d-bis/infrastructure
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b970b4fc51255c7bea17e89aab247fe36a1e0421
infrastructure/terraform/modules/azure/keyvault/variables.tf
defiQUG b970b4fc51 Initial commit: add .gitignore and README
2026-02-09 21:51:46 -08:00

96 lines
2.0 KiB
HCL
Raw Blame History

# Azure Key Vault Module Variables
variable "resource_group_name" {
description = "Name of the resource group"
type = string
}
variable "location" {
description = "Azure region"
type = string
}
variable "keyvault_name" {
description = "Name of the Key Vault"
type = string
}
variable "tenant_id" {
description = "Azure tenant ID"
type = string
}
variable "sku_name" {
description = "SKU name (standard or premium)"
type = string
default = "standard"
}
variable "enabled_for_deployment" {
description = "Enable for VM deployment"
type = bool
default = false
}
variable "enabled_for_disk_encryption" {
description = "Enable for disk encryption"
type = bool
default = false
}
variable "enabled_for_template_deployment" {
description = "Enable for template deployment"
type = bool
default = false
}
variable "network_acls" {
description = "Network ACLs configuration"
type = object({
default_action = string
bypass = string
ip_rules = list(string)
virtual_network_subnet_ids = list(string)
})
default = {
default_action = "Deny"
bypass = "AzureServices"
ip_rules = []
virtual_network_subnet_ids = []
}
}
variable "access_policies" {
description = "List of access policies"
type = list(object({
object_id = string
key_permissions = list(string)
secret_permissions = list(string)
certificate_permissions = list(string)
storage_permissions = list(string)
}))
default = []
}
variable "enable_rbac" {
description = "Enable RBAC for Key Vault"
type = bool
default = false
}
variable "rbac_assignments" {
description = "RBAC role assignments"
type = map(object({
role_definition_name = string
principal_id = string
}))
default = {}
}
variable "tags" {
description = "Tags to apply to resources"
type = map(string)
default = {}
}
Reference in New Issue View Git Blame Copy Permalink