns | ARNs of AWS entities who can assume these roles | list(string) | false |
|
||||||
|
create_admin_role | Whether to create admin role | bool | false |
|
||||||
|
admin_role_name | IAM role with admin access | string | false |
|
||||||
|
admin_role_tags | A map of tags to add to admin role resource. | map(string) | false |
|
||||||
|
create_poweruser_role | Whether to create poweruser role | bool | false |
|
||||||
|
poweruser_role_requires_mfa | Whether poweruser role requires MFA | bool | false |
|
||||||
readonly_role_policy_arns | List of policy ARNs to use for readonly role | list(string) | false |
|
readonly_role_policy_arns | List of policy ARNs to use for readonly role | list(string) | false |
|
||||||
readonly_role_permissions_boundary_arn | Permissions boundary ARN to use for readonly role | string | false |
|
readonly_role_permissions_boundary_arn | Permissions boundary ARN to use for readonly role | string | false |
|
||||||
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
|
||||||
admin_role_name | IAM role with admin access | string | false |
|
|
||||||
admin_role_policy_arns | List of policy ARNs to use for admin role | list(string) | false |
|
|
||||||
create_poweruser_role | Whether to create poweruser role | bool | false |
|
|
||||||
poweruser_role_name | IAM role with poweruser access | string | false |
|
|
||||||
poweruser_role_path | Path of poweruser IAM role | string | false |
|
|
||||||
poweruser_role_policy_arns | List of policy ARNs to use for poweruser role | list(string) | false |
|
|
||||||
readonly_role_path | Path of readonly IAM role | string | false |
|
|
||||||
readonly_role_requires_mfa | Whether readonly role requires MFA | bool | false |
|
|
||||||
trusted_role_arns | ARNs of AWS entities who can assume these roles | list(string) | false |
|
|
||||||
trusted_role_services | AWS Services that can assume these roles | list(string) | false |
|
|
||||||
mfa_age | Max age of valid MFA (in seconds) for roles which require MFA | number | false |
|
|
||||||
poweruser_role_tags | A map of tags to add to poweruser role resource. | map(string) | false |
|
|
||||||
create_readonly_role | Whether to create readonly role | bool | false |
|
|
||||||
readonly_role_name | IAM role with readonly access | string | false |
|
|
||||||
admin_role_path | Path of admin IAM role | string | false |
|
|
||||||
admin_role_tags | A map of tags to add to admin role resource. | map(string) | false |
|
|
||||||
poweruser_role_requires_mfa | Whether poweruser role requires MFA | bool | false |
|
|
||||||
readonly_role_tags | A map of tags to add to readonly role resource. | map(string) | false |
|
readonly_role_tags | A map of tags to add to readonly role resource. | map(string) | false |
|
||||||
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
||||||
create_admin_role | Whether to create admin role | bool | false |
|
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
||||||
|
mfa_age | Max age of valid MFA (in seconds) for roles which require MFA | number | false |
|
||||||
|
admin_role_path | Path of admin IAM role | string | false |
|
||||||
|
poweruser_role_tags | A map of tags to add to poweruser role resource. | map(string) | false |
|
||||||
|
trusted_role_services | AWS Services that can assume these roles | list(string) | false |
|
||||||
admin_role_requires_mfa | Whether admin role requires MFA | bool | false |
|
admin_role_requires_mfa | Whether admin role requires MFA | bool | false |
|
||||||
admin_role_permissions_boundary_arn | Permissions boundary ARN to use for admin role | string | false |
|
poweruser_role_name | IAM role with poweruser access | string | false |
|
||||||
|
poweruser_role_path | Path of poweruser IAM role | string | false |
|
||||||
|
create_readonly_role | Whether to create readonly role | bool | false |
|
||||||
|
readonly_role_name | IAM role with readonly access | string | false |
|
||||||
|
readonly_role_requires_mfa | Whether readonly role requires MFA | bool | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,18 +13,18 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
role_description | IAM Role description | string | false |
|
|
||||||
cluster_service_accounts | EKS cluster and k8s ServiceAccount pairs. Each EKS cluster can have multiple k8s ServiceAccount. See README for details | map(list(string)) | false |
|
cluster_service_accounts | EKS cluster and k8s ServiceAccount pairs. Each EKS cluster can have multiple k8s ServiceAccount. See README for details | map(list(string)) | false |
|
||||||
provider_url_sa_pairs | OIDC provider URL and k8s ServiceAccount pairs. If the assume role policy requires a mix of EKS clusters and other OIDC providers then this can be used | map(list(string)) | false |
|
|
||||||
tags | A map of tags to add the the IAM role | map(any) | false |
|
tags | A map of tags to add the the IAM role | map(any) | false |
|
||||||
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
|
||||||
role_path | Path of IAM role | string | false |
|
|
||||||
role_permissions_boundary_arn | Permissions boundary ARN to use for IAM role | string | false |
|
|
||||||
role_name_prefix | IAM role name prefix | string | false |
|
|
||||||
role_policy_arns | ARNs of any policies to attach to the IAM role | list(string) | false |
|
|
||||||
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
|
||||||
create_role | Whether to create a role | bool | false |
|
create_role | Whether to create a role | bool | false |
|
||||||
|
role_name_prefix | IAM role name prefix | string | false |
|
||||||
|
role_permissions_boundary_arn | Permissions boundary ARN to use for IAM role | string | false |
|
||||||
|
role_description | IAM Role description | string | false |
|
||||||
|
role_policy_arns | ARNs of any policies to attach to the IAM role | list(string) | false |
|
||||||
|
provider_url_sa_pairs | OIDC provider URL and k8s ServiceAccount pairs. If the assume role policy requires a mix of EKS clusters and other OIDC providers then this can be used | map(list(string)) | false |
|
||||||
|
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
|
||||||
|
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
|
||||||
role_name | Name of IAM role | string | false |
|
role_name | Name of IAM role | string | false |
|
||||||
|
role_path | Path of IAM role | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,15 +13,15 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
create_group | Whether to create IAM group | bool | false |
|
||||||
group_users | List of IAM users to have in an IAM group which can assume the role | list(string) | false |
|
group_users | List of IAM users to have in an IAM group which can assume the role | list(string) | false |
|
||||||
custom_group_policy_arns | List of IAM policies ARNs to attach to IAM group | list(string) | false |
|
custom_group_policy_arns | List of IAM policies ARNs to attach to IAM group | list(string) | false |
|
||||||
attach_iam_self_management_policy | Whether to attach IAM policy which allows IAM users to manage their credentials and MFA | bool | false |
|
attach_iam_self_management_policy | Whether to attach IAM policy which allows IAM users to manage their credentials and MFA | bool | false |
|
||||||
|
aws_account_id | AWS account id to use inside IAM policies. If empty, current AWS account ID will be used. | string | false |
|
||||||
tags | A map of tags to add to all resources. | map(string) | false |
|
tags | A map of tags to add to all resources. | map(string) | false |
|
||||||
create_group | Whether to create IAM group | bool | false |
|
|
||||||
name | Name of IAM group | string | false |
|
name | Name of IAM group | string | false |
|
||||||
custom_group_policies | List of maps of inline IAM policies to attach to IAM group. Should have `name` and `policy` keys in each element. | list(map(string)) | false |
|
custom_group_policies | List of maps of inline IAM policies to attach to IAM group. Should have `name` and `policy` keys in each element. | list(map(string)) | false |
|
||||||
iam_self_management_policy_name_prefix | Name prefix for IAM policy to create with IAM self-management permissions | string | false |
|
iam_self_management_policy_name_prefix | Name prefix for IAM policy to create with IAM self-management permissions | string | false |
|
||||||
aws_account_id | AWS account id to use inside IAM policies. If empty, current AWS account ID will be used. | string | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,9 +13,9 @@ Terraform module Terraform module for creating AWS IAM Roles with heredocs
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
policy_json | IAM Role Policy Document (JSON) | string | true |
|
|
||||||
name | Resource name | string | true |
|
name | Resource name | string | true |
|
||||||
type | IAM Role type: ec2/lambda/etc. Used for assume_role_policy principal; service names that have *.amazonaws.com identifiers should work. | string | true |
|
type | IAM Role type: ec2/lambda/etc. Used for assume_role_policy principal; service names that have *.amazonaws.com identifiers should work. | string | true |
|
||||||
|
policy_json | IAM Role Policy Document (JSON) | string | true |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,12 +13,12 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
policy | The path of the policy in IAM (tpl file) | string | false |
|
||||||
tags | A map of tags to add to all resources. | map(string) | false |
|
tags | A map of tags to add to all resources. | map(string) | false |
|
||||||
create_policy | Whether to create the IAM policy | bool | false |
|
create_policy | Whether to create the IAM policy | bool | false |
|
||||||
name | The name of the policy | string | false |
|
name | The name of the policy | string | false |
|
||||||
path | The path of the policy in IAM | string | false |
|
path | The path of the policy in IAM | string | false |
|
||||||
description | The description of the policy | string | false |
|
description | The description of the policy | string | false |
|
||||||
policy | The path of the policy in IAM (tpl file) | string | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,17 +13,17 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
description | The description of the policy | string | false |
|
|
||||||
allow_cloudwatch_logs_query | Allows StartQuery/StopQuery/FilterLogEvents CloudWatch actions | bool | false |
|
|
||||||
allow_predefined_sts_actions | Allows GetCallerIdentity/GetSessionToken/GetAccessKeyInfo sts actions | bool | false |
|
allow_predefined_sts_actions | Allows GetCallerIdentity/GetSessionToken/GetAccessKeyInfo sts actions | bool | false |
|
||||||
allow_web_console_services | Allows List/Get/Describe/View actions for services used when browsing AWS console (e.g. resource-groups, tag, health services) | bool | false |
|
allow_web_console_services | Allows List/Get/Describe/View actions for services used when browsing AWS console (e.g. resource-groups, tag, health services) | bool | false |
|
||||||
web_console_services | List of web console services to allow | list(string) | false |
|
|
||||||
tags | A map of tags to add to all resources. | map(string) | false |
|
|
||||||
create_policy | Whether to create the IAM policy | bool | false |
|
create_policy | Whether to create the IAM policy | bool | false |
|
||||||
name | The name of the policy | string | false |
|
name | The name of the policy | string | false |
|
||||||
path | The path of the policy in IAM | string | false |
|
|
||||||
allowed_services | List of services to allow Get/List/Describe/View options. Service name should be the same as corresponding service IAM prefix. See what it is for each service here https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html | list(string) | true |
|
|
||||||
additional_policy_json | JSON policy document if you want to add custom actions | string | false |
|
additional_policy_json | JSON policy document if you want to add custom actions | string | false |
|
||||||
|
tags | A map of tags to add to all resources. | map(string) | false |
|
||||||
|
allow_cloudwatch_logs_query | Allows StartQuery/StopQuery/FilterLogEvents CloudWatch actions | bool | false |
|
||||||
|
path | The path of the policy in IAM | string | false |
|
||||||
|
description | The description of the policy | string | false |
|
||||||
|
allowed_services | List of services to allow Get/List/Describe/View options. Service name should be the same as corresponding service IAM prefix. See what it is for each service here https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html | list(string) | true |
|
||||||
|
web_console_services | List of web console services to allow | list(string) | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,19 +13,19 @@ A Terraform module that creates IAM role with provided JSON IAM polices document
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
principals | Map of service name as key and a list of ARNs to allow assuming the role as value (e.g. map(`AWS`, list(`arn:aws:iam:::role/admin`))) | map(list(string)) | false |
|
|
||||||
policy_documents | List of JSON IAM policy documents | list(string) | false |
|
|
||||||
max_session_duration | The maximum session duration (in seconds) for the role. Can have a value from 1 hour to 12 hours | number | false |
|
max_session_duration | The maximum session duration (in seconds) for the role. Can have a value from 1 hour to 12 hours | number | false |
|
||||||
permissions_boundary | ARN of the policy that is used to set the permissions boundary for the role | string | false |
|
permissions_boundary | ARN of the policy that is used to set the permissions boundary for the role | string | false |
|
||||||
policy_description | The description of the IAM policy that is visible in the IAM policy manager | string | false |
|
role_description | The description of the IAM role that is visible in the IAM role manager | string | true |
|
||||||
assume_role_conditions | List of conditions for the assume role policy | list(object({\n test = string\n variable = string\n values = list(string)\n })) | false |
|
|
||||||
path | Path to the role and policy. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) for more information. | string | false |
|
path | Path to the role and policy. See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) for more information. | string | false |
|
||||||
use_fullname | If set to 'true' then the full ID for the IAM role name (e.g. `[var.namespace]-[var.environment]-[var.stage]`) will be used.\n\nOtherwise, `var.name` will be used for the IAM role name.\n | bool | false |
|
use_fullname | If set to 'true' then the full ID for the IAM role name (e.g. `[var.namespace]-[var.environment]-[var.stage]`) will be used.\n\nOtherwise, `var.name` will be used for the IAM role name.\n | bool | false |
|
||||||
policy_document_count | Number of policy documents (length of policy_documents list) | number | false |
|
policy_documents | List of JSON IAM policy documents | list(string) | false |
|
||||||
managed_policy_arns | List of managed policies to attach to created role | set(string) | false |
|
managed_policy_arns | List of managed policies to attach to created role | set(string) | false |
|
||||||
role_description | The description of the IAM role that is visible in the IAM role manager | string | true |
|
policy_description | The description of the IAM policy that is visible in the IAM policy manager | string | false |
|
||||||
assume_role_actions | The IAM action to be granted by the AssumeRole policy | list(string) | false |
|
assume_role_actions | The IAM action to be granted by the AssumeRole policy | list(string) | false |
