458 lines
11 KiB
HCL
458 lines
11 KiB
HCL
# WiFi-DensePose Terraform Variables
|
|
# This file defines all configurable variables for the infrastructure
|
|
|
|
# General Configuration
|
|
variable "project_name" {
|
|
description = "Name of the project"
|
|
type = string
|
|
default = "wifi-densepose"
|
|
|
|
validation {
|
|
condition = can(regex("^[a-z0-9-]+$", var.project_name))
|
|
error_message = "Project name must contain only lowercase letters, numbers, and hyphens."
|
|
}
|
|
}
|
|
|
|
variable "environment" {
|
|
description = "Environment name (dev, staging, production)"
|
|
type = string
|
|
default = "dev"
|
|
|
|
validation {
|
|
condition = contains(["dev", "staging", "production"], var.environment)
|
|
error_message = "Environment must be one of: dev, staging, production."
|
|
}
|
|
}
|
|
|
|
variable "owner" {
|
|
description = "Owner of the infrastructure"
|
|
type = string
|
|
default = "wifi-densepose-team"
|
|
}
|
|
|
|
# AWS Configuration
|
|
variable "aws_region" {
|
|
description = "AWS region for resources"
|
|
type = string
|
|
default = "us-west-2"
|
|
}
|
|
|
|
# Network Configuration
|
|
variable "vpc_cidr" {
|
|
description = "CIDR block for VPC"
|
|
type = string
|
|
default = "10.0.0.0/16"
|
|
|
|
validation {
|
|
condition = can(cidrhost(var.vpc_cidr, 0))
|
|
error_message = "VPC CIDR must be a valid IPv4 CIDR block."
|
|
}
|
|
}
|
|
|
|
variable "public_subnet_cidrs" {
|
|
description = "CIDR blocks for public subnets"
|
|
type = list(string)
|
|
default = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
|
|
|
|
validation {
|
|
condition = length(var.public_subnet_cidrs) >= 2
|
|
error_message = "At least 2 public subnets are required for high availability."
|
|
}
|
|
}
|
|
|
|
variable "private_subnet_cidrs" {
|
|
description = "CIDR blocks for private subnets"
|
|
type = list(string)
|
|
default = ["10.0.10.0/24", "10.0.20.0/24", "10.0.30.0/24"]
|
|
|
|
validation {
|
|
condition = length(var.private_subnet_cidrs) >= 2
|
|
error_message = "At least 2 private subnets are required for high availability."
|
|
}
|
|
}
|
|
|
|
# EKS Configuration
|
|
variable "kubernetes_version" {
|
|
description = "Kubernetes version for EKS cluster"
|
|
type = string
|
|
default = "1.28"
|
|
}
|
|
|
|
variable "node_instance_types" {
|
|
description = "EC2 instance types for EKS worker nodes"
|
|
type = list(string)
|
|
default = ["t3.medium", "t3.large"]
|
|
}
|
|
|
|
variable "node_desired_size" {
|
|
description = "Desired number of worker nodes"
|
|
type = number
|
|
default = 3
|
|
|
|
validation {
|
|
condition = var.node_desired_size >= 2
|
|
error_message = "Desired node size must be at least 2 for high availability."
|
|
}
|
|
}
|
|
|
|
variable "node_min_size" {
|
|
description = "Minimum number of worker nodes"
|
|
type = number
|
|
default = 2
|
|
|
|
validation {
|
|
condition = var.node_min_size >= 1
|
|
error_message = "Minimum node size must be at least 1."
|
|
}
|
|
}
|
|
|
|
variable "node_max_size" {
|
|
description = "Maximum number of worker nodes"
|
|
type = number
|
|
default = 10
|
|
|
|
validation {
|
|
condition = var.node_max_size >= var.node_min_size
|
|
error_message = "Maximum node size must be greater than or equal to minimum node size."
