-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
203 lines (181 loc) · 5.75 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
########################################
# General Variables
########################################
variable "awsorg_name" {
description = "AWS Organization Name (can be nickname or formal name)"
type = string
}
variable "customer_name" {
description = "Customer Name"
type = string
}
variable "slack_compliance_team_channel" {
default = null
description = "The Slack channel ID for the compliance team"
type = string
}
variable "slack_security_team_channel" {
default = null
description = "The Slack channel ID for the security team"
type = string
}
variable "slack_customer_success_team_channel" {
default = null
description = "The Slack channel ID for the customer success team"
type = string
}
variable "slack_workspace_id" {
default = null
description = "The Slack workspace ID"
type = string
}
########################################
# Jira Integration
########################################
variable "account_jira_integration_profile" {
default = "NOC"
description = "The Jira integration profile"
type = string
}
variable "cost_jira_integration_profile" {
default = "NOC"
description = "The Jira integration profile"
type = string
}
variable "compliance_jira_integration_profile" {
default = "NOC"
description = "The Jira integration profile"
type = string
}
variable "security_jira_integration_profile" {
default = "NOC"
description = "The Jira integration profile"
type = string
}
variable "jira_organization_id" {
type = string
description = "Organization ID for Jira integration"
}
########################################
# Suppression Rules
########################################
variable "account_suppression_rules" {
default = []
description = "Event suppression rules (uses PagerDuty event orchestration, merged with `account_default_suppression_rules`)"
type = list(object({
label = string
condition = string
}))
}
variable "account_default_suppression_rules" {
default = [
{
label = "ACM certificate renewal successful"
condition = "event.custom_details.body matches part 'This is to notify you that AWS Certificate Manager (ACM) has completed the renewal of an SSL/TLS certificate'"
},
{
label = "CloudShell home directory inactivity"
condition = "event.custom_details.body matches part 'AWS_CLOUDSHELL_PERSISTENCE_EXPIRING'"
},
{
label = "VPN Connectivity (no redundancy lost)"
condition = "event.custom_details.log_sample matches part 'Connectivity on the second tunnel was not affected during this time' or event.custom_details.body matches part 'Connectivity on the second tunnel was not affected during this time'"
}
]
description = "Default event suppression rules (override to an empty list to disable)"
type = list(object({
label = string
condition = string
}))
}
variable "account_timebound_suppression_rules" {
default = []
description = "Timebound event suppression rules (uses PagerDuty event orchestration)"
type = list(object({
label = string
condition = string
start_time = string
end_time = string
}))
}
variable "compliance_suppression_rules" {
default = []
description = "Event suppression rules (uses PagerDuty event orchestration, merged with `compliance_default_suppression_rules`)"
type = list(object({
label = string
condition = string
}))
}
# TODO reserving for future use
variable "compliance_default_suppression_rules" {
default = []
description = "Default event suppression rules (override to an empty list to disable)"
type = list(object({
label = string
condition = string
}))
}
variable "compliance_timebound_suppression_rules" {
default = []
description = "Timebound event suppression rules (uses PagerDuty event orchestration)"
type = list(object({
label = string
condition = string
start_time = string
end_time = string
}))
}
variable "cost_suppression_rules" {
default = []
description = "Event suppression rules (uses PagerDuty event orchestration, merged with `cost_default_suppression_rules`)"
type = list(object({
label = string
condition = string
}))
}
# TODO reserving for future use
variable "cost_default_suppression_rules" {
default = []
description = "Default event suppression rules (override to an empty list to disable)"
type = list(object({
label = string
condition = string
}))
}
variable "cost_timebound_suppression_rules" {
default = []
description = "Timebound event suppression rules (uses PagerDuty event orchestration)"
type = list(object({
label = string
condition = string
start_time = string # Format "2024-03-00 00:00:00 Etc/UTC"
end_time = string # Format "2024-03-00 00:00:00 Etc/UTC"
}))
}
variable "security_suppression_rules" {
default = []
description = "Event suppression rules (uses PagerDuty event orchestration, merged with `security_default_suppression_rules`)"
type = list(object({
label = string
condition = string
}))
}
# TODO reserving for future use
variable "security_default_suppression_rules" {
default = []
description = "Default event suppression rules (override to an empty list to disable)"
type = list(object({
label = string
condition = string
}))
}
variable "security_timebound_suppression_rules" {
default = []
description = "Timebound event suppression rules (uses PagerDuty event orchestration)"
type = list(object({
label = string
condition = string
start_time = string # Format "2024-03-00 00:00:00 Etc/UTC"
end_time = string # Format "2024-03-00 00:00:00 Etc/UTC"
}))
}