-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
67 lines (56 loc) · 2.07 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
variable "key_vault_key_id" {
type = string
description = "The Key Vault Key ID used for encryption."
}
variable "key_vault_resource_id" {
type = string
description = "The resource ID of the Key Vault to associate with the disk encryption set."
}
variable "location" {
type = string
description = "Azure region where the resource should be deployed."
nullable = false
}
variable "name" {
type = string
description = "The name of the disk encryption set."
}
variable "resource_group_name" {
type = string
description = "The name of the resource group in which to create the disk encryption set."
}
variable "auto_key_rotation_enabled" {
type = bool
default = true
description = "Whether or not auto key rotation is enabled for the encryption set, defaults to true."
}
variable "encryption_type" {
type = string
default = "EncryptionAtRestWithCustomerKey" # Optional: Adjust default value based on your requirements
description = "The type of encryption to be used. Allowed Values are'EncryptionAtRestWithCustomerKey', 'EncryptionAtRestWithPlatformAndCustomerKeys' and 'ConfidentialVmEncryptedWithCustomerKey'."
}
variable "federated_client_id" {
type = string
default = null # Optional: Set to an empty string if not using a federated service principal
description = " Multi-tenant application client id to access key vault in a different tenant."
}
variable "managed_hsm_key_id" {
type = string
default = null # Optional: Set to an empty string if not using Managed HSM
description = "The Managed HSM Key ID used for encryption."
}
variable "system_assigned_identity_enabled" {
type = bool
default = true
description = "Enable or disable the system-assigned managed identity. Defaults to true."
}
variable "user_assigned_identities" {
type = list(string)
default = []
description = "List of user assigned identities to assign"
}
variable "tags" {
type = map(string)
default = null
description = "(Optional) Tags of the resource."
}