|
|
}
|
|
}
|
|
|
|
variable "key_pair_name" {
|
|
description = "EC2 Key Pair name for SSH access to worker nodes"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
# Database Configuration
|
|
variable "postgres_version" {
|
|
description = "PostgreSQL version"
|
|
type = string
|
|
default = "15.4"
|
|
}
|
|
|
|
variable "db_instance_class" {
|
|
description = "RDS instance class"
|
|
type = string
|
|
default = "db.t3.micro"
|
|
}
|
|
|
|
variable "db_allocated_storage" {
|
|
description = "Initial allocated storage for RDS instance (GB)"
|
|
type = number
|
|
default = 20
|
|
|
|
validation {
|
|
condition = var.db_allocated_storage >= 20
|
|
error_message = "Allocated storage must be at least 20 GB."
|
|
}
|
|
}
|
|
|
|
variable "db_max_allocated_storage" {
|
|
description = "Maximum allocated storage for RDS instance (GB)"
|
|
type = number
|
|
default = 100
|
|
|
|
validation {
|
|
condition = var.db_max_allocated_storage >= var.db_allocated_storage
|
|
error_message = "Maximum allocated storage must be greater than or equal to allocated storage."
|
|
}
|
|
}
|
|
|
|
variable "db_name" {
|
|
description = "Database name"
|
|
type = string
|
|
default = "wifi_densepose"
|
|
|
|
validation {
|
|
condition = can(regex("^[a-zA-Z][a-zA-Z0-9_]*$", var.db_name))
|
|
error_message = "Database name must start with a letter and contain only letters, numbers, and underscores."
|
|
}
|
|
}
|
|
|
|
variable "db_username" {
|
|
description = "Database master username"
|
|
type = string
|
|
default = "wifi_admin"
|
|
|
|
validation {
|
|
condition = can(regex("^[a-zA-Z][a-zA-Z0-9_]*$", var.db_username))
|
|
error_message = "Database username must start with a letter and contain only letters, numbers, and underscores."
|
|
}
|
|
}
|
|
|
|
variable "db_backup_retention_period" {
|
|
description = "Database backup retention period in days"
|
|
type = number
|
|
default = 7
|
|
|
|
validation {
|
|
condition = var.db_backup_retention_period >= 1 && var.db_backup_retention_period <= 35
|
|
error_message = "Backup retention period must be between 1 and 35 days."
|
|
}
|
|
}
|
|
|
|
# Redis Configuration
|
|
variable "redis_node_type" {
|
|
description = "ElastiCache Redis node type"
|
|
type = string
|
|
default = "cache.t3.micro"
|
|
}
|
|
|
|
variable "redis_num_cache_nodes" {
|
|
description = "Number of cache nodes in the Redis cluster"
|
|
type = number
|
|
default = 2
|
|
|
|
validation {
|
|
condition = var.redis_num_cache_nodes >= 1
|
|
error_message = "Number of cache nodes must be at least 1."
|
|
}
|
|
}
|
|
|
|
# Monitoring Configuration
|
|
variable "log_retention_days" {
|
|
description = "CloudWatch log retention period in days"
|
|
type = number
|
|
default = 30
|
|
|
|
validation {
|
|
condition = contains([
|
|
1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653
|
|
], var.log_retention_days)
|
|
error_message = "Log retention days must be a valid CloudWatch retention period."
|
|
}
|
|
}
|
|
|
|
# Security Configuration
|
|
variable "enable_encryption" {
|
|
description = "Enable encryption for all supported services"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "enable_deletion_protection" {
|
|
description = "Enable deletion protection for critical resources"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
# Cost Optimization
|
|
variable "enable_spot_instances" {
|
|
description = "Enable spot instances for worker nodes (not recommended for production)"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "enable_scheduled_scaling" {
|
|
description = "Enable scheduled scaling for cost optimization"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
# Feature Flags
|
|
variable "enable_gpu_nodes" {
|
|
description = "Enable GPU-enabled worker nodes for ML workloads"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "gpu_instance_types" {
|
|
description = "GPU instance types for ML workloads"
|
|
type = list(string)
|
|
default = ["g4dn.xlarge", "g4dn.2xlarge"]
|
|
}
|
|
|
|
variable "enable_fargate" {
|
|
description = "Enable AWS Fargate for serverless containers"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
# Backup and Disaster Recovery
|
|
variable "enable_cross_region_backup" {
|
|
description = "Enable cross-region backup for disaster recovery"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "backup_region" {
|
|
description = "Secondary region for cross-region backups"
|
|
type = string
|
|
default = "us-east-1"
|
|
}
|
|
|
|
# Compliance and Governance
|
|
variable "enable_config" {
|
|
description = "Enable AWS Config for compliance monitoring"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "enable_cloudtrail" {
|
|
description = "Enable AWS CloudTrail for audit logging"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "enable_guardduty" {
|
|
description = "Enable AWS GuardDuty for threat detection"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
# Application Configuration
|
|
variable "app_replicas" {
|
|
description = "Number of application replicas"
|
|
type = number
|
|
default = 3
|
|
|
|
validation {
|
|
condition = var.app_replicas >= 1
|
|
error_message = "Application replicas must be at least 1."
