-
Notifications
You must be signed in to change notification settings - Fork 6
/
variables.tf
109 lines (91 loc) · 2.78 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
variable "aws_region" {
description = "A region the infrastructure will be deployed in."
type = string
}
variable "buckets_to_scan" {
description = "The buckets which need scanning."
type = list(string)
}
# -----------------------------
# Lambdas variables
# -----------------------------
variable "update_handler" {
description = "Function entrypoint in your code."
default = "update.lambda_handler"
type = string
}
variable "scan_handler" {
description = "Function entrypoint in your code."
default = "scan.lambda_handler"
type = string
}
variable "lambda_runtime" {
description = "Identifier of the function's runtime."
default = "python3.7"
type = string
}
variable "lambda_timeout" {
description = "Amount of time your Lambda Function has to run in seconds."
default = 300
type = number
}
variable "update_memory_size" {
description = "Amount of memory in MB your Lambda Function can use at runtime."
default = 1024
type = number
}
variable "scan_memory_size" {
description = "Amount of memory in MB your Lambda Function can use at runtime."
default = 2048
type = number
}
# -----------------------------
# Lambda permissions variables
# -----------------------------
variable "lambda_action" {
description = "The AWS Lambda action you want to allow in this statement."
default = "lambda:InvokeFunction"
type = string
}
variable "lambda_update_principal" {
description = <<DOCHERE
The principal who is getting this permission. e.g. s3.amazonaws.com, an AWS account ID,
or any valid AWS service principal such as events.amazonaws.com or sns.amazonaws.com.
DOCHERE
default = "events.amazonaws.com"
type = string
}
variable "lambda_scan_principal" {
description = <<DOCHERE
The principal who is getting this permission. e.g. s3.amazonaws.com, an AWS account ID,
or any valid AWS service principal such as events.amazonaws.com or sns.amazonaws.com.
DOCHERE
default = "s3.amazonaws.com"
type = string
}
# -----------------------------
# Cloudwatch variables
# -----------------------------
variable "event_name" {
description = "The name of the rule."
default = "every_three_hours"
type = string
}
variable "event_description" {
description = "The description of the rule."
default = "Fires every three hours"
type = string
}
variable "event_schedule_expression" {
description = " The scheduling expression."
default = "rate(3 hours)"
type = string
}
# -----------------------------
# Bucket variables
# -----------------------------
variable "bucket_events" {
description = "Specifies event for which to send notifications."
default = ["s3:ObjectCreated:*"]
type = list(string)
}