|
||||||
|
assume_role_conditions | List of conditions for the assume role policy | list(object({\n test = string\n variable = string\n values = list(string)\n })) | false |
|
||||||
instance_profile_enabled | Create EC2 Instance Profile for the role | bool | false |
|
instance_profile_enabled | Create EC2 Instance Profile for the role | bool | false |
|
||||||
|
principals | Map of service name as key and a list of ARNs to allow assuming the role as value (e.g. map(`AWS`, list(`arn:aws:iam:::role/admin`))) | map(list(string)) | false |
|
||||||
|
policy_document_count | Number of policy documents (length of policy_documents list) | number | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,10 +13,10 @@ Terraform module to provision a basic IAM user with permissions to access S3 res
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
force_destroy | Destroy even if it has non-Terraform-managed IAM access keys, login profiles or MFA devices | bool | false |
|
|
||||||
path | Path in which to create the user | string | false |
|
|
||||||
s3_actions | Actions to allow in the policy | list(string) | false |
|
s3_actions | Actions to allow in the policy | list(string) | false |
|
||||||
s3_resources | S3 resources to apply the actions specified in the policy | list(string) | true |
|
s3_resources | S3 resources to apply the actions specified in the policy | list(string) | true |
|
||||||
|
force_destroy | Destroy even if it has non-Terraform-managed IAM access keys, login profiles or MFA devices | bool | false |
|
||||||
|
path | Path in which to create the user | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,16 +13,16 @@ Terraform Module to Provision a Basic IAM System User Suitable for CI/CD Systems
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
create_iam_access_key | Whether or not to create IAM access keys | bool | false |
|
policy_arns_map | Policy ARNs to attach (descriptive key => arn) | map(string) | false |
|
||||||
|
permissions_boundary | Permissions Boundary ARN to attach to our created user | string | false |
|
||||||
iam_access_key_max_age | Maximum age of IAM access key (seconds). Defaults to 30 days. Set to 0 to disable expiration. | number | false |
|
iam_access_key_max_age | Maximum age of IAM access key (seconds). Defaults to 30 days. Set to 0 to disable expiration. | number | false |
|
||||||
force_destroy | Destroy the user even if it has non-Terraform-managed IAM access keys, login profile or MFA devices | bool | false |
|
force_destroy | Destroy the user even if it has non-Terraform-managed IAM access keys, login profile or MFA devices | bool | false |
|
||||||
|
path | Path in which to create the user | string | false |
|
||||||
inline_policies | Inline policies to attach to our created user | list(string) | false |
|
inline_policies | Inline policies to attach to our created user | list(string) | false |
|
||||||
inline_policies_map | Inline policies to attach (descriptive key => policy) | map(string) | false |
|
inline_policies_map | Inline policies to attach (descriptive key => policy) | map(string) | false |
|
||||||
policy_arns | Policy ARNs to attach to our created user | list(string) | false |
|
policy_arns | Policy ARNs to attach to our created user | list(string) | false |
|
||||||
policy_arns_map | Policy ARNs to attach (descriptive key => arn) | map(string) | false |
|
create_iam_access_key | Whether or not to create IAM access keys | bool | false |
|
||||||
permissions_boundary | Permissions Boundary ARN to attach to our created user | string | false |
|
|
||||||
ssm_enabled | Whether or not to write the IAM access key and secret key to SSM Parameter Store | bool | false |
|
ssm_enabled | Whether or not to write the IAM access key and secret key to SSM Parameter Store | bool | false |
|
||||||
path | Path in which to create the user | string | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,19 +13,19 @@ Terraform module which creates IAM resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
pgp_key | Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Used to encrypt password and access key. `pgp_key` is required when `create_iam_user_login_profile` is set to `true` | string | false |
|
||||||
|
ssh_public_key | The SSH public key. The public key must be encoded in ssh-rsa format or PEM format | string | false |
|
||||||
create_iam_user_login_profile | Whether to create IAM user login profile | bool | false |
|
create_iam_user_login_profile | Whether to create IAM user login profile | bool | false |
|
||||||
password_length | The length of the generated password | number | false |
|
password_length | The length of the generated password | number | false |
|
||||||
ssh_key_encoding | Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use SSH. To retrieve the public key in PEM format, use PEM | string | false |
|
|
||||||
name | Desired name for the IAM user | string | true |
|
|
||||||
pgp_key | Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Used to encrypt password and access key. `pgp_key` is required when `create_iam_user_login_profile` is set to `true` | string | false |
|
|
||||||
tags | A map of tags to add to all resources. | map(string) | false |
|
|
||||||
create_iam_access_key | Whether to create IAM access key | bool | false |
|
create_iam_access_key | Whether to create IAM access key | bool | false |
|
||||||
|
name | Desired name for the IAM user | string | true |
|
||||||
|
permissions_boundary | The ARN of the policy that is used to set the permissions boundary for the user. | string | false |
|
||||||
|
create_user | Whether to create the IAM user | bool | false |
|
||||||
force_destroy | When destroying this user, destroy even if it has non-Terraform-managed IAM access keys, login profile or MFA devices. Without force_destroy a user with non-Terraform-managed access keys and login profile will fail to be destroyed. | bool | false |
|
force_destroy | When destroying this user, destroy even if it has non-Terraform-managed IAM access keys, login profile or MFA devices. Without force_destroy a user with non-Terraform-managed access keys and login profile will fail to be destroyed. | bool | false |
|
||||||
password_reset_required | Whether the user should be forced to reset the generated password on first login. | bool | false |
|
password_reset_required | Whether the user should be forced to reset the generated password on first login. | bool | false |
|
||||||
upload_iam_user_ssh_key | Whether to upload a public ssh key to the IAM user | bool | false |
|
upload_iam_user_ssh_key | Whether to upload a public ssh key to the IAM user | bool | false |
|
||||||
ssh_public_key | The SSH public key. The public key must be encoded in ssh-rsa format or PEM format | string | false |
|
ssh_key_encoding | Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use SSH. To retrieve the public key in PEM format, use PEM | string | false |
|
||||||
permissions_boundary | The ARN of the policy that is used to set the permissions boundary for the user. | string | false |
|
tags | A map of tags to add to all resources. | map(string) | false |
|
||||||
create_user | Whether to create the IAM user | bool | false |
|
|
||||||
path | Desired path for the IAM user | string | false |
|
path | Desired path for the IAM user | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,11 +13,11 @@ Terraform module which creates EC2 key pair on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
tags | A map of tags to add to key pair resource. | map(string) | false |
|
|
||||||
create_key_pair | Controls if key pair should be created | bool | false |
|
create_key_pair | Controls if key pair should be created | bool | false |
|
||||||
key_name | The name for the key pair. | string | false |
|
key_name | The name for the key pair. | string | false |
|
||||||
key_name_prefix | Creates a unique name beginning with the specified prefix. Conflicts with key_name. | string | false |
|
key_name_prefix | Creates a unique name beginning with the specified prefix. Conflicts with key_name. | string | false |
|
||||||
public_key | The public key material. | string | false |
|
public_key | The public key material. | string | false |
|
||||||
|
tags | A map of tags to add to key pair resource. | map(string) | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -14,33 +14,33 @@ Terraform module to provision a lambda with full permissions
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
publish | Should this be published as a version | bool | false |
|
publish | Should this be published as a version | bool | false |
|
||||||
alias | Lambda alias name | string | false |
|
instant_alias_update | Whether to immediately point the alias at the latest version | bool | false |
|
||||||
dead_letter_target_type | The type of the dlq target, must be 'SNS' or 'SQS' | string | false |
|
dead_letter_target_type | The type of the dlq target, must be 'SNS' or 'SQS' | string | false |
|
||||||
additional_assume_role_policies | List of objects defining additional non-Lambda IAM trust relationship statements | list(object({\n Action = list(string)\n Principal = object({\n Service = string\n })\n Effect = string\n })) | false |
|
|
||||||
log_retention | Time in days to retain logs for | number | false |
|
log_retention | Time in days to retain logs for | number | false |
|
||||||
handler | Path to the lambda handler | string | true |
|
|
||||||
memory_size | Memory allocation for the lambda function | number | false |
|
|
||||||
environment_vars | | map(string) | false |
|
|
||||||
tags | Tags to attach to all resources | map(string) | true |
|
|
||||||
s3_bucket | The S3 bucket your lambda artifact is stored in | string | true |
|
s3_bucket | The S3 bucket your lambda artifact is stored in | string | true |
|
||||||
custom_role_name | Override for the default lambda role name | string | false |
|
|
||||||
vpc_subnets | VPC subnets to run the lambda in | list(string) | false |
|
vpc_subnets | VPC subnets to run the lambda in | list(string) | false |
|
||||||
vpc_security_groups | VPC security groups to apply to the lambda | list(string) | false |
|
vpc_security_groups | VPC security groups to apply to the lambda | list(string) | false |
|
||||||
insights_enabled | Turn on Lambda insights for the Lambda (limited regions only) | bool | false |
|
|
||||||
name | The name to give to the lambda function | string | true |
|
|
||||||
aws_region | The region in which to deploy the lambda function | string | true |
|
|
||||||
architecture | The CPU architecture to use | | false |
|
|
||||||
s3_key | The name of the lambda artifact in the bucket | string | true |
|
|
||||||
aws_profile | The account profile to deploy the lamnda function within | string | true |
|
|
||||||
dead_letter_target | Target ARN for an SQS queue or SNS topic to notify on failed invocations | string | false |
|
dead_letter_target | Target ARN for an SQS queue or SNS topic to notify on failed invocations | string | false |
|
||||||
lambda_concurrency | Limit concurrent executions of the lambda fn | number | false |
|
aws_profile | The account profile to deploy the lamnda function within | string | true |
|
||||||
policies | List of objects defining IAM policy statements | list(object({\n Action = list(string)\n Resource = list(string)\n Effect = string\n })) | false |
|
handler | Path to the lambda handler | string | true |
|
||||||
instant_alias_update | Whether to immediately point the alias at the latest version | bool | false |
|
memory_size | Memory allocation for the lambda function | number | false |
|
||||||
description | Description of what the Lambda Function does | string | false |
|
|
||||||
lambda_runtime | Runtime to invoke the lambda with | string | true |
|
lambda_runtime | Runtime to invoke the lambda with | string | true |
|
||||||
timeout | Function timeout, execution gets cancelled after this many seconds | number | false |
|
timeout | Function timeout, execution gets cancelled after this many seconds | number | false |
|
||||||
|
name | The name to give to the lambda function | string | true |
|
||||||
tracing_config_mode | X Ray tracing mode to use | string | false |
|
tracing_config_mode | X Ray tracing mode to use | string | false |
|
||||||
|
additional_assume_role_policies | List of objects defining additional non-Lambda IAM trust relationship statements | list(object({\n Action = list(string)\n Principal = object({\n Service = string\n })\n Effect = string\n })) | false |
|
||||||
|
description | Description of what the Lambda Function does | string | false |
|
||||||
|
lambda_concurrency | Limit concurrent executions of the lambda fn | number | false |
|
||||||
|
architecture | The CPU architecture to use | | false |
|
||||||
|
policies | List of objects defining IAM policy statements | list(object({\n Action = list(string)\n Resource = list(string)\n Effect = string\n })) | false |
|
||||||
layers | List of lambda layer ARNs to attach | list(string) | false |
|
layers | List of lambda layer ARNs to attach | list(string) | false |
|
||||||
|
custom_role_name | Override for the default lambda role name | string | false |
|
||||||
|
aws_region | The region in which to deploy the lambda function | string | true |
|
||||||
|
alias | Lambda alias name | string | false |
|
||||||
|
insights_enabled | Turn on Lambda insights for the Lambda (limited regions only) | bool | false |
|
||||||
|
s3_key | The name of the lambda artifact in the bucket | string | true |
|
||||||
|
environment_vars | | map(string) | false |
|
||||||
|
tags | Tags to attach to all resources | map(string) | true |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,20 +13,20 @@ Terraform module creating a Lambda function with inline code
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
timeout | The amount of time (in seconds) per execution before stopping it. | number | true |
|
|
||||||
archive_file | An instance of the `archive_file` data source containing the code of the Lambda function. Conflicts with `source_dir`. | object({\n output_path = string\n output_base64sha256 = string\n }) | false |
|
|
||||||
function_name | Name of the Lambda function. | string | true |
|
function_name | Name of the Lambda function. | string | true |
|
||||||
layers | List of up to five Lambda layer ARNs. | list(string) | false |
|
|
||||||
description | Description of the Lambda function. | string | true |
|
|
||||||
handler | The name of the method within your code that Lambda calls to execute your function. | string | true |
|
|
||||||
runtime | The identifier of the Lambda function [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). | string | true |
|
|
||||||
reserved_concurrent_executions | The number of simultaneous executions to reserve for the Lambda function. | number | true |
|
reserved_concurrent_executions | The number of simultaneous executions to reserve for the Lambda function. | number | true |
|
||||||
secret_environment_variables | Map of environment variable names to ARNs of AWS Secret Manager secrets.\n\nEach ARN will be passed as environment variable to the lambda function with the key's name extended by suffix _SECRET_ARN. When initializing the Lambda run time environment, the Lambda function or a [wrapper script](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-modify.html#runtime-wrapper) can look up the secret value.\n\nPermission will be added allowing the Lambda function to read the secret values.\n | map(string) | false |
|
runtime | The identifier of the Lambda function [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). | string | true |
