| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 |
- variable "tags" {
- type = map
- default = { }
- }
- variable "cloudtrail_key_arn" {
- # Unfortunately, if we use the alias, it modifies it every time, so we have to grab the actual arn
- type = string
- }
- variable extra_ebs_key_admins {
- description = "Extra EBS encryption key admins."
- type = list
- default = [ ]
- }
- variable extra_ebs_key_users {
- description = "Extra EBS encryption key users."
- type = list
- default = [ ]
- }
- variable extra_ebs_key_attachers {
- description = "Extra EBS encryption key attachers."
- type = list
- default = [ ]
- }
- variable "log_group_name" {
- description = "Cloudtrail Log Group Name to Use. Keep the default unless you have a good reason."
- type = string
- default = "cloudtrail-local-account"
- }
- # ----------------------------------
- # Below this line are variables inherited from higher levels, so they
- # do not need to be explicitly passed to this module.
- variable "is_legacy" { type = bool }
- variable "legacy_account" { type = string }
- variable "standard_tags" { type = map }
- variable "account_list" { type = list }
- variable "aws_account_id" { type = string }
- variable "aws_partition" { type = string }
- variable "aws_region" { type = string }
- variable "environment" { type = string }
- variable "key_pairs" { type = map }
- variable "c2_accounts" { type = map }
- variable "aws_flowlogs_hec_token" { type = string }
- variable "hec_pub_ack" { type = string }
- # Calculate some local variables
- locals {
- logging_environment = var.environment == "common" ? "prod" : var.environment # common logs to prod
- c2_account = var.c2_accounts[var.aws_partition]
- is_c2 = var.aws_account_id == local.c2_account ? true : false
- }
|
