탐색 도움말
가입하기 로그인
AFS
/
xdr-terraform-modules
2
0
포크 0
파일 이슈 0 풀 리퀘스트 0 위키
트리: 1a6f4e2d22
브랜치 태그
xdr-terraform-m...
/
variables
/
globals.tf

globals.tf 2.1 KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 
  1. # This file contains mutable variables that are likely to be needed in every module.
    2. 

  2. #
    3. 

  3. # ADD TO THIS SPARINGLY! CHANGES TO THIS FILE RESULT IN A LOT OF WORK!
    4. 

  4. 

  5. locals {
    6. 

  6. 

  7.   #### C&C Servers
    8. 

  8.   proxy = {
    9. 

  9.     prod   = "proxy.pvt.xdr.accenturefederalcyber.com",
    10. 

  10.     test   = "proxy.pvt.xdrtest.accenturefederalcyber.com",
    11. 

  11.     common = ""
    12. 

  12.   }[var.environment]
    13. 

  13. 

  14.   proxy_ip = {
    15. 

  15.     prod   = "10.80.101.166",
    16. 

  16.     test   = "10.20.2.22",
    17. 

  17.     common = "10.40.2.107"
    18. 

  18.   }[var.environment]
    19. 

  19. 

  20.   salt_master = {
    21. 

  21.     prod   = "salt-master.pvt.xdr.accenturefederalcyber.com",
    22. 

  22.     test   = "salt-master.pvt.xdrtest.accenturefederalcyber.com",
    23. 

  23.     common = "salt-master.pvt.xdr.accenturefederalcyber.com"
    24. 

  24.   }[var.environment]
    25. 

  25. 

  26.   #### Tags:
    27. 

  27.   global_tags = {
    28. 

  28.     "Snapshot" = "Daily", # This will put it on some things where it doesn't belong, but seems useful overall
    29. 

  29.     #"Last_Updated" = timestamp() # while this is cool, its usefulness does not warrant the constant updates.
    30. 

  30.   }
    31. 

  31. 

  32.   environment_tags = {
    33. 

  33.     prod = {
    34. 

  34.       Schedule    = "none",
    35. 

  35.       Environment = var.environment
    36. 

  36.     },
    37. 

  37.     test = {
    38. 

  38.       Schedule    = "MSOC",
    39. 

  39.       Environment = var.environment
    40. 

  40.     },
    41. 

  41.     common = {
    42. 

  42.       "Schedule"  = "none",
    43. 

  43.       Environment = var.environment
    44. 

  44.     }
    45. 

  45.   }[var.environment]
    46. 

  46. 

  47.   partition_tags = {
    48. 

  48.     aws = {
    49. 

  49.       aws_partition = var.aws_partition
    50. 

  50.     },
    51. 

  51.     aws-us-gov = {
    52. 

  52.       aws_partition = var.aws_partition
    53. 

  53.     }
    54. 

  54.   }[var.aws_partition]
    55. 

  55. 

  56.   region_tags = {
    57. 

  57.     us-gov-east-1 = {},
    58. 

  58.     us-gov-west-1 = {},
    59. 

  59.     us-east-1     = {},
    60. 

  60.     us-east-2     = {},
    61. 

  61.     us-west-1     = {},
    62. 

  62.     us-west-2     = {},
    63. 

  63.   }[var.aws_region]
    64. 

  64. 

  65.   account_tags_default = { "Client" : var.splunk_prefix }
    66. 

  66.   account_tags_exceptions = {
    67. 

  67.     mdr-prod-root-ca = {
    68. 

  68.       "WARNING" : "ALL ACCESS IS LOGGED. DO NOT USE WITHOUT JUSTIFICATION."
    69. 

  69.       "Client" : var.splunk_prefix,
    70. 

  70.     },
    71. 

  71.     afs-mdr-prod-malware-gov = {},
    72. 

  72.     afs-mdr-prod-cyber-range = {},
    73. 

  73.     afs-mdr-dev-ai           = {},
    74. 

  74.   }
    75. 

  75.   account_tags = lookup(local.account_tags_exceptions, var.account_name, local.account_tags_default)
    76. 

  76. 

  77.   standard_tags = merge(local.global_tags, local.environment_tags, local.partition_tags, local.region_tags, local.account_tags)
    78. 

  78. }
    79.