generated from terraform-ibm-modules/terraform-ibm-module-template
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathvariables.tf
76 lines (70 loc) · 2.03 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
##############################################################################
# Input variables
##############################################################################
variable "ibmcloud_api_key" {
type = string
description = "Restricted IBM Cloud API Key used only for writing Log Analysis archives to Cloud Object Storage"
default = null
sensitive = true
}
variable "prefix" {
description = "Name of the access group"
type = string
default = "basic-test"
}
variable "dynamic_rules" {
description = "list of dynamic rules"
type = map(object({
expiration = number
identity_provider = string
conditions = optional(list(object({
claim = string
operator = string
value = string
})))
}))
default = {
rule-name = {
expiration = 3
identity_provider = "https://idp-test.example.org/SAML2"
conditions = [{
claim = "my_claim"
operator = "CONTAINS"
value = "my_test_value"
}]
}
}
}
variable "policies" {
description = "list of policies"
type = map(object({
roles = list(string)
account_management = optional(bool)
tags = set(string)
resources = optional(list(object({
region = optional(string)
attributes = optional(map(string))
service = optional(string)
resource_instance_id = optional(string)
resource_type = optional(string)
resource = optional(string)
resource_group_id = optional(string)
})))
resource_attributes = optional(list(object({
name = string
value = string
operator = optional(string)
})))
}))
default = {
"policy_name" = {
roles = ["Viewer", "Manager"]
tags = ["iam-service-policy-example-test"]
}
}
}
variable "ibm_ids" {
description = "A list of IBM IDs that you want to add to the access group."
type = list(string)
default = ["GoldenEye.Development@ibm.com"]
}