|
||||||
source_dir | Path of the directory which shall be packed as code of the Lambda function. Conflicts with `archive_file`. | string | false |
|
source_dir | Path of the directory which shall be packed as code of the Lambda function. Conflicts with `archive_file`. | string | false |
|
||||||
tags | Tags which will be assigned to all resources. | map(string) | false |
|
archive_file | An instance of the `archive_file` data source containing the code of the Lambda function. Conflicts with `source_dir`. | object({\n output_path = string\n output_base64sha256 = string\n }) | false |
|
||||||
cloudwatch_log_group_retention_in_days | The number of days to retain the log of the Lambda function. | number | false |
|
cloudwatch_log_group_retention_in_days | The number of days to retain the log of the Lambda function. | number | false |
|
||||||
environment_variables | Environment variable key-value pairs. | map(string) | false |
|
environment_variables | Environment variable key-value pairs. | map(string) | false |
|
||||||
|
layers | List of up to five Lambda layer ARNs. | list(string) | false |
|
||||||
|
timeout | The amount of time (in seconds) per execution before stopping it. | number | true |
|
||||||
|
handler | The name of the method within your code that Lambda calls to execute your function. | string | true |
|
||||||
|
tags | Tags which will be assigned to all resources. | map(string) | false |
|
||||||
|
description | Description of the Lambda function. | string | true |
|
||||||
memory_size | The amount of memory (in MB) available to the function at runtime. Increasing the Lambda function memory also increases its CPU allocation. | number | true |
|
memory_size | The amount of memory (in MB) available to the function at runtime. Increasing the Lambda function memory also increases its CPU allocation. | number | true |
|
||||||
|
secret_environment_variables | Map of environment variable names to ARNs of AWS Secret Manager secrets.\n\nEach ARN will be passed as environment variable to the lambda function with the key's name extended by suffix _SECRET_ARN. When initializing the Lambda run time environment, the Lambda function or a [wrapper script](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-modify.html#runtime-wrapper) can look up the secret value.\n\nPermission will be added allowing the Lambda function to read the secret values.\n | map(string) | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,105 +13,106 @@ Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (buil
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
timeout | The amount of time your Lambda Function has to run in seconds. | number | false |
|
|
||||||
docker_file | Path to a Dockerfile when building in Docker | string | false |
|
|
||||||
kms_key_arn | The ARN of KMS key to use by your Lambda Function | string | false |
|
|
||||||
role_description | Description of IAM role to use for Lambda Function | string | false |
|
|
||||||
attach_async_event_policy | Controls whether async event policy should be added to IAM role for Lambda Function | bool | false |
|
|
||||||
local_existing_package | The absolute path to an existing zip-file to use | string | false |
|
|
||||||
store_on_s3 | Whether to store produced artifacts on S3 or locally. | bool | false |
|
|
||||||
s3_server_side_encryption | Specifies server-side encryption of the object in S3. Valid values are "AES256" and "aws:kms". | string | false |
|
|
||||||
reserved_concurrent_executions | The amount of reserved concurrent executions for this Lambda Function. A value of 0 disables Lambda Function from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. | number | false |
|
|
||||||
compatible_runtimes | A list of Runtimes this layer is compatible with. Up to 5 runtimes can be specified. | list(string) | false |
|
|
||||||
attach_cloudwatch_logs_policy | Controls whether CloudWatch Logs policy should be added to IAM role for Lambda Function | bool | false |
|
|
||||||
attach_policy_statements | Controls whether policy_statements should be added to IAM role for Lambda Function | bool | false |
|
|
||||||
trusted_entities | List of additional trusted entities for assuming Lambda Function role (trust relationship) | any | false |
|
|
||||||
file_system_arn | The Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system. | string | false |
|
|
||||||
s3_object_storage_class | Specifies the desired Storage Class for the artifact uploaded to S3. Can be either STANDARD, REDUCED_REDUNDANCY, ONEZONE_IA, INTELLIGENT_TIERING, or STANDARD_IA. | string | false |
|
|
||||||
layers | List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. | list(string) | false |
|
|
||||||
package_type | The Lambda deployment package type. Valid options: Zip or Image | string | false |
|
|
||||||
image_uri | The ECR image URI containing the function's deployment package. | string | false |
|
|
||||||
destination_on_success | Amazon Resource Name (ARN) of the destination resource for successful asynchronous invocations | string | false |
|
|
||||||
use_existing_cloudwatch_log_group | Whether to use an existing CloudWatch log group or create new | bool | false |
|
|
||||||
cloudwatch_logs_retention_in_days | Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | number | false |
|
|
||||||
build_in_docker | Whether to build dependencies in Docker | bool | false |
|
|
||||||
tracing_mode | Tracing mode of the Lambda Function. Valid value can be either PassThrough or Active. | string | false |
|
|
||||||
role_force_detach_policies | Specifies to force detaching any policies the IAM role has before destroying it. | bool | false |
|
|
||||||
policy_jsons | List of additional policy documents as JSON to attach to Lambda Function role | list(string) | false |
|
|
||||||
ignore_source_code_hash | Whether to ignore changes to the function's source code hash. Set to true if you manage infrastructure and code deployments separately. | bool | false |
|
|
||||||
tags | A map of tags to assign to resources. | map(string) | false |
|
|
||||||
license_info | License info for your Lambda Layer. Eg, MIT or full url of a license. | string | false |
|
|
||||||
event_source_mapping | Map of event source mapping | any | false |
|
|
||||||
number_of_policy_jsons | Number of policies JSON to attach to IAM role for Lambda Function | number | false |
|
|
||||||
policy | An additional policy document ARN to attach to the Lambda Function role | string | false |
|
|
||||||
s3_acl | The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private. | string | false |
|
|
||||||
maximum_event_age_in_seconds | Maximum age of a request that Lambda sends to a function for processing in seconds. Valid values between 60 and 21600. | number | false |
|
|
||||||
provisioned_concurrent_executions | Amount of capacity to allocate. Set to 1 or greater to enable, or set to 0 to disable provisioned concurrency. | number | false |
|
|
||||||
hash_extra | The string to add into hashing function. Useful when building same source path for different functions. | string | false |
|
|
||||||
docker_build_root | Root dir where to build in Docker | string | false |
|
|
||||||
create | Controls whether resources should be created | bool | false |
|
|
||||||
runtime | Lambda Function runtime | string | false |
|
|
||||||
create_async_event_config | Controls whether async event configuration for Lambda Function/Alias should be created | bool | false |
|
|
||||||
attach_policy_json | Controls whether policy_json should be added to IAM role for Lambda Function | bool | false |
|
|
||||||
policy_path | Path of policies to that should be added to IAM role for Lambda Function | string | false |
|
|
||||||
policy_statements | Map of dynamic policy statements to attach to Lambda Function role | any | false |
|
|
||||||
attach_policies | Controls whether list of policies should be added to IAM role for Lambda Function | bool | false |
|
|
||||||
create_function | Controls whether Lambda Function resource should be created | bool | false |
|
|
||||||
handler | Lambda Function entrypoint in your code | string | false |
|
|
||||||
lambda_role | IAM role ARN attached to the Lambda Function. This governs both who / what can invoke your Lambda Function, as well as what resources our Lambda Function has access to. See Lambda Permission Model for more details. | string | false |
|
|
||||||
compatible_architectures | A list of Architectures Lambda layer is compatible with. Currently x86_64 and arm64 can be specified. | list(string) | false |
|
|
||||||
create_current_version_allowed_triggers | Whether to allow triggers on current version of Lambda Function (this will revoke permissions from previous version because Terraform manages only current resources) | bool | false |
|
|
||||||
role_name | Name of IAM role to use for Lambda Function | string | false |
|
|
||||||
attach_dead_letter_policy | Controls whether SNS/SQS dead letter notification policy should be added to IAM role for Lambda Function | bool | false |
|
|
||||||
artifacts_dir | Directory name where artifacts should be stored | string | false |
|
|
||||||
architectures | Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. | list(string) | false |
|
|
||||||
memory_size | Amount of memory in MB your Lambda Function can use at runtime. Valid value between 128 MB to 10,240 MB (10 GB), in 64 MB increments. | number | false |
|
|
||||||
dead_letter_target_arn | The ARN of an SNS topic or SQS queue to notify when an invocation fails. | string | false |
|
|
||||||
layer_skip_destroy | Whether to retain the old version of a previously deployed Lambda Layer. | bool | false |
|
|
||||||
cloudwatch_logs_kms_key_id | The ARN of the KMS Key to use when encrypting log data. | string | false |
|
|
||||||
role_tags | A map of tags to assign to IAM role | map(string) | false |
|
|
||||||
policies | List of policy statements ARN to attach to Lambda Function role | list(string) | false |
|
|
||||||
vpc_subnet_ids | List of subnet ids when Lambda Function should run in the VPC. Usually private or intra subnets. | list(string) | false |
|
|
||||||
s3_object_tags | A map of tags to assign to S3 bucket object. | map(string) | false |
|
|
||||||
s3_object_tags_only | Set to true to not merge tags with s3_object_tags. Useful to avoid breaching S3 Object 10 tag limit. | bool | false |
|
|
||||||
image_config_entry_point | The ENTRYPOINT for the docker image | list(string) | false |
|
image_config_entry_point | The ENTRYPOINT for the docker image | list(string) | false |
|
||||||
allowed_triggers | Map of allowed triggers to create Lambda permissions | map(any) | false |
|
allowed_triggers | Map of allowed triggers to create Lambda permissions | map(any) | false |
|
||||||
|
cloudwatch_logs_tags | A map of tags to assign to the resource. | map(string) | false |
|
||||||
|
role_path | Path of IAM role to use for Lambda Function | string | false |
|
||||||
|
role_force_detach_policies | Specifies to force detaching any policies the IAM role has before destroying it. | bool | false |
|
||||||
role_permissions_boundary | The ARN of the policy that is used to set the permissions boundary for the IAM role used by Lambda Function | string | false |
|
role_permissions_boundary | The ARN of the policy that is used to set the permissions boundary for the IAM role used by Lambda Function | string | false |
|
||||||
s3_prefix | Directory name where artifacts should be stored in the S3 bucket. If unset, the path from `artifacts_dir` is used | string | false |
|
attach_policy_statements | Controls whether policy_statements should be added to IAM role for Lambda Function | bool | false |
|
||||||
|
timeout | The amount of time your Lambda Function has to run in seconds. | number | false |
|
||||||
|
file_system_local_mount_path | The path where the function can access the file system, starting with /mnt/. | string | false |
|
||||||
|
architectures | Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. | list(string) | false |
|
||||||
|
layer_skip_destroy | Whether to retain the old version of a previously deployed Lambda Layer. | bool | false |
|
||||||
|
compatible_architectures | A list of Architectures Lambda layer is compatible with. Currently x86_64 and arm64 can be specified. | list(string) | false |
|
||||||
|
create_async_event_config | Controls whether async event configuration for Lambda Function/Alias should be created | bool | false |
|
||||||
|
create_unqualified_alias_allowed_triggers | Whether to allow triggers on unqualified alias pointing to $LATEST version | bool | false |
|
||||||
|
use_existing_cloudwatch_log_group | Whether to use an existing CloudWatch log group or create new | bool | false |
|
||||||
|
file_system_arn | The Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system. | string | false |
|
||||||
|
layers | List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. | list(string) | false |
|
||||||
|
ignore_source_code_hash | Whether to ignore changes to the function's source code hash. Set to true if you manage infrastructure and code deployments separately. | bool | false |
|
||||||
|
kms_key_arn | The ARN of KMS key to use by your Lambda Function | string | false |
|
||||||
|
vpc_security_group_ids | List of security group ids when Lambda Function should run in the VPC. | list(string) | false |
|
||||||
|
s3_object_tags | A map of tags to assign to S3 bucket object. | map(string) | false |
|
||||||
|
image_config_command | The CMD for the docker image | list(string) | false |
|
||||||
|
attach_dead_letter_policy | Controls whether SNS/SQS dead letter notification policy should be added to IAM role for Lambda Function | bool | false |
|
||||||
|
attach_tracing_policy | Controls whether X-Ray tracing policy should be added to IAM role for Lambda Function | bool | false |
|
||||||
|
local_existing_package | The absolute path to an existing zip-file to use | string | false |
|
||||||
|
create_function | Controls whether Lambda Function resource should be created | bool | false |
|
||||||
|
s3_server_side_encryption | Specifies server-side encryption of the object in S3. Valid values are "AES256" and "aws:kms". | string | false |
|
||||||
|
cloudwatch_logs_kms_key_id | The ARN of the KMS Key to use when encrypting log data. | string | false |
|
||||||
|
number_of_policy_jsons | Number of policies JSON to attach to IAM role for Lambda Function | number | false |
|
||||||
|
policies | List of policy statements ARN to attach to Lambda Function role | list(string) | false |
|
||||||
|
build_in_docker | Whether to build dependencies in Docker | bool | false |
|
||||||
|
lambda_role | IAM role ARN attached to the Lambda Function. This governs both who / what can invoke your Lambda Function, as well as what resources our Lambda Function has access to. See Lambda Permission Model for more details. | string | false |
|
||||||
lambda_at_edge | Set this to true if using Lambda@Edge, to enable publishing, limit the timeout, and allow edgelambda.amazonaws.com to invoke the function | bool | false |
|
lambda_at_edge | Set this to true if using Lambda@Edge, to enable publishing, limit the timeout, and allow edgelambda.amazonaws.com to invoke the function | bool | false |
|
||||||
description | Description of your Lambda Function (or Layer) | string | false |
|
description | Description of your Lambda Function (or Layer) | string | false |
|
||||||
environment_variables | A map that defines environment variables for the Lambda Function. | map(string) | false |
|
image_uri | The ECR image URI containing the function's deployment package. | string | false |
|
||||||
