forked from cloudposse/terraform-aws-sns-topic
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
116 lines (100 loc) · 4.82 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
variable "subscribers" {
type = map(object({
protocol = string
# The protocol to use. The possible values for this are: sqs, sms, lambda, application. (http or https are partially supported, see below) (email is an option but is unsupported, see below).
endpoint = string
# The endpoint to send data to, the contents will vary with the protocol. (see below for more information)
endpoint_auto_confirms = optional(bool, false)
# Boolean indicating whether the end point is capable of auto confirming subscription e.g., PagerDuty (default is false)
filter_policy = optional(string, null)
# The filter policy JSON that is assigned to the subscription. For more information, see Amazon SNS Filter Policies.
filter_policy_scope = optional(string, null)
# The filter policy scope that is assigned to the subscription. Whether the `filter_policy` applies to `MessageAttributes` or `MessageBody`. Default is null.
raw_message_delivery = optional(bool, false)
# Boolean indicating whether or not to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property) (default is false)
}))
description = "Required configuration for subscibres to SNS topic."
default = {}
}
variable "allowed_aws_services_for_sns_published" {
type = list(string)
description = "AWS services that will have permission to publish to SNS topic. Used when no external JSON policy is used"
default = []
}
variable "kms_master_key_id" {
type = string
description = "The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK."
default = "alias/aws/sns"
}
variable "encryption_enabled" {
type = bool
description = "Whether or not to use encryption for SNS Topic. If set to `true` and no custom value for KMS key (kms_master_key_id) is provided, it uses the default `alias/aws/sns` KMS key."
default = true
}
variable "sqs_queue_kms_master_key_id" {
type = string
description = "The ID of an AWS-managed customer master key (CMK) for Amazon SQS Queue or a custom CMK"
default = "alias/aws/sqs"
}
variable "sqs_queue_kms_data_key_reuse_period_seconds" {
type = number
description = "The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again"
default = 300
}
variable "allowed_iam_arns_for_sns_publish" {
type = list(string)
description = "IAM role/user ARNs that will have permission to publish to SNS topic. Used when no external json policy is used."
default = []
}
variable "sns_topic_policy_json" {
type = string
description = "The fully-formed AWS policy as JSON"
default = ""
}
# Enabling sqs_dlq_enabled won't be effective.
# SNS subscription - redrive policy parameter is not yet avaialable in TF - waiting for PR https://github.com/terraform-providers/terraform-provider-aws/issues/10931
variable "sqs_dlq_enabled" {
type = bool
description = "Enable delivery of failed notifications to SQS and monitor messages in queue."
default = false
}
variable "sqs_dlq_max_message_size" {
type = number
description = "The limit of how many bytes a message can contain before Amazon SQS rejects it. An integer from 1024 bytes (1 KiB) up to 262144 bytes (256 KiB). The default for this attribute is 262144 (256 KiB)."
default = 262144
}
variable "sqs_dlq_message_retention_seconds" {
type = number
description = "The number of seconds Amazon SQS retains a message. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days)."
default = 1209600
}
variable "delivery_policy" {
type = string
description = "The SNS delivery policy as JSON."
default = null
}
variable "fifo_topic" {
type = bool
description = "Whether or not to create a FIFO (first-in-first-out) topic"
default = false
}
variable "fifo_queue_enabled" {
type = bool
description = "Whether or not to create a FIFO (first-in-first-out) queue"
default = false
}
variable "content_based_deduplication" {
type = bool
description = "Enable content-based deduplication for FIFO topics"
default = false
}
variable "redrive_policy_max_receiver_count" {
type = number
description = "The number of times a message is delivered to the source queue before being moved to the dead-letter queue. When the ReceiveCount for a message exceeds the maxReceiveCount for a queue, Amazon SQS moves the message to the dead-letter-queue."
default = 5
}
variable "redrive_policy" {
type = string
description = "The SNS redrive policy as JSON. This overrides `var.redrive_policy_max_receiver_count` and the `deadLetterTargetArn` (supplied by `var.fifo_queue = true`) passed in by the module."
default = null
}