|
|
}
|
|
}
|
|
|
|
variable "app_cpu_request" {
|
|
description = "CPU request for application pods"
|
|
type = string
|
|
default = "100m"
|
|
}
|
|
|
|
variable "app_memory_request" {
|
|
description = "Memory request for application pods"
|
|
type = string
|
|
default = "256Mi"
|
|
}
|
|
|
|
variable "app_cpu_limit" {
|
|
description = "CPU limit for application pods"
|
|
type = string
|
|
default = "500m"
|
|
}
|
|
|
|
variable "app_memory_limit" {
|
|
description = "Memory limit for application pods"
|
|
type = string
|
|
default = "512Mi"
|
|
}
|
|
|
|
# Domain and SSL Configuration
|
|
variable "domain_name" {
|
|
description = "Domain name for the application"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "enable_ssl" {
|
|
description = "Enable SSL/TLS termination"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "ssl_certificate_arn" {
|
|
description = "ARN of the SSL certificate in ACM"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
# Monitoring and Alerting
|
|
variable "enable_prometheus" {
|
|
description = "Enable Prometheus monitoring"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "enable_grafana" {
|
|
description = "Enable Grafana dashboards"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "enable_alertmanager" {
|
|
description = "Enable AlertManager for notifications"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "slack_webhook_url" {
|
|
description = "Slack webhook URL for notifications"
|
|
type = string
|
|
default = ""
|
|
sensitive = true
|
|
}
|
|
|
|
# Development and Testing
|
|
variable "enable_debug_mode" {
|
|
description = "Enable debug mode for development"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "enable_test_data" {
|
|
description = "Enable test data seeding"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
# Performance Configuration
|
|
variable "enable_autoscaling" {
|
|
description = "Enable horizontal pod autoscaling"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "min_replicas" {
|
|
description = "Minimum number of replicas for autoscaling"
|
|
type = number
|
|
default = 2
|
|
}
|
|
|
|
variable "max_replicas" {
|
|
description = "Maximum number of replicas for autoscaling"
|
|
type = number
|
|
default = 10
|
|
}
|
|
|
|
variable "target_cpu_utilization" {
|
|
description = "Target CPU utilization percentage for autoscaling"
|
|
type = number
|
|
default = 70
|
|
|
|
validation {
|
|
condition = var.target_cpu_utilization > 0 && var.target_cpu_utilization <= 100
|
|
error_message = "Target CPU utilization must be between 1 and 100."
|
|
}
|
|
}
|
|
|
|
variable "target_memory_utilization" {
|
|
description = "Target memory utilization percentage for autoscaling"
|
|
type = number
|
|
default = 80
|
|
|
|
validation {
|
|
condition = var.target_memory_utilization > 0 && var.target_memory_utilization <= 100
|
|
error_message = "Target memory utilization must be between 1 and 100."
|
|
}
|
|
}
|
|
|
|
# Local Development
|
|
variable "local_development" {
|
|
description = "Configuration for local development environment"
|
|
type = object({
|
|
enabled = bool
|
|
skip_expensive_resources = bool
|
|
use_local_registry = bool
|
|
})
|
|
default = {
|
|
enabled = false
|
|
skip_expensive_resources = false
|
|
use_local_registry = false
|
|
}
|
|
}
|
|
|
|
# Tags
|
|
variable "additional_tags" {
|
|
description = "Additional tags to apply to all resources"
|
|
type = map(string)
|
|
default = {}
|
|
} |