image_config_command | The CMD for the docker image | list(string) | false |
|
role_description | Description of IAM role to use for Lambda Function | string | false |
|
||||||
layer_name | Name of Lambda Layer to create | string | false |
|
|
||||||
create_unqualified_alias_allowed_triggers | Whether to allow triggers on unqualified alias pointing to $LATEST version | bool | false |
|
|
||||||
role_path | Path of IAM role to use for Lambda Function | string | false |
|
|
||||||
s3_existing_package | The S3 bucket object with keys bucket, key, version pointing to an existing zip-file to use | map(string) | false |
|
|
||||||
docker_with_ssh_agent | Whether to pass SSH_AUTH_SOCK into docker environment or not | bool | false |
|
|
||||||
function_name | A unique name for your Lambda Function | string | false |
|
|
||||||
publish | Whether to publish creation/change as new Lambda Function Version. | bool | false |
|
|
||||||
image_config_working_directory | The working directory for the docker image | string | false |
|
|
||||||
create_current_version_async_event_config | Whether to allow async event configuration on current version of Lambda Function (this will revoke permissions from previous version because Terraform manages only current resources) | bool | false |
|
|
||||||
assume_role_policy_statements | Map of dynamic policy statements for assuming Lambda Function role (trust relationship) | any | false |
|
|
||||||
policy_json | An additional policy document as JSON to attach to the Lambda Function role | string | false |
|
|
||||||
s3_bucket | S3 bucket to store artifacts | string | false |
|
|
||||||
docker_image | Docker image to use for the build | string | false |
|
|
||||||
create_package | Controls whether Lambda package should be created | bool | false |
|
create_package | Controls whether Lambda package should be created | bool | false |
|
||||||
create_role | Controls whether IAM role for Lambda Function should be created | bool | false |
|
runtime | Lambda Function runtime | string | false |
|
||||||
vpc_security_group_ids | List of security group ids when Lambda Function should run in the VPC. | list(string) | false |
|
package_type | The Lambda deployment package type. Valid options: Zip or Image | string | false |
|
||||||
maximum_retry_attempts | Maximum number of times to retry when the function returns an error. Valid values between 0 and 2. Defaults to 2. | number | false |
|
layer_name | Name of Lambda Layer to create | string | false |
|
||||||
attach_policy_jsons | Controls whether policy_jsons should be added to IAM role for Lambda Function | bool | false |
|
license_info | License info for your Lambda Layer. Eg, MIT or full url of a license. | string | false |
|
||||||
attach_policy | Controls whether policy should be added to IAM role for Lambda Function | bool | false |
|
create_current_version_async_event_config | Whether to allow async event configuration on current version of Lambda Function (this will revoke permissions from previous version because Terraform manages only current resources) | bool | false |
|
||||||
source_path | The absolute path to a local file or directory containing your Lambda source code | any | false |
|
maximum_event_age_in_seconds | Maximum age of a request that Lambda sends to a function for processing in seconds. Valid values between 60 and 21600. | number | false |
|
||||||
recreate_missing_package | Whether to recreate missing Lambda package if it is missing locally or not | bool | false |
|
provisioned_concurrent_executions | Amount of capacity to allocate. Set to 1 or greater to enable, or set to 0 to disable provisioned concurrency. | number | false |
|
||||||
cloudwatch_logs_tags | A map of tags to assign to the resource. | map(string) | false |
|
putin_khuylo | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | bool | false |
|
||||||
attach_tracing_policy | Controls whether X-Ray tracing policy should be added to IAM role for Lambda Function | bool | false |
|
event_source_mapping | Map of event source mapping | any | false |
|
||||||
number_of_policies | Number of policies to attach to IAM role for Lambda Function | number | false |
|
s3_object_storage_class | Specifies the desired Storage Class for the artifact uploaded to S3. Can be either STANDARD, REDUCED_REDUNDANCY, ONEZONE_IA, INTELLIGENT_TIERING, or STANDARD_IA. | string | false |
|
||||||
file_system_local_mount_path | The path where the function can access the file system, starting with /mnt/. | string | false |
|
create_current_version_allowed_triggers | Whether to allow triggers on current version of Lambda Function (this will revoke permissions from previous version because Terraform manages only current resources) | bool | false |
|
||||||
docker_pip_cache | Whether to mount a shared pip cache folder into docker environment or not | any | false |
|
|
||||||
create_layer | Controls whether Lambda Layer resource should be created | bool | false |
|
|
||||||
create_unqualified_alias_async_event_config | Whether to allow async event configuration on unqualified alias pointing to $LATEST version | bool | false |
|
|
||||||
destination_on_failure | Amazon Resource Name (ARN) of the destination resource for failed asynchronous invocations | string | false |
|
|
||||||
attach_network_policy | Controls whether VPC/network policy should be added to IAM role for Lambda Function | bool | false |
|
attach_network_policy | Controls whether VPC/network policy should be added to IAM role for Lambda Function | bool | false |
|
||||||
|
hash_extra | The string to add into hashing function. Useful when building same source path for different functions. | string | false |
|
||||||
|
function_name | A unique name for your Lambda Function | string | false |
|
||||||
|
tracing_mode | Tracing mode of the Lambda Function. Valid value can be either PassThrough or Active. | string | false |
|
||||||
|
policy_json | An additional policy document as JSON to attach to the Lambda Function role | string | false |
|
||||||
|
environment_variables | A map that defines environment variables for the Lambda Function. | map(string) | false |
|
||||||
|
artifacts_dir | Directory name where artifacts should be stored | string | false |
|
||||||
|
attach_policy_json | Controls whether policy_json should be added to IAM role for Lambda Function | bool | false |
|
||||||
|
cloudwatch_logs_retention_in_days | Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | number | false |
|
||||||
|
policy_statements | Map of dynamic policy statements to attach to Lambda Function role | any | false |
|
||||||
|
s3_prefix | Directory name where artifacts should be stored in the S3 bucket. If unset, the path from `artifacts_dir` is used | string | false |
|
||||||
|
docker_file | Path to a Dockerfile when building in Docker | string | false |
|
||||||
|
docker_build_root | Root dir where to build in Docker | string | false |
|
||||||
|
docker_image | Docker image to use for the build | string | false |
|
||||||
|
compatible_runtimes | A list of Runtimes this layer is compatible with. Up to 5 runtimes can be specified. | list(string) | false |
|
||||||
|
s3_object_tags_only | Set to true to not merge tags with s3_object_tags. Useful to avoid breaching S3 Object 10 tag limit. | bool | false |
|
||||||
|
create_unqualified_alias_async_event_config | Whether to allow async event configuration on unqualified alias pointing to $LATEST version | bool | false |
|
||||||
|
maximum_retry_attempts | Maximum number of times to retry when the function returns an error. Valid values between 0 and 2. Defaults to 2. | number | false |
|
||||||
|
destination_on_failure | Amazon Resource Name (ARN) of the destination resource for failed asynchronous invocations | string | false |
|
||||||
|
assume_role_policy_statements | Map of dynamic policy statements for assuming Lambda Function role (trust relationship) | any | false |
|
||||||
|
policy_jsons | List of additional policy documents as JSON to attach to Lambda Function role | list(string) | false |
|
||||||
|
s3_existing_package | The S3 bucket object with keys bucket, key, version pointing to an existing zip-file to use | map(string) | false |
|
||||||
|
memory_size | Amount of memory in MB your Lambda Function can use at runtime. Valid value between 128 MB to 10,240 MB (10 GB), in 64 MB increments. | number | false |
|
||||||
|
store_on_s3 | Whether to store produced artifacts on S3 or locally. | bool | false |
|
||||||
|
tags | A map of tags to assign to resources. | map(string) | false |
|
||||||
|
image_config_working_directory | The working directory for the docker image | string | false |
|
||||||
|
attach_async_event_policy | Controls whether async event policy should be added to IAM role for Lambda Function | bool | false |
|
||||||
|
attach_policy | Controls whether policy should be added to IAM role for Lambda Function | bool | false |
|
||||||
|
policy_path | Path of policies to that should be added to IAM role for Lambda Function | string | false |
|
||||||
|
trusted_entities | List of additional trusted entities for assuming Lambda Function role (trust relationship) | any | false |
|
||||||
|
vpc_subnet_ids | List of subnet ids when Lambda Function should run in the VPC. Usually private or intra subnets. | list(string) | false |
|
||||||
|
create_role | Controls whether IAM role for Lambda Function should be created | bool | false |
|
||||||
|
create | Controls whether resources should be created | bool | false |
|
||||||
|
dead_letter_target_arn | The ARN of an SNS topic or SQS queue to notify when an invocation fails. | string | false |
|
||||||
|
role_tags | A map of tags to assign to IAM role | map(string) | false |
|
||||||
|
attach_cloudwatch_logs_policy | Controls whether CloudWatch Logs policy should be added to IAM role for Lambda Function | bool | false |
|
||||||
|
attach_policies | Controls whether list of policies should be added to IAM role for Lambda Function | bool | false |
|
||||||
|
s3_acl | The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private. | string | false |
|
||||||
|
recreate_missing_package | Whether to recreate missing Lambda package if it is missing locally or not | bool | false |
|
||||||
|
publish | Whether to publish creation/change as new Lambda Function Version. | bool | false |
|
||||||
|
handler | Lambda Function entrypoint in your code | string | false |
|
||||||
|
destination_on_success | Amazon Resource Name (ARN) of the destination resource for successful asynchronous invocations | string | false |
|
||||||
|
attach_policy_jsons | Controls whether policy_jsons should be added to IAM role for Lambda Function | bool | false |
|
||||||
|
policy | An additional policy document ARN to attach to the Lambda Function role | string | false |
|
||||||
|
docker_with_ssh_agent | Whether to pass SSH_AUTH_SOCK into docker environment or not | bool | false |
|
||||||
|
create_layer | Controls whether Lambda Layer resource should be created | bool | false |
|
||||||
|
role_name | Name of IAM role to use for Lambda Function | string | false |
|
||||||
|
number_of_policies | Number of policies to attach to IAM role for Lambda Function | number | false |
|
||||||
|
s3_bucket | S3 bucket to store artifacts | string | false |
|
||||||
|
source_path | The absolute path to a local file or directory containing your Lambda source code | any | false |
|
||||||
|
docker_pip_cache | Whether to mount a shared pip cache folder into docker environment or not | any | false |
|
||||||
|
reserved_concurrent_executions | The amount of reserved concurrent executions for this Lambda Function. A value of 0 disables Lambda Function from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. | number | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,30 @@
|
||||||
|
---
|
||||||
|
title: AWS LOG-GROUP
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
create | Whether to create the Cloudwatch log group | bool | false |
|
||||||
|
name | A name for the log group | string | false |
|
||||||
|
name_prefix | A name prefix for the log group | string | false |
|
||||||
|
retention_in_days | Specifies the number of days you want to retain log events in the specified log group | number | false |
|
||||||
|
kms_key_id | The ARN of the KMS Key to use when encrypting logs | string | false |
|
||||||
|
tags | A map of tags to add to Cloudwatch log group | map(string) | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,32 @@
|
||||||
|
---
|
||||||
|
title: AWS LOG-METRIC-FILTER
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
metric_transformation_default_value | The value to emit when a filter pattern does not match a log event. | string | false |
|
||||||
|
create_cloudwatch_log_metric_filter | Whether to create the Cloudwatch log metric filter | bool | false |
|
||||||
|
name | A name for the metric filter. | string | true |
|
||||||
|
pattern | A valid CloudWatch Logs filter pattern for extracting metric data out of ingested log events. | string | true |
|
||||||
|
log_group_name | The name of the log group to associate the metric filter with | string | true |
|
||||||
|
metric_transformation_name | The name of the CloudWatch metric to which the monitored log information should be published (e.g. ErrorCount) | string | true |
|
||||||
|
metric_transformation_namespace | The destination namespace of the CloudWatch metric. | string | true |
|
||||||
|
metric_transformation_value | What to publish to the metric. For example, if you're counting the occurrences of a particular term like 'Error', the value will be '1' for each occurrence. If you're counting the bytes transferred the published value will be the value in the log event. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,47 @@
|
||||||
|
---
|
||||||
|
title: AWS METRIC-ALARM
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
threshold | The value against which the specified statistic is compared. | number | false |
|
||||||
|
metric_name | The name for the alarm's associated metric. See docs for supported metrics. | string | false |
|
||||||
|
alarm_actions | The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
alarm_description | The description for the alarm. | string | false |
|
||||||
|
namespace | The namespace for the alarm's associated metric. See docs for the list of namespaces. See docs for supported metrics. | string | false |
|
||||||
|
period | The period in seconds over which the specified statistic is applied. | string | false |
|
||||||
|
datapoints_to_alarm | The number of datapoints that must be breaching to trigger the alarm. | number | false |
|
||||||
|
metric_query | Enables you to create an alarm based on a metric math expression. You may specify at most 20. | any | false |
|
||||||
|
tags | A mapping of tags to assign to all resources | map(string) | false |
|
||||||
|
comparison_operator | The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold. | string | true |
|
||||||
|
threshold_metric_id | If this is an alarm based on an anomaly detection model, make this value match the ID of the ANOMALY_DETECTION_BAND function. | string | false |
|
||||||
|
statistic | The statistic to apply to the alarm's associated metric. Either of the following is supported: SampleCount, Average, Sum, Minimum, Maximum | string | false |
|
||||||
|
actions_enabled | Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to true. | bool | false |
|
||||||
|
extended_statistic | The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100. | string | false |
|
||||||
|
treat_missing_data | Sets how this alarm is to handle missing data points. The following values are supported: missing, ignore, breaching and notBreaching. | string | false |
