# Set account-wide variables. These are automatically pulled in to configure the remote state bucket in the root
# terragrunt.hcl configuration.
locals {
  account_name   = "afs-mdr-common-services"
  account_alias  = "afs-mdr-common-services"
  aws_account_id = "471284459109"
  instance_termination_protection = true # set to true for production!
  splunk_prefix = "moose"

  account_tags = {
    "Client": local.splunk_prefix
  }
  c2_account_standards_path = "../../../../prod/aws/mdr-prod-c2/005-account-standards-c2"

  # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
  vpc_info = {
    "vpc-security" = {
      "name" = "vpc-security",
      "purpose" = "created for palo altos, can probably be removed.",
      "cidr" = "10.1.0.0/22",
    }
  }

  #####################################
  # DNS Zones
  hosted_public_dns_zones = [
    "accenturefederalcyber.com",
    "accenturefederalcyber.net",
    "xdr.accenturefederalcyber.com",
    "xdrtest.accenturefederalcyber.com",
    "xdrtest.accenturefederalcyber.net", # testing dnssec
  ]
  # Delegated zones are created in different accounts
  delegated_public_dns_zones = {
    "ai.accenturefederalcyber.com" = [
      "ns-348.awsdns-43.com",
      "ns-1733.awsdns-24.co.uk",
      "ns-1330.awsdns-38.org",
      "ns-610.awsdns-12.net",
    ],
    "caasp.accenturefederalcyber.com" = [
      "ns-537.awsdns-03.net",
      "ns-1532.awsdns-63.org",
      "ns-1933.awsdns-49.co.uk",
      "ns-417.awsdns-52.com",
    ],
  }
}