forked from claranet/terraform-azurerm-function-app
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
207 lines (172 loc) · 6.74 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
variable "resource_group_name" {
description = "Resource group name."
type = string
}
variable "workload" {
description = "Workload name."
type = string
}
variable "location" {
description = "Azure location for Function App and related resources."
type = string
default = "norwayeast"
}
variable "location_short" {
description = "Short string for Azure location."
type = string
default = "ne1"
}
variable "unique" {
description = "Unique string to ensure uniqueness of resources."
type = string
default = null
}
variable "function_app_version" {
description = "Version of the function app runtime to use."
type = number
default = 4
}
variable "function_app_application_settings" {
description = "Function App application settings."
type = map(string)
default = {}
}
variable "function_app_application_settings_drift_ignore" {
description = "Ignore drift from settings manually set."
type = bool
default = true
}
variable "identity_type" {
description = "Add an Identity (MSI) to the function app. Possible values are SystemAssigned or UserAssigned."
type = string
default = "SystemAssigned"
}
variable "identity_ids" {
description = "User Assigned Identities IDs to add to Function App. Mandatory if type is UserAssigned."
type = list(string)
default = null
}
variable "authorized_ips" {
description = "IPs restriction for Function in CIDR format. See documentation https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#ip_restriction"
type = list(string)
default = []
}
variable "authorized_subnet_ids" {
description = "Subnets restriction for Function App. See documentation https://www.terraform.io/docs/providers/azurerm/r/function_app.html#ip_restriction"
type = list(string)
default = []
}
variable "ip_restriction_headers" {
description = "IPs restriction headers for Function. See documentation https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#headers"
type = map(list(string))
default = null
}
variable "authorized_service_tags" {
description = "Service Tags restriction for Function App. See documentation https://www.terraform.io/docs/providers/azurerm/r/function_app.html#ip_restriction"
type = list(string)
default = []
}
variable "function_app_vnet_integration_subnet_id" {
description = "ID of the subnet to associate with the Function App (Virtual Network integration)."
type = string
default = null
}
variable "function_app_vnet_image_pull_enabled" {
description = "Whether the Function App can pull images from the container registry over the VNet."
type = bool
default = false
}
variable "function_app_pe_subnet_id" {
description = "value of the subnet to associate the private endpoint with the Function App (Incoming traffic)"
type = string
default = null
}
variable "function_app_site_config" {
description = "Site config for Function App. See documentation https://www.terraform.io/docs/providers/azurerm/r/app_service.html#site_config. IP restriction attribute is not managed in this block."
type = any
default = {}
}
variable "function_app_sticky_settings" {
description = "Lists of connection strings and app settings to prevent from swapping between slots."
type = object({
app_setting_names = optional(list(string))
connection_string_names = optional(list(string))
})
default = null
}
variable "https_only" {
description = "Whether HTTPS traffic only is enabled."
type = bool
default = true
}
variable "builtin_logging_enabled" {
description = "Whether built-in logging is enabled."
type = bool
default = true
}
variable "client_certificate_enabled" {
description = "Whether the Function App uses client certificates."
type = bool
default = null
}
variable "client_certificate_mode" {
description = "The mode of the Function App's client certificates requirement for incoming requests. Possible values are `Required`, `Optional`, and `OptionalInteractiveUser`."
type = string
default = null
}
variable "application_zip_package_path" {
description = "Local or remote path of a zip package to deploy on the Function App."
type = string
default = null
}
variable "staging_slot_enabled" {
description = "Create a staging slot alongside the Function App for blue/green deployment purposes."
type = bool
default = false
}
variable "staging_slot_custom_application_settings" {
description = "Override staging slot with custom application settings."
type = map(string)
default = null
}
# SCM parameters
variable "scm_authorized_ips" {
description = "SCM IPs restriction for Function App. See documentation https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#scm_ip_restriction"
type = list(string)
default = []
}
variable "scm_authorized_subnet_ids" {
description = "SCM subnets restriction for Function App. See documentation https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#scm_ip_restriction"
type = list(string)
default = []
}
variable "scm_ip_restriction_headers" {
description = "IPs restriction headers for Function App. See documentation https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#scm_ip_restriction"
type = map(list(string))
default = null
}
variable "scm_authorized_service_tags" {
description = "SCM Service Tags restriction for Function App. See documentation https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/function_app#scm_ip_restriction"
type = list(string)
default = []
}
variable "storage_uses_managed_identity" {
description = "Whether the Function App use Managed Identity to access the Storage Account. **Caution** This disable the storage keys on the Storage Account if created within the module."
type = bool
default = false
}
variable "function_app_key_vault_id" {
description = "ID of the existing key vault to grant read access to the web app identity."
type = string
default = null
}
variable "skip_identity_role_assignments" {
description = "Whether to skip the role assignments for the identity. Useful if you want to manage the role assignments yourself or if a managed identity is not yet assigned"
type = bool
default = false
}
variable "function_app_public_network_access_enabled" {
description = "Whether the Function App is accessible from the public internet."
type = bool
default = false
}