|
||||||
|
ok_actions | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
evaluate_low_sample_count_percentiles | Used only for alarms based on percentiles. If you specify ignore, the alarm state will not change during periods with too few data points to be statistically significant. If you specify evaluate or omit this parameter, the alarm will always be evaluated and possibly change state no matter how many data points are available. The following values are supported: ignore, and evaluate. | string | false |
|
||||||
|
create_metric_alarm | Whether to create the Cloudwatch metric alarm | bool | false |
|
||||||
|
alarm_name | The descriptive name for the alarm. This name must be unique within the user's AWS account. | string | true |
|
||||||
|
evaluation_periods | The number of periods over which data is compared to the specified threshold. | number | true |
|
||||||
|
unit | The unit for the alarm's associated metric. | string | false |
|
||||||
|
dimensions | The dimensions for the alarm's associated metric. | any | false |
|
||||||
|
insufficient_data_actions | The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,46 @@
|
||||||
|
---
|
||||||
|
title: AWS METRIC-ALARMS-BY-MULTIPLE-DIMENSIONS
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform module which creates Cloudwatch resources on AWS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
statistic | The statistic to apply to the alarm's associated metric. Either of the following is supported: SampleCount, Average, Sum, Minimum, Maximum | string | false |
|
||||||
|
actions_enabled | Indicates whether or not actions should be executed during any changes to the alarm's state. Defaults to true. | bool | false |
|
||||||
|
dimensions | The dimensions for the alarm's associated metric. | any | false |
|
||||||
|
insufficient_data_actions | The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
treat_missing_data | Sets how this alarm is to handle missing data points. The following values are supported: missing, ignore, breaching and notBreaching. | string | false |
|
||||||
|
create_metric_alarm | Whether to create the Cloudwatch metric alarm | bool | false |
|
||||||
|
alarm_description | The description for the alarm. | string | false |
|
||||||
|
comparison_operator | The arithmetic operation to use when comparing the specified Statistic and Threshold. The specified Statistic value is used as the first operand. Either of the following is supported: GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold. | string | true |
|
||||||
|
tags | A mapping of tags to assign to all resources | map(string) | false |
|
||||||
|
datapoints_to_alarm | The number of datapoints that must be breaching to trigger the alarm. | number | false |
|
||||||
|
alarm_actions | The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
ok_actions | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). | list(string) | false |
|
||||||
|
alarm_name | The descriptive name for the alarm. This name must be unique within the user's AWS account. | string | true |
|
||||||
|
threshold | The value against which the specified statistic is compared. | number | true |
|
||||||
|
period | The period in seconds over which the specified statistic is applied. | string | false |
|
||||||
|
unit | The unit for the alarm's associated metric. | string | false |
|
||||||
|
evaluate_low_sample_count_percentiles | Used only for alarms based on percentiles. If you specify ignore, the alarm state will not change during periods with too few data points to be statistically significant. If you specify evaluate or omit this parameter, the alarm will always be evaluated and possibly change state no matter how many data points are available. The following values are supported: ignore, and evaluate. | string | false |
|
||||||
|
metric_query | Enables you to create an alarm based on a metric math expression. You may specify at most 20. | any | false |
|
||||||
|
extended_statistic | The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100. | string | false |
|
||||||
|
evaluation_periods | The number of periods over which data is compared to the specified threshold. | number | true |
|
||||||
|
metric_name | The name for the alarm's associated metric. See docs for supported metrics. | string | false |
|
||||||
|
namespace | The namespace for the alarm's associated metric. See docs for the list of namespaces. See docs for supported metrics. | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -0,0 +1,54 @@
|
||||||
|
---
|
||||||
|
title: AWS MQ
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
AWS MQ
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
maintenance_time_zone | The maintenance time zone, in either the Country/City format, or the UTC offset format. e.g. CET | string | false |
|
||||||
|
vpc_id | VPC ID to create the broker in | string | true |
|
||||||
|
apply_immediately | Specifies whether any cluster modifications are applied immediately, or during the next maintenance window | bool | false |
|
||||||
|
mq_application_password | Application password | string | false |
|
||||||
|
security_group_use_name_prefix | Whether to create a default Security Group with unique name beginning with the normalized prefix. | bool | false |
|
||||||
|
use_aws_owned_key | Boolean to enable an AWS owned Key Management Service (KMS) Customer Master Key (CMK) for Amazon MQ encryption that is not in your account | bool | false |
|
||||||
|
engine_type | Type of broker engine, `ActiveMQ` or `RabbitMQ` | string | false |
|
||||||
|
subnet_ids | List of VPC subnet IDs | list(string) | true |
|
||||||
|
ssm_path | SSM path | string | false |
|
||||||
|
security_group_enabled | Whether to create Security Group. | bool | false |
|
||||||
|
kms_mq_key_arn | ARN of the AWS KMS key used for Amazon MQ encryption | string | false |
|
||||||
|
host_instance_type | The broker's instance type. e.g. mq.t2.micro or mq.m4.large | string | false |
|
||||||
|
publicly_accessible | Whether to enable connections from applications outside of the VPC that hosts the broker's subnets | bool | false |
|
||||||
|
mq_application_user | Application username | string | false |
|
||||||
|
maintenance_day_of_week | The maintenance day of the week. e.g. MONDAY, TUESDAY, or WEDNESDAY | string | false |
|
||||||
|
security_group_description | The Security Group description. | string | false |
|
||||||
|
encryption_enabled | Flag to enable/disable Amazon MQ encryption at rest | bool | false |
|
||||||
|
mq_admin_user | Admin username | string | false |
|
||||||
|
security_group_rules | A list of maps of Security Group rules. \nThe values of map is fully complated with `aws_security_group_rule` resource. \nTo get more info see https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule .\n | list(any) | false |
|
||||||
|
security_groups | A list of Security Group IDs to associate with AmazonMQ. | list(string) | false |
|
||||||
|
ssm_parameter_name_format | SSM parameter name format | string | false |
|
||||||
|
auto_minor_version_upgrade | Enables automatic upgrades to new minor versions for brokers, as Apache releases the versions | bool | false |
|
||||||
|
general_log_enabled | Enables general logging via CloudWatch | bool | false |
|
||||||
|
maintenance_time_of_day | The maintenance time, in 24-hour format. e.g. 02:00 | string | false |
|
||||||
|
mq_admin_password | Admin password | string | false |
|
||||||
|
overwrite_ssm_parameter | Whether to overwrite an existing SSM parameter | bool | false |
|
||||||
|
kms_ssm_key_arn | ARN of the AWS KMS key used for SSM encryption | string | false |
|
||||||
|
deployment_mode | The deployment mode of the broker. Supported: SINGLE_INSTANCE and ACTIVE_STANDBY_MULTI_AZ | string | false |
|
||||||
|
engine_version | The version of the broker engine. See https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html for more details | string | false |
|
||||||
|
audit_log_enabled | Enables audit logging. User management action made using JMX or the ActiveMQ Web Console is logged | bool | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -13,37 +13,37 @@ Terraform module which creates SNS topic and Lambda function which sends notific
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
lambda_function_name | The name of the Lambda function to create | string | false |
|
lambda_function_tags | Additional tags for the Lambda function | map(string) | false |
|
||||||
lambda_description | The description of the Lambda function | string | false |
|
|
||||||
slack_channel | The name of the channel in Slack for notifications | string | true |
|
|
||||||
subscription_filter_policy | (Optional) A valid filter policy that will be used in the subscription to filter messages seen by the target resource. | string | false |
|
|
||||||
lambda_role | IAM role attached to the Lambda Function. If this is set then a role will not be created for you. | string | false |
|
|
||||||
sns_topic_kms_key_id | ARN of the KMS key used for enabling SSE on the topic | string | false |
|
|
||||||
slack_emoji | A custom emoji that will appear on Slack messages | string | false |
|
|
||||||
tags | A map of tags to add to all resources | map(string) | false |
|
|
||||||
lambda_function_s3_bucket | S3 bucket to store artifacts | string | false |
|
|
||||||
create | Whether to create all resources | bool | false |
|
|
||||||
lambda_function_vpc_subnet_ids | List of subnet ids when Lambda Function should run in the VPC. Usually private or intra subnets. | list(string) | false |
|
lambda_function_vpc_subnet_ids | List of subnet ids when Lambda Function should run in the VPC. Usually private or intra subnets. | list(string) | false |
|
||||||
iam_role_path | Path of IAM role to use for Lambda Function | string | false |
|
lambda_role | IAM role attached to the Lambda Function. If this is set then a role will not be created for you. | string | false |
|
||||||
reserved_concurrent_executions | The amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations | number | false |
|
sns_topic_name | The name of the SNS topic to create | string | true |
|
||||||
|
slack_channel | The name of the channel in Slack for notifications | string | true |
|
||||||
cloudwatch_log_group_retention_in_days | Specifies the number of days you want to retain log events in log group for Lambda. | number | false |
|
cloudwatch_log_group_retention_in_days | Specifies the number of days you want to retain log events in log group for Lambda. | number | false |
|
||||||
lambda_function_store_on_s3 | Whether to store produced artifacts on S3 or locally. | bool | false |
|
tags | A map of tags to add to all resources | map(string) | false |
|
||||||
|
lambda_function_name | The name of the Lambda function to create | string | false |
|
||||||
|
slack_webhook_url | The URL of Slack webhook | string | true |
|
||||||
|
slack_emoji | A custom emoji that will appear on Slack messages | string | false |
|
||||||
|
subscription_filter_policy | (Optional) A valid filter policy that will be used in the subscription to filter messages seen by the target resource. | string | false |
|
||||||
|
create_sns_topic | Whether to create new SNS topic | bool | false |
|
||||||
|
iam_policy_path | Path of policies to that should be added to IAM role for Lambda Function | string | false |
|
||||||
sns_topic_tags | Additional tags for the SNS topic | map(string) | false |
|
sns_topic_tags | Additional tags for the SNS topic | map(string) | false |
|
||||||
cloudwatch_log_group_tags | Additional tags for the Cloudwatch log group | map(string) | false |
|
cloudwatch_log_group_tags | Additional tags for the Cloudwatch log group | map(string) | false |
|
||||||
cloudwatch_log_group_kms_key_id | The ARN of the KMS Key to use when encrypting log data for Lambda | string | false |
|
|
||||||
iam_role_name_prefix | A unique role name beginning with the specified prefix | string | false |
|
|
||||||
create_sns_topic | Whether to create new SNS topic | bool | false |
|
|
||||||
sns_topic_name | The name of the SNS topic to create | string | true |
|
|
||||||
slack_webhook_url | The URL of Slack webhook | string | true |
|
|
||||||
recreate_missing_package | Whether to recreate missing Lambda package if it is missing locally or not | bool | false |
|
|
||||||
log_events | Boolean flag to enabled/disable logging of incoming events | bool | false |
|
|
||||||
lambda_function_tags | Additional tags for the Lambda function | map(string) | false |
|
|
||||||
lambda_function_vpc_security_group_ids | List of security group ids when Lambda Function should run in the VPC. | list(string) | false |
|
|
||||||
slack_username | The username that will appear on Slack messages | string | true |
|
|
||||||
kms_key_arn | ARN of the KMS key used for decrypting slack webhook url | string | false |
|
kms_key_arn | ARN of the KMS key used for decrypting slack webhook url | string | false |
|
||||||
|
lambda_function_vpc_security_group_ids | List of security group ids when Lambda Function should run in the VPC. | list(string) | false |
|
||||||
|
lambda_function_s3_bucket | S3 bucket to store artifacts | string | false |
|
||||||
|
create | Whether to create all resources | bool | false |
|
||||||
|
sns_topic_kms_key_id | ARN of the KMS key used for enabling SSE on the topic | string | false |
|
||||||
|
recreate_missing_package | Whether to recreate missing Lambda package if it is missing locally or not | bool | false |
|
||||||
|
reserved_concurrent_executions | The amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations | number | false |
|
||||||
iam_role_tags | Additional tags for the IAM role | map(string) | false |
|
iam_role_tags | Additional tags for the IAM role | map(string) | false |
|
||||||
|
lambda_function_store_on_s3 | Whether to store produced artifacts on S3 or locally. | bool | false |
|
||||||
|
lambda_description | The description of the Lambda function | string | false |
|
||||||
|
slack_username | The username that will appear on Slack messages | string | true |
|
||||||
|
cloudwatch_log_group_kms_key_id | The ARN of the KMS Key to use when encrypting log data for Lambda | string | false |
|
||||||
|
iam_role_path | Path of IAM role to use for Lambda Function | string | false |
|
||||||
|
log_events | Boolean flag to enabled/disable logging of incoming events | bool | false |
|
||||||
iam_role_boundary_policy_arn | The ARN of the policy that is used to set the permissions boundary for the role | string | false |
|
iam_role_boundary_policy_arn | The ARN of the policy that is used to set the permissions boundary for the role | string | false |
|
||||||
iam_policy_path | Path of policies to that should be added to IAM role for Lambda Function | string | false |
|
iam_role_name_prefix | A unique role name beginning with the specified prefix | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,89 +13,90 @@ Terraform module which creates RDS Aurora resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
s3_import | Configuration map used to restore from a Percona Xtrabackup in S3 (only MySQL is supported) | map(string) | false |
|
|
||||||
performance_insights_enabled | Specifies whether Performance Insights is enabled or not | bool | false |
|
|
||||||
monitoring_role_arn | IAM role used by RDS to send enhanced monitoring metrics to CloudWatch | string | false |
|
|
||||||
db_subnet_group_name | The name of the subnet group name (existing or created) | string | false |
|
|
||||||
subnets | List of subnet IDs used by database subnet group created | list(string) | false |
