~devops/a2g_vars.tf

Edit the contents of the file a2g_vars.tf  shown as needed:


/*
 *  REVVOPS A2G AWS AIR GAP V6.1
 *
 *  CONFIGURATION VARIABLES
 *  
 *  Any variable can also be set upon command line invocation of the
 *  Terraform 'plan' and 'apply' subcommands using the following form:
 *
 *  -var 'variable_name=value'
 *
 *  and further via environment variables using the form:
 *
 *  TF_VAR_variable_name=value
 *
 */

variable "region" {

  # Provide a value via the command line, an environment variable or
  # uncomment and supply a value in the 'default =' line below:

  description = "Region Code (Required)"
# default = ""

  #                               Region Code
  # US East        N. Virginia    us-east-1
  # US East        Ohio           us-east-2
  # US West        N. California  us-west-1
  # US West        Oregon         us-west-2
  # Africa         Cape Town      af-south-1
  # Asia Pacific   Hong Kong      ap-east-1
  # Asia Pacific   Mumbai         ap-south-1
  # Asia Pacific   Seoul          ap-northeast-2
  # Asia Pacific   Singapore      ap-southeast-1
  # Asia Pacific   Sydney         ap-southeast-2
  # Asia Pacific   Tokyo          ap-northeast-1
  # Canada         Central        ca-central-1
  # Europe         Frankfurt      eu-central-1
  # Europe         Ireland        eu-west-1
  # Europe         London         eu-west-2
  # Europe         Milan          eu-south-1
  # Europe         Paris          eu-west-3
  # Europe         Stockholm      eu-north-1
  # Middle East    Bahrain        me-south-1
  # South America  Sao Paulo      sa-east-1 
}

variable "access_key" {

  # Provide a value via the command line, an environment variable or
  # uncomment and supply a value in the 'default =' line below:

  description = "IAM access key (Required)"
# default = ""
}

variable "secret_key" {

  # Provide a value via the command line, an environment variable or
  # uncomment and supply a value in the 'default =' line below:

  description = "Mandatory IAM secret key (Required)"
# default = ""
}

variable "air_gap" {

  # When a public subnet is air gapped by setting air_gap to true, it's internet
  # gateway is removed, effectively turning it into a private subnet whilst
  # the air gap remains in place. Any public IP addresses of resources launched
  # into a public subnet before this will remain allocated to those resources,
  # but will be totally isolated from the internet; neither being reachable from
  # nor being able to send traffic to, the internet.

  description = "Flag controlling the air gapping of your public subnets"
  default = false
}

variable "air_gap_only_public_subnet" {

  # If set to true only the public subnet whose index is set in
  # air_gap_only_public_subnet_index will be air gapped. If set to false only
  # the public subnet whose index is set in air_gap_only_public_subnet_index 
  # will have the air gap lifted. However, this variable will be ignored 
  # if air_gap_only_public_subnet_index is set to -1. For this variable to
  # to take effect, air_gap_only_public_subnet_index must be set to a valid
  # index value of a public subnet defined in the public_subnets list, so it
  # must contain an integer value of zero of greater.

  description = "Flag controlling air gappinng for just one public subnet"
  default = false
}

variable "air_gap_only_public_subnet_index" {

  # Supplying the zero indexed value of a public subnet defined in
  # the public_subnets list will ensure that only that public subnet
  # is air gapped when air_gap_only_public_subnet is set to true and
  # conversely that only that public subnet has the air gap removed if
  # air_gap_only_public_subnet is set to false. However, if 
  # air_gap_only_public_subnet_index is set to the default of -1,
  # air_gap_only_public_subnet has no effect.

  description = "Index of public subnet defined in the public_subnets list"
  default = "-1"
}

variable "a2g_vpc_cidr" {

  # A2G works with a custom VPC as opposed to the default VPC. Use this variable
  # to configure the CIDR block of the custom VPC that A2G will create and work
  # with.

  description = "Custom VPC IPv4 CIDR block"
  default = "192.168.0.0/16"
}

variable "a2g_vpc_tag_name" {

  description = "A2G VPC tag"
  default = "REVVOPS-A2G-VPC"
}

variable "public_subnets" {

  # These CIDR blocks should be allocated from within the range specified by
  # a2g_vpc_cidr. If defining just a single public subnet, its CIDR block
  # should still be specified using the same list notation, for example:
  # default = ["192.168.2.0/24"]

  description = "Public subnet(s) IPv4 CIDR block(s)"
  default = ["192.168.2.0/24", "192.168.4.0/24", "192.168.6.0/24", "192.168.8.0/24"]
}

variable "public_subnets_tag_base_name" {

  description = "Prefix string to form tag, appended by order in public_subnets"
  default = "REVVOPS-A2G-PUBLIC-SUBNET-"
}

variable "public_subnets_availability_zones" {

  # Using the same list positions corresponding to the CIDR blocks in
  # public_subnets, specify availability zones for your public subnets
  # by using 0 for a, 1 for b and so on.

  description = "Availability zones for public_subnets"
  default = [0, 1, 0, 1]
}

variable "private_subnets" {

  # These CIDR blocks should be allocated from within the range specified by
  # a2g_vpc_cidr. If defining just a single private subnet, its CIDR block
  # should still be specified using the same list notation, for example:
  # default = ["192.168.1.0/24"] 

  description = "Private subnet(s) IPv4 CIDR block(s)"
  default = ["192.168.1.0/24", "192.168.3.0/24", "192.168.5.0/24", "192.168.7.0/24"]
}

variable "private_subnets_tag_base_name" {

  description = "Prefix string to form tag, appended by order in private_subnets"
  default = "REVVOPS-A2G-PRIVATE-SUBNET-"
}

variable "private_subnets_availability_zones" {

  # Using the same list positions corresponding to the CIDR blocks in
  # private_subnets, specify availability zones for your private subnets
  # by using 0 for a, 1 for b and so on.

  description = "Availability zones for private_subnets"
  default = [0, 1, 0, 1]
}

variable "virtual_firewall_level" {

  description = "Reserved"
  default = "[air_gap, user1, user2, honeypot, wide_open]"
}


/*

resource "aws_network_acl_rule" "a2g_nacl_rule_1" {
  description = "Reserved"
}

resource "aws_network_acl_rule" "a2g_nacl_rule_2" {
  description = "Reserved"
}

resource "aws_network_acl_rule" "a2g_nacl_rule_3" {
  description = "Reserved"
}

resource "aws_network_acl_rule" "a2g_nacl_rule_4" {
  description = "Reserved"
}


resource "aws_security_group_rule" "a2g_sg_rule_1" {
  description = "Reserved"
}

resource "aws_security_group_rule" "a2g_sg_rule_2" {
  description = "Reserved"
}

resource "aws_security_group_rule" "a2g_sg_rule_3" {
  description = "Reserved"
}

resource "aws_security_group_rule" "a2g_sg_rule_4" {
  description = "Reserved"
}

*/