# This file contains mutable variables that are likely to be needed in every module. # # ADD TO THIS SPARINGLY! CHANGES TO THIS FILE RESULT IN A LOT OF WORK! locals { #### C&C Servers proxy = { prod = "proxy.pvt.xdr.accenturefederalcyber.com", test = "proxy.pvt.xdrtest.accenturefederalcyber.com", common = "" }[var.environment] proxy_ip = { prod = "10.80.101.166", test = "10.20.2.22", common = "10.40.2.107" }[var.environment] salt_master = { prod = "salt-master.pvt.xdr.accenturefederalcyber.com", test = "salt-master.pvt.xdrtest.accenturefederalcyber.com", common = "salt-master.pvt.xdr.accenturefederalcyber.com" }[var.environment] #### Tags: global_tags = { "Snapshot" = "Daily", # This will put it on some things where it doesn't belong, but seems useful overall #"Last_Updated" = timestamp() # while this is cool, its usefulness does not warrant the constant updates. } environment_tags = { prod = { Schedule = "none", Environment = var.environment }, test = { Schedule = "MSOC", Environment = var.environment }, common = { "Schedule" = "none", Environment = var.environment } }[var.environment] partition_tags = { aws = { aws_partition = var.aws_partition }, aws-us-gov = { aws_partition = var.aws_partition } }[var.aws_partition] region_tags = { us-gov-east-1 = {}, us-gov-west-1 = {}, us-east-1 = {}, us-east-2 = {}, us-west-1 = {}, us-west-2 = {}, }[var.aws_region] account_tags_default = { "Client" : var.splunk_prefix } account_tags_exceptions = { mdr-prod-root-ca = { "WARNING" : "ALL ACCESS IS LOGGED. DO NOT USE WITHOUT JUSTIFICATION." "Client" : var.splunk_prefix, }, afs-mdr-prod-malware-gov = {}, afs-mdr-prod-cyber-range = {}, afs-mdr-dev-ai = {}, } account_tags = lookup(local.account_tags_exceptions, var.account_name, local.account_tags_default) standard_tags = merge(local.global_tags, local.environment_tags, local.partition_tags, local.region_tags, local.account_tags) }