|
|
||||||
create_cluster | Whether cluster should be created (affects nearly all resources) | bool | false |
|
|
||||||
master_password | Password for the master DB user. Note - when specifying a value here, 'create_random_password' should be set to `false` | string | false |
|
|
||||||
iam_database_authentication_enabled | Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled | bool | false |
|
|
||||||
iam_role_path | Path for the monitoring role | string | false |
|
|
||||||
allowed_cidr_blocks | A list of CIDR blocks which are allowed to access the database | list(string) | false |
|
|
||||||
allow_major_version_upgrade | Enable to allow major engine version upgrades when changing engine versions. Defaults to `false` | bool | false |
|
|
||||||
deletion_protection | If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false` | bool | false |
|
|
||||||
enabled_cloudwatch_logs_exports | Set of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql` | list(string) | false |
|
|
||||||
cluster_timeouts | Create, update, and delete timeout configurations for the cluster | map(string) | false |
|
|
||||||
performance_insights_kms_key_id | The ARN for the KMS key to encrypt Performance Insights data | string | false |
|
|
||||||
iam_roles | Map of IAM roles and supported feature names to associate with the cluster | map(map(string)) | false |
|
|
||||||
autoscaling_scale_in_cooldown | Cooldown in seconds before allowing further scaling operations after a scale in | number | false |
|
|
||||||
create_db_subnet_group | Determines whether to create the databae subnet group or use existing | bool | false |
|
|
||||||
vpc_security_group_ids | List of VPC security groups to associate to the cluster in addition to the SG we create in this module | list(string) | false |
|
|
||||||
apply_immediately | Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false` | bool | false |
|
|
||||||
copy_tags_to_snapshot | Copy all Cluster `tags` to snapshots | bool | false |
|
|
||||||
db_parameter_group_name | The name of the DB parameter group to associate with instances | string | false |
|
|
||||||
create_security_group | Determines whether to create security group for RDS cluster | bool | false |
|
|
||||||
vpc_id | ID of the VPC where to create security group | string | false |
|
|
||||||
iam_role_use_name_prefix | Determines whether to use `iam_role_name` as is or create a unique name beginning with the `iam_role_name` as the prefix | bool | false |
|
|
||||||
iam_role_description | Description of the monitoring role | string | false |
|
|
||||||
iam_role_max_session_duration | Maximum session duration (in seconds) that you want to set for the monitoring role | number | false |
|
|
||||||
tags | A map of tags to add to all resources | map(string) | false |
|
|
||||||
enable_global_write_forwarding | Whether cluster should forward writes to an associated global cluster. Applied to secondary clusters to enable them to forward writes to an `aws_rds_global_cluster`'s primary cluster | bool | false |
|
|
||||||
master_username | Username for the master DB user | string | false |
|
|
||||||
snapshot_identifier | Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot | string | false |
|
|
||||||
storage_encrypted | Specifies whether the DB cluster is encrypted. The default is `true` | bool | false |
|
|
||||||
autoscaling_enabled | Determines whether autoscaling of the cluster read replicas is enabled | bool | false |
|
|
||||||
autoscaling_min_capacity | Minimum number of read replicas permitted when autoscaling is enabled | number | false |
|
|
||||||
name | Name used across resources created | string | false |
|
|
||||||
create_random_password | Determines whether to create random password for RDS primary cluster | bool | false |
|
|
||||||
autoscaling_scale_out_cooldown | Cooldown in seconds before allowing further scaling operations after a scale out | number | false |
|
|
||||||
security_group_tags | Additional tags for the security group | map(string) | false |
|
|
||||||
replication_source_identifier | ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica | string | false |
|
|
||||||
engine_mode | The database engine mode. Valid values: `global`, `multimaster`, `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned` | string | false |
|
|
||||||
source_region | The source region for an encrypted replica DB cluster | string | false |
|
|
||||||
restore_to_point_in_time | Map of nested attributes for cloning Aurora cluster | map(string) | false |
|
|
||||||
predefined_metric_type | The metric type to scale on. Valid values are `RDSReaderAverageCPUUtilization` and `RDSReaderAverageDatabaseConnections` | string | false |
|
|
||||||
security_group_description | The description of the security group. If value is set to empty string it will contain cluster name in the description | string | false |
|
|
||||||
allowed_security_groups | A list of Security Group ID's to allow access to | list(string) | false |
|
|
||||||
final_snapshot_identifier_prefix | The prefix name to use when creating a final snapshot on cluster destroy; a 8 random digits are appended to name to ensure it's unique | string | false |
|
|
||||||
publicly_accessible | Determines whether instances are publicly accessible. Default false | bool | false |
|
|
||||||
random_password_length | Length of random password to create. Defaults to `10` | number | false |
|
|
||||||
engine_version | The database engine version. Updating this argument results in an outage | string | false |
|
|
||||||
performance_insights_retention_period | Amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years) | number | false |
|
|
||||||
endpoints | Map of additional cluster endpoints and their attributes to be created | any | false |
|
|
||||||
autoscaling_max_capacity | Maximum number of read replicas permitted when autoscaling is enabled | number | false |
|
|
||||||
engine | The name of the database engine to be used for this DB cluster. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql` | string | false |
|
|
||||||
enable_http_endpoint | Enable HTTP endpoint (data API). Only valid when engine_mode is set to `serverless` | bool | false |
|
|
||||||
kms_key_id | The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to `true` | string | false |
|
|
||||||
preferred_backup_window | The daily time range during which automated backups are created if automated backups are enabled using the `backup_retention_period` parameter. Time in UTC | string | false |
|
|
||||||
preferred_maintenance_window | The weekly time range during which system maintenance can occur, in (UTC) | string | false |
|
|
||||||
scaling_configuration | Map of nested attributes with scaling properties. Only valid when `engine_mode` is set to `serverless` | map(string) | false |
|
|
||||||
monitoring_interval | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for instances. Set to `0` to disble. Default is `0` | number | false |
|
|
||||||
instance_timeouts | Create, update, and delete timeout configurations for the cluster instance(s) | map(string) | false |
|
|
||||||
iam_role_managed_policy_arns | Set of exclusive IAM managed policy ARNs to attach to the monitoring role | list(string) | false |
|
|
||||||
backup_retention_period | The days to retain backups for. Default `7` | number | false |
|
|
||||||
cluster_tags | A map of tags to add to only the cluster. Used for AWS Instance Scheduler tagging | map(string) | false |
|
|
||||||
create_monitoring_role | Determines whether to create the IAM role for RDS enhanced monitoring | bool | false |
|
|
||||||
autoscaling_target_connections | Average number of connections threshold which will initiate autoscaling. Default value is 70% of db.r4/r5/r6g.large's default max_connections | number | false |
|
|
||||||
security_group_egress_rules | A map of security group egress rule defintions to add to the security group created | map(any) | false |
|
|
||||||
global_cluster_identifier | The global cluster identifier specified on `aws_rds_global_cluster` | string | false |
|
|
||||||
db_cluster_db_instance_parameter_group_name | Instance parameter group to associate with all instances of the DB cluster. The `db_cluster_db_instance_parameter_group_name` is only valid in combination with `allow_major_version_upgrade` | string | false |
|
|
||||||
backtrack_window | The target backtrack window, in seconds. Only available for `aurora` engine currently. To disable backtracking, set this value to 0. Must be between 0 and 259200 (72 hours) | number | false |
|
|
||||||
instances_use_identifier_prefix | Determines whether cluster instance identifiers are used as prefixes | bool | false |
|
instances_use_identifier_prefix | Determines whether cluster instance identifiers are used as prefixes | bool | false |
|
||||||
ca_cert_identifier | The identifier of the CA certificate for the DB instance | string | false |
|
iam_roles | Map of IAM roles and supported feature names to associate with the cluster | map(map(string)) | false |
|
||||||
|
engine_version | The database engine version. Updating this argument results in an outage | string | false |
|
||||||
|
create_random_password | Determines whether to create random password for RDS primary cluster | bool | false |
|
||||||
|
random_password_length | Length of random password to create. Defaults to `10` | number | false |
|
||||||
|
port | The port on which the DB accepts connections | string | false |
|
||||||
|
copy_tags_to_snapshot | Copy all Cluster `tags` to snapshots | bool | false |
|
||||||
|
cluster_tags | A map of tags to add to only the cluster. Used for AWS Instance Scheduler tagging | map(string) | false |
|
||||||
|
create_security_group | Determines whether to create security group for RDS cluster | bool | false |
|
||||||
|
snapshot_identifier | Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot | string | false |
|
||||||
|
performance_insights_enabled | Specifies whether Performance Insights is enabled or not | bool | false |
|
||||||
|
iam_role_max_session_duration | Maximum session duration (in seconds) that you want to set for the monitoring role | number | false |
|
||||||
|
autoscaling_target_connections | Average number of connections threshold which will initiate autoscaling. Default value is 70% of db.r4/r5/r6g.large's default max_connections | number | false |
|
||||||
|
instance_class | Instance type to use at master instance. Note: if `autoscaling_enabled` is `true`, this will be the same instance class used on instances created by autoscaling | string | false |
|
||||||
|
db_parameter_group_name | The name of the DB parameter group to associate with instances | string | false |
|
||||||
|
create_db_subnet_group | Determines whether to create the databae subnet group or use existing | bool | false |
|
||||||
|
subnets | List of subnet IDs used by database subnet group created | list(string) | false |
|
||||||
|
enable_global_write_forwarding | Whether cluster should forward writes to an associated global cluster. Applied to secondary clusters to enable them to forward writes to an `aws_rds_global_cluster`'s primary cluster | bool | false |
|
||||||
|
engine | The name of the database engine to be used for this DB cluster. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql` | string | false |
|
||||||
|
preferred_backup_window | The daily time range during which automated backups are created if automated backups are enabled using the `backup_retention_period` parameter. Time in UTC | string | false |
|
||||||
|
cluster_timeouts | Create, update, and delete timeout configurations for the cluster | map(string) | false |
|
||||||
|
autoscaling_min_capacity | Minimum number of read replicas permitted when autoscaling is enabled | number | false |
|
||||||
|
autoscaling_target_cpu | CPU threshold which will initiate autoscaling | number | false |
|
||||||
|
security_group_egress_rules | A map of security group egress rule defintions to add to the security group created | map(any) | false |
|
||||||
|
tags | A map of tags to add to all resources | map(string) | false |
|
||||||
|
monitoring_interval | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for instances. Set to `0` to disble. Default is `0` | number | false |
|
||||||
|
performance_insights_retention_period | Amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years) | number | false |
|
||||||
|
iam_role_managed_policy_arns | Set of exclusive IAM managed policy ARNs to attach to the monitoring role | list(string) | false |
|
||||||
|
autoscaling_max_capacity | Maximum number of read replicas permitted when autoscaling is enabled | number | false |
|
||||||
|
allowed_cidr_blocks | A list of CIDR blocks which are allowed to access the database | list(string) | false |
|
||||||
|
instances | Map of cluster instances and any specific/overriding attributes to be created | any | false |
|
||||||
|
iam_role_path | Path for the monitoring role | string | false |
|
||||||
|
vpc_id | ID of the VPC where to create security group | string | false |
|
||||||
|
replication_source_identifier | ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica | string | false |
|
||||||
|
storage_encrypted | Specifies whether the DB cluster is encrypted. The default is `true` | bool | false |
|
||||||
|
iam_role_description | Description of the monitoring role | string | false |
|
||||||
|
master_username | Username for the master DB user | string | false |
|
||||||
|
allowed_security_groups | A list of Security Group ID's to allow access to | list(string) | false |
|
||||||
database_name | Name for an automatically created database on cluster creation | string | false |
|
database_name | Name for an automatically created database on cluster creation | string | false |
|
||||||
skip_final_snapshot | Determines whether a final snapshot is created before the cluster is deleted. If true is specified, no snapshot is created | bool | false |
|
skip_final_snapshot | Determines whether a final snapshot is created before the cluster is deleted. If true is specified, no snapshot is created | bool | false |
|
||||||
port | The port on which the DB accepts connections | string | false |
|
backup_retention_period | The days to retain backups for. Default `7` | number | false |
|
||||||
iam_role_force_detach_policies | Whether to force detaching any policies the monitoring role has before destroying it | bool | false |
|
vpc_security_group_ids | List of VPC security groups to associate to the cluster in addition to the SG we create in this module | list(string) | false |
|
||||||
autoscaling_target_cpu | CPU threshold which will initiate autoscaling | number | false |
|
security_group_tags | Additional tags for the security group | map(string) | false |
|
||||||
iam_role_name | Friendly name of the monitoring role | string | false |
|
db_subnet_group_name | The name of the subnet group name (existing or created) | string | false |
|
||||||
iam_role_permissions_boundary | The ARN of the policy that is used to set the permissions boundary for the monitoring role | string | false |
|
kms_key_id | The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to `true` | string | false |
|
||||||
is_primary_cluster | Determines whether cluster is primary cluster with writer instance (set to `false` for global cluster and replica clusters) | bool | false |
|
|
||||||
db_cluster_parameter_group_name | A cluster parameter group to associate with the cluster | string | false |
|
|
||||||
instances | Map of cluster instances and any specific/overriding attributes to be created | any | false |
|
|
||||||
