-
Notifications
You must be signed in to change notification settings - Fork 20
/
variables.tf
99 lines (80 loc) · 3.02 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
variable "create" {
description = "Create Module, defaults to true."
default = true
}
variable "name" {
description = "Filename to write the certificate data to, default to \"tls-self-signed-cert\"."
default = "tls-self-signed-cert"
}
variable "algorithm" {
description = "The name of the algorithm to use for the key. Currently-supported values are \"RSA\" and \"ECDSA\". Defaults to \"RSA\"."
default = "RSA"
}
variable "rsa_bits" {
description = "When algorithm is \"RSA\", the size of the generated RSA key in bits. Defaults to \"2048\"."
default = "2048"
}
variable "ecdsa_curve" {
description = "When algorithm is \"ECDSA\", the name of the elliptic curve to use. May be any one of \"P224\", \"P256\", \"P384\" or \"P521\". Defaults to \"P224\""
default = "P256"
}
variable "permissions" {
description = "The Unix file permission to assign to the cert files (e.g. 0600). Defaults to \"0600\"."
default = "0600"
}
variable "validity_period_hours" {
description = "The number of hours after initial issuing that the certificate will become invalid."
}
variable "ca_allowed_uses" {
description = "List of keywords from RFC5280 describing a use that is permitted for the CA certificate. For more info and the list of keywords, see https://www.terraform.io/docs/providers/tls/r/self_signed_cert.html#allowed_uses."
type = "list"
default = [
"cert_signing",
"key_encipherment",
"digital_signature",
]
}
variable "ca_common_name" {
description = "The common name to use in the subject of the CA certificate (e.g. hashicorp.com)."
default = ""
}
variable "organization_name" {
description = "The name of the organization to associate with the certificates (e.g. HashiCorp Inc)."
}
variable "allowed_uses" {
description = "List of keywords from RFC5280 describing a use that is permitted for the issued certificate. For more info and the list of keywords, see https://www.terraform.io/docs/providers/tls/r/self_signed_cert.html#allowed_uses."
type = "list"
default = [
"key_encipherment",
"digital_signature",
]
}
variable "common_name" {
description = "The common name to use in the subject of the certificate (e.g. hashicorp.com)."
}
variable "dns_names" {
description = "List of DNS names for which the certificate will be valid (e.g. foo.hashicorp.com), defaults to empty list."
type = "list"
default = []
}
variable "ip_addresses" {
description = "List of IP addresses for which the certificate will be valid (e.g. 127.0.0.1), defaults to empty list."
type = "list"
default = []
}
variable "ca_override" {
description = "Don't create a CA cert, override with the provided CA to sign certs with."
default = false
}
variable "ca_key_override" {
description = "CA private key pem override."
default = ""
}
variable "ca_cert_override" {
description = "CA cert pem override."
default = ""
}
variable "download_certs" {
description = "Download certs locally, defaults to false."
default = false
}