instance_class | Instance type to use at master instance. Note: if `autoscaling_enabled` is `true`, this will be the same instance class used on instances created by autoscaling | string | false |
|
|
||||||
auto_minor_version_upgrade | Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true` | bool | false |
|
auto_minor_version_upgrade | Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true` | bool | false |
|
||||||
|
iam_role_force_detach_policies | Whether to force detaching any policies the monitoring role has before destroying it | bool | false |
|
||||||
|
autoscaling_scale_in_cooldown | Cooldown in seconds before allowing further scaling operations after a scale in | number | false |
|
||||||
|
iam_role_use_name_prefix | Determines whether to use `iam_role_name` as is or create a unique name beginning with the `iam_role_name` as the prefix | bool | false |
|
||||||
|
autoscaling_scale_out_cooldown | Cooldown in seconds before allowing further scaling operations after a scale out | number | false |
|
||||||
|
engine_mode | The database engine mode. Valid values: `global`, `multimaster`, `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned` | string | false |
|
||||||
|
apply_immediately | Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false` | bool | false |
|
||||||
|
scaling_configuration | Map of nested attributes with scaling properties. Only valid when `engine_mode` is set to `serverless` | map(string) | false |
|
||||||
|
publicly_accessible | Determines whether instances are publicly accessible. Default false | bool | false |
|
||||||
|
performance_insights_kms_key_id | The ARN for the KMS key to encrypt Performance Insights data | string | false |
|
||||||
|
create_monitoring_role | Determines whether to create the IAM role for RDS enhanced monitoring | bool | false |
|
||||||
|
allow_major_version_upgrade | Enable to allow major engine version upgrades when changing engine versions. Defaults to `false` | bool | false |
|
||||||
|
name | Name used across resources created | string | false |
|
||||||
|
deletion_protection | If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false` | bool | false |
|
||||||
|
db_cluster_parameter_group_name | A cluster parameter group to associate with the cluster | string | false |
|
||||||
|
db_cluster_db_instance_parameter_group_name | Instance parameter group to associate with all instances of the DB cluster. The `db_cluster_db_instance_parameter_group_name` is only valid in combination with `allow_major_version_upgrade` | string | false |
|
||||||
|
monitoring_role_arn | IAM role used by RDS to send enhanced monitoring metrics to CloudWatch | string | false |
|
||||||
|
security_group_description | The description of the security group. If value is set to empty string it will contain cluster name in the description | string | false |
|
||||||
|
create_cluster | Whether cluster should be created (affects nearly all resources) | bool | false |
|
||||||
|
is_primary_cluster | Determines whether cluster is primary cluster with writer instance (set to `false` for global cluster and replica clusters) | bool | false |
|
||||||
|
restore_to_point_in_time | Map of nested attributes for cloning Aurora cluster | map(string) | false |
|
||||||
|
iam_role_permissions_boundary | The ARN of the policy that is used to set the permissions boundary for the monitoring role | string | false |
|
||||||
|
autoscaling_enabled | Determines whether autoscaling of the cluster read replicas is enabled | bool | false |
|
||||||
|
predefined_metric_type | The metric type to scale on. Valid values are `RDSReaderAverageCPUUtilization` and `RDSReaderAverageDatabaseConnections` | string | false |
|
||||||
|
source_region | The source region for an encrypted replica DB cluster | string | false |
|
||||||
|
enable_http_endpoint | Enable HTTP endpoint (data API). Only valid when engine_mode is set to `serverless` | bool | false |
|
||||||
|
preferred_maintenance_window | The weekly time range during which system maintenance can occur, in (UTC) | string | false |
|
||||||
|
backtrack_window | The target backtrack window, in seconds. Only available for `aurora` engine currently. To disable backtracking, set this value to 0. Must be between 0 and 259200 (72 hours) | number | false |
|
||||||
|
enabled_cloudwatch_logs_exports | Set of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql` | list(string) | false |
|
||||||
|
endpoints | Map of additional cluster endpoints and their attributes to be created | any | false |
|
||||||
|
master_password | Password for the master DB user. Note - when specifying a value here, 'create_random_password' should be set to `false` | string | false |
|
||||||
|
final_snapshot_identifier_prefix | The prefix name to use when creating a final snapshot on cluster destroy; a 8 random digits are appended to name to ensure it's unique | string | false |
|
||||||
|
s3_import | Configuration map used to restore from a Percona Xtrabackup in S3 (only MySQL is supported) | map(string) | false |
|
||||||
|
ca_cert_identifier | The identifier of the CA certificate for the DB instance | string | false |
|
||||||
|
global_cluster_identifier | The global cluster identifier specified on `aws_rds_global_cluster` | string | false |
|
||||||
|
iam_database_authentication_enabled | Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled | bool | false |
|
||||||
|
instance_timeouts | Create, update, and delete timeout configurations for the cluster instance(s) | map(string) | false |
|
||||||
|
iam_role_name | Friendly name of the monitoring role | string | false |
|
||||||
|
putin_khuylo | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | bool | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,84 +13,87 @@ AWS RDS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
storage_type | One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'gp2' if not. | string | false |
|
|
||||||
vpc_security_group_ids | List of VPC security groups to associate | list(string) | false |
|
|
||||||
allow_major_version_upgrade | Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage and the change is asynchronously applied as soon as possible | bool | false |
|
|
||||||
character_set_name | (Optional) The character set name to use for DB encoding in Oracle instances. This can't be changed. See Oracle Character Sets Supported in Amazon RDS and Collations and Character Sets for Microsoft SQL Server for more information. This can only be set on creation. | string | false |
|
|
||||||
option_group_timeouts | Define maximum timeout for deletion of `aws_db_option_group` resource | map(string) | false |
|
|
||||||
kms_key_id | The ARN for the KMS encryption key. If creating an encrypted replica, set this to the destination KMS ARN. If storage_encrypted is set to true and kms_key_id is not specified the default KMS key created in your account will be used | string | false |
|
|
||||||
s3_import | Restore from a Percona Xtrabackup in S3 (only MySQL is supported) | map(string) | false |
|
|
||||||
parameter_group_name | Name of the DB parameter group to associate or create | string | false |
|
|
||||||
parameter_group_use_name_prefix | Determines whether to use `parameter_group_name` as is or create a unique name beginning with the `parameter_group_name` as the prefix | bool | false |
|
|
||||||
timezone | (Optional) Time zone of the DB instance. timezone is currently only supported by Microsoft SQL Server. The timezone can only be set on creation. See MSSQL User Guide for more information. | string | false |
|
|
||||||
max_allocated_storage | Specifies the value for Storage Autoscaling | number | false |
|
max_allocated_storage | Specifies the value for Storage Autoscaling | number | false |
|
||||||
snapshot_identifier | Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05. | string | false |
|
engine_version | The engine version to use | string | false |
|
||||||
copy_tags_to_snapshot | On delete, copy all Instance tags to the final snapshot (if final_snapshot_identifier is specified) | bool | false |
|
snapshot_identifier | Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05 | string | false |
|
||||||
password | Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file | string | false |
|
availability_zone | The Availability Zone of the RDS instance | string | false |
|
||||||
option_group_use_name_prefix | Determines whether to use `option_group_name` as is or create a unique name beginning with the `option_group_name` as the prefix | bool | false |
|
auto_minor_version_upgrade | Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window | bool | false |
|
||||||
performance_insights_enabled | Specifies whether Performance Insights are enabled | bool | false |
|
|
||||||
port | The port on which the DB accepts connections | string | false |
|
|
||||||
publicly_accessible | Bool to control if instance is publicly accessible | bool | false |
|
|
||||||
create_db_subnet_group | Whether to create a database subnet group | bool | false |
|
|
||||||
db_subnet_group_name | Name of DB subnet group. DB instance will be created in the VPC associated with the DB subnet group. If unspecified, will be created in the default VPC | string | false |
|
|
||||||
enabled_cloudwatch_logs_exports | List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL). | list(string) | false |
|
|
||||||
name | The DB name to create. If omitted, no database is created initially | string | false |
|
|
||||||
username | Username for the master DB user | string | false |
|
|
||||||
multi_az | Specifies if the RDS instance is multi-AZ | bool | false |
|
|
||||||
monitoring_role_description | Description of the monitoring IAM role | string | false |
|
|
||||||
subnet_ids | A list of VPC subnet IDs | list(string) | false |
|
subnet_ids | A list of VPC subnet IDs | list(string) | false |
|
||||||
identifier | The name of the RDS instance, if omitted, Terraform will assign a random, unique identifier | string | true |
|
|
||||||
db_subnet_group_description | Description of the DB subnet group to create | string | false |
|
|
||||||
option_group_name | Name of the option group | string | false |
|
option_group_name | Name of the option group | string | false |
|
||||||
|
option_group_timeouts | Define maximum timeout for deletion of `aws_db_option_group` resource | map(string) | false |
|
||||||
|
multi_az | Specifies if the RDS instance is multi-AZ | bool | false |
|
||||||
|
iops | The amount of provisioned IOPS. Setting this implies a storage_type of 'io1' | number | false |
|
||||||
|
option_group_use_name_prefix | Determines whether to use `option_group_name` as is or create a unique name beginning with the `option_group_name` as the prefix | bool | false |
|
||||||
|
performance_insights_retention_period | The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years) | number | false |
|
||||||
|
password | Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file | string | false |
|
||||||
|
port | The port on which the DB accepts connections | string | false |
|
||||||
|
monitoring_interval | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60 | number | false |
|
||||||
|
parameters | A list of DB parameters (map) to apply | list(map(string)) | false |
|
||||||
|
performance_insights_kms_key_id | The ARN for the KMS key to encrypt Performance Insights data | string | false |
|
||||||
|
delete_automated_backups | Specifies whether to remove automated backups immediately after the DB instance is deleted | bool | false |
|
||||||
|
create_random_password | Whether to create random password for RDS primary cluster | bool | false |
|
||||||
|
license_model | License model information for this DB instance. Optional, but required for some DB engines, i.e. Oracle SE1 | string | false |
|
||||||
|
copy_tags_to_snapshot | On delete, copy all Instance tags to the final snapshot | bool | false |
|
||||||
|
parameter_group_name | Name of the DB parameter group to associate or create | string | false |
|
||||||
|
family | The family of the DB parameter group | string | false |
|
||||||
|
character_set_name | The character set name to use for DB encoding in Oracle instances. This can't be changed. See Oracle Character Sets Supported in Amazon RDS and Collations and Character Sets for Microsoft SQL Server for more information. This can only be set on creation | string | false |
|
||||||
|
putin_khuylo | Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo! | bool | false |
|
||||||
|
identifier | The name of the RDS instance | string | true |
|
||||||
|
instance_class | The instance type of the RDS instance | string | false |
|
||||||
|
publicly_accessible | Bool to control if instance is publicly accessible | bool | false |
|
||||||
|
create_monitoring_role | Create IAM role with a defined name that permits RDS to send enhanced monitoring metrics to CloudWatch Logs | bool | false |
|
||||||
|
create_db_parameter_group | Whether to create a database parameter group | bool | false |
|
||||||
|
timezone | Time zone of the DB instance. timezone is currently only supported by Microsoft SQL Server. The timezone can only be set on creation. See MSSQL User Guide for more information | string | false |
|
||||||
|
random_password_length | Length of random password to create | number | false |
|
||||||
|
skip_final_snapshot | Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted | bool | false |
|
||||||
|
vpc_security_group_ids | List of VPC security groups to associate | list(string) | false |
|
||||||
|
s3_import | Restore from a Percona Xtrabackup in S3 (only MySQL is supported) | map(string) | false |
|
||||||
|
db_subnet_group_description | Description of the DB subnet group to create | string | false |
|
||||||
|
options | A list of Options to apply | any | false |
|
||||||
|
cloudwatch_log_group_retention_in_days | The number of days to retain CloudWatch logs for the DB instance | number | false |
|
||||||
|
db_name | The DB name to create. If omitted, no database is created initially | string | false |
|
||||||
|
maintenance_window | The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi'. Eg: 'Mon:00:00-Mon:03:00' | string | false |
|
||||||
|
db_subnet_group_name | Name of DB subnet group. DB instance will be created in the VPC associated with the DB subnet group. If unspecified, will be created in the default VPC | string | false |
|
||||||
|
enabled_cloudwatch_logs_exports | List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL) | list(string) | false |
|
||||||
|
performance_insights_enabled | Specifies whether Performance Insights are enabled | bool | false |
|
||||||
|
create_db_subnet_group | Whether to create a database subnet group | bool | false |
|
||||||
create_db_instance | Whether to create a database instance | bool | false |
|
create_db_instance | Whether to create a database instance | bool | false |
|
||||||
storage_encrypted | Specifies whether the DB instance is encrypted | bool | false |
|
storage_encrypted | Specifies whether the DB instance is encrypted | bool | false |
|
||||||
db_instance_tags | Additional tags for the DB instance | map(string) | false |
|
kms_key_id | The ARN for the KMS encryption key. If creating an encrypted replica, set this to the destination KMS ARN. If storage_encrypted is set to true and kms_key_id is not specified the default KMS key created in your account will be used | string | false |
|
||||||
db_subnet_group_tags | Additional tags for the DB subnet group | map(string) | false |
|
|
||||||
db_subnet_group_use_name_prefix | Determines whether to use `subnet_group_name` as is or create a unique name beginning with the `subnet_group_name` as the prefix | bool | false |
|
|
||||||
family | The family of the DB parameter group | string | false |
|
|
||||||
monitoring_interval | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60. | number | false |
|
|
||||||
auto_minor_version_upgrade | Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window | bool | false |
|
|
||||||
apply_immediately | Specifies whether any database modifications are applied immediately, or during the next maintenance window | bool | false |
|
|
||||||
performance_insights_kms_key_id | The ARN for the KMS key to encrypt Performance Insights data. | string | false |
|
|
||||||
create_random_password | Whether to create random password for RDS primary cluster | bool | false |
|
|
||||||
allocated_storage | The allocated storage in gigabytes | string | false |
|
|
||||||
replicate_source_db | Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate. | string | false |
|
|
||||||
domain | The ID of the Directory Service Active Directory domain to create the instance in | string | false |
|
domain | The ID of the Directory Service Active Directory domain to create the instance in | string | false |
|
||||||
tags | A mapping of tags to assign to all resources | map(string) | false |
|
allow_major_version_upgrade | Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage and the change is asynchronously applied as soon as possible | bool | false |
|
||||||
options | A list of Options to apply. | any | false |
|
|
||||||
backup_retention_period | The days to retain backups for | number | false |
|
|
||||||
db_parameter_group_tags | Additional tags for the DB parameter group | map(string) | false |
|
|
||||||
performance_insights_retention_period | The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). | number | false |
|
|
||||||
engine_version | The engine version to use | string | false |
|
|
||||||
monitoring_role_arn | The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. Must be specified if monitoring_interval is non-zero. | string | false |
|
|
||||||
db_option_group_tags | Additional tags for the DB option group | map(string) | false |
|
|
||||||
parameters | A list of DB parameters (map) to apply | list(map(string)) | false |
|
|
||||||
timeouts | (Optional) Updated Terraform resource management timeouts. Applies to `aws_db_instance` in particular to permit resource management times | map(string) | false |
|
|
||||||
ca_cert_identifier | Specifies the identifier of the CA certificate for the DB instance | string | false |
|
|
||||||
delete_automated_backups | Specifies whether to remove automated backups immediately after the DB instance is deleted | bool | false |
|
|
||||||
random_password_length | (Optional) Length of random password to create. (default: 10) | number | false |
|
|
||||||
cross_region_replica | Specifies if the replica should be cross region. It allows the use of a subnet group in a region different than the master instance | bool | false |
|
|
||||||
domain_iam_role_name | (Required if domain is provided) The name of the IAM role to be used when making API calls to the Directory Service | string | false |
|
|
||||||
engine | The database engine to use | string | false |
|
|
||||||
backup_window | The daily time range (in UTC) during which automated backups are created if they are enabled. Example: '09:46-10:16'. Must not overlap with maintenance_window | string | false |
|
backup_window | The daily time range (in UTC) during which automated backups are created if they are enabled. Example: '09:46-10:16'. Must not overlap with maintenance_window | string | false |
|
||||||
create_db_option_group | (Optional) Create a database option group | bool | false |
|
option_group_description | The description of the option group | string | false |
|
||||||
deletion_protection | The database can't be deleted when this value is set to true. | bool | false |
|
ca_cert_identifier | Specifies the identifier of the CA certificate for the DB instance | string | false |
|
||||||
license_model | License model information for this DB instance. Optional, but required for some DB engines, i.e. Oracle SE1 | string | false |
|
replica_mode | Specifies whether the replica is in either mounted or open-read-only mode. This attribute is only supported by Oracle instances. Oracle replicas operate in open-read-only mode unless otherwise specified | string | false |
|
||||||
final_snapshot_identifier | The name of your final DB snapshot when this DB instance is deleted. | string | false |
|
monitoring_role_name | Name of the IAM role which will be created when create_monitoring_role is enabled | string | false |
|
||||||
create_monitoring_role | Create IAM role with a defined name that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. | bool | false |
|
db_option_group_tags | Additional tags for the DB option group | map(string) | false |
|
||||||
|
db_subnet_group_use_name_prefix | Determines whether to use `subnet_group_name` as is or create a unique name beginning with the `subnet_group_name` as the prefix | bool | false |
|
||||||
|
parameter_group_use_name_prefix | Determines whether to use `parameter_group_name` as is or create a unique name beginning with the `parameter_group_name` as the prefix | bool | false |
|
||||||
|
create_cloudwatch_log_group | Determines whether a CloudWatch log group is created for each `enabled_cloudwatch_logs_exports` | bool | false |
|
||||||
|
replicate_source_db | Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate | string | false |
|
||||||
|
monitoring_role_description | Description of the monitoring IAM role | string | false |
|
||||||
|
tags | A mapping of tags to assign to all resources | map(string) | false |
|
||||||
|
db_instance_tags | Additional tags for the DB instance | map(string) | false |
|
||||||
|
db_parameter_group_tags | Additional tags for the DB parameter group | map(string) | false |
|
||||||
|
final_snapshot_identifier_prefix | The name which is prefixed to the final snapshot on cluster destroy | string | false |
|
||||||
|
monitoring_role_arn | The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. Must be specified if monitoring_interval is non-zero | string | false |
|
||||||
parameter_group_description | Description of the DB parameter group to create | string | false |
|
parameter_group_description | Description of the DB parameter group to create | string | false |
|
||||||
major_engine_version | Specifies the major version of the engine that this option group should be associated with | string | false |
|
major_engine_version | Specifies the major version of the engine that this option group should be associated with | string | false |
|
||||||
maintenance_window | The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi'. Eg: 'Mon:00:00-Mon:03:00' | string | false |
|
timeouts | Updated Terraform resource management timeouts. Applies to `aws_db_instance` in particular to permit resource management times | map(string) | false |
|
||||||
skip_final_snapshot | Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted, using the value from final_snapshot_identifier | bool | false |
|
allocated_storage | The allocated storage in gigabytes | string | false |
|
||||||
instance_class | The instance type of the RDS instance | string | false |
|
domain_iam_role_name | (Required if domain is provided) The name of the IAM role to be used when making API calls to the Directory Service | string | false |
|
||||||
availability_zone | The Availability Zone of the RDS instance | string | false |
|
username | Username for the master DB user | string | false |
|
||||||
monitoring_role_name | Name of the IAM role which will be created when create_monitoring_role is enabled. | string | false |
|
storage_type | One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'gp2' if not | string | false |
|
||||||
option_group_description | The description of the option group | string | false |
|
|
||||||
iam_database_authentication_enabled | Specifies whether or not the mappings of AWS Identity and Access Management (IAM) accounts to database accounts are enabled | bool | false |
|
iam_database_authentication_enabled | Specifies whether or not the mappings of AWS Identity and Access Management (IAM) accounts to database accounts are enabled | bool | false |
|
||||||
final_snapshot_identifier_prefix | The name which is prefixed to the final snapshot on cluster destroy | string | false |
|
apply_immediately | Specifies whether any database modifications are applied immediately, or during the next maintenance window | bool | false |
|
||||||
iops | The amount of provisioned IOPS. Setting this implies a storage_type of 'io1' | number | false |
|
backup_retention_period | The days to retain backups for | number | false |
|
||||||
restore_to_point_in_time | Restore to a point in time (MySQL is NOT supported) | map(string) | false |
|
restore_to_point_in_time | Restore to a point in time (MySQL is NOT supported) | map(string) | false |
|
||||||
create_db_parameter_group | Whether to create a database parameter group | bool | false |
|
db_subnet_group_tags | Additional tags for the DB subnet group | map(string) | false |
|
||||||
|
engine | The database engine to use | string | false |
|
||||||
|
create_db_option_group | Create a database option group | bool | false |
|
||||||
|
deletion_protection | The database can't be deleted when this value is set to true | bool | false |
|
||||||
|
cloudwatch_log_group_kms_key_id | The ARN of the KMS Key to use when encrypting log data | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,29 @@
|
||||||
|
---
|
||||||
|
title: AWS RECORDS
|
||||||
|
---
|
||||||
|
|
||||||
|
## 描述
|
||||||
|
|
||||||
|
Terraform module which creates Route53 resources on AWS
|
||||||
|
|
||||||
|
## 参数说明
|
||||||
|
|
||||||
|
|
||||||
|
### 属性
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
private_zone | Whether Route53 zone is private or public | bool | false |
|
||||||
|
records | List of maps of DNS records | any | false |
|
||||||
|
create | Whether to create DNS records | bool | false |
|
||||||
|
zone_id | ID of DNS zone | string | false |
|
||||||
|
zone_name | Name of DNS zone | string | false |
|
||||||
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
#### writeConnectionSecretToRef
|
||||||
|
|
||||||
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
name | The secret name which the cloud resource connection will be written to | string | true |
|
||||||
|
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
|
||||||
|
|
@ -13,15 +13,15 @@ Terraform Module to Define Vanity Host/Domain (e.g. ) as an ALIAS record
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
parent_zone_id | ID of the hosted zone to contain this record (or specify `parent_zone_name`) | string | false |
|
|
||||||
parent_zone_name | Name of the hosted zone to contain this record (or specify `parent_zone_id`) | string | false |
|
|
||||||
private_zone | Is this a private hosted zone? | bool | false |
|
|
||||||
target_dns_name | DNS name of target resource (e.g. ALB, ELB) | string | true |
|
target_dns_name | DNS name of target resource (e.g. ALB, ELB) | string | true |
|
||||||
aliases | List of aliases | list(string) | true |
|
|
||||||
target_zone_id | ID of target resource (e.g. ALB, ELB) | string | true |
|
|
||||||
evaluate_target_health | Set to true if you want Route 53 to determine whether to respond to DNS queries | bool | false |
|
|
||||||
ipv6_enabled | Set to true to enable an AAAA DNS record to be set as well as the A record | bool | false |
|
ipv6_enabled | Set to true to enable an AAAA DNS record to be set as well as the A record | bool | false |
|
||||||
allow_overwrite | Allow creation of this record in Terraform to overwrite an existing record, if any. This does not affect the ability to update the record in Terraform and does not prevent other resources within Terraform or manual Route 53 changes outside Terraform from overwriting this record. false by default. This configuration is not recommended for most environments | bool | false |
|
allow_overwrite | Allow creation of this record in Terraform to overwrite an existing record, if any. This does not affect the ability to update the record in Terraform and does not prevent other resources within Terraform or manual Route 53 changes outside Terraform from overwriting this record. false by default. This configuration is not recommended for most environments | bool | false |
|
||||||
|
private_zone | Is this a private hosted zone? | bool | false |
|
||||||
|
parent_zone_id | ID of the hosted zone to contain this record (or specify `parent_zone_name`) | string | false |
|
||||||
|
parent_zone_name | Name of the hosted zone to contain this record (or specify `parent_zone_id`) | string | false |
|
||||||
|
target_zone_id | ID of target resource (e.g. ALB, ELB) | string | true |
|
||||||
|
evaluate_target_health | Set to true if you want Route 53 to determine whether to respond to DNS queries | bool | false |
|
||||||
|
aliases | List of aliases | list(string) | true |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,11 +13,11 @@ Terraform module to define a consistent AWS Route53 hostname
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
ttl | The TTL of the record to add to the DNS zone to complete certificate validation | number | false |
|
|
||||||
dns_name | The name of the DNS record | string | false |
|
|
||||||
zone_id | Route53 DNS Zone ID | string | true |
|
zone_id | Route53 DNS Zone ID | string | true |
|
||||||
records | DNS records to create | list(string) | true |
|
records | DNS records to create | list(string) | true |
|
||||||
type | Type of DNS records to create | string | false |
|
type | Type of DNS records to create | string | false |
|
||||||
|
ttl | The TTL of the record to add to the DNS zone to complete certificate validation | number | false |
|
||||||
|
dns_name | The name of the DNS record | string | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,11 +13,11 @@ Terraform module which creates Route53 resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
|
zone_name | Name of DNS zone | string | false |
|
||||||
|
private_zone | Whether Route53 zone is private or public | bool | false |
|
||||||
records | List of maps of DNS records | any | false |
|
records | List of maps of DNS records | any | false |
|
||||||
create | Whether to create DNS records | bool | false |
|
create | Whether to create DNS records | bool | false |
|
||||||
zone_id | ID of DNS zone | string | false |
|
zone_id | ID of DNS zone | string | false |
|
||||||
zone_name | Name of DNS zone | string | false |
|
|
||||||
private_zone | Whether Route53 zone is private or public | bool | false |
|
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -13,9 +13,9 @@ Terraform module which creates Route53 resources on AWS
|
||||||
|
|
||||||
名称 | 描述 | 类型 | 是否必须 | 默认值
|
名称 | 描述 | 类型 | 是否必须 | 默认值
|
||||||
------------ | ------------- | ------------- | ------------- | -------------
|
------------ | ------------- | ------------- | ------------- | -------------
|
||||||
create | Whether to create Route53 zone | bool | false |
|
|
||||||
zones | Map of Route53 zone parameters | any | false |
|
zones | Map of Route53 zone parameters | any | false |
|
||||||
tags | Tags added to all zones. Will take precedence over tags from the 'zones' variable | map(any) | false |
|
tags | Tags added to all zones. Will take precedence over tags from the 'zones' variable | map(any) | false |
|
||||||
|
create | Whether to create Route53 zone | bool | false |
|
||||||
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue