| acm_certificate_domain_name |
Route53 domain name to use for ACM certificate. Route53 zone for this domain should be created in advance. Specify if it is different from value in route53_zone_name |
string |
"" |
no |
| alb_authenticate_cognito |
Map of AWS Cognito authentication parameters to protect ALB (eg, using SAML). See https://www.terraform.io/docs/providers/aws/r/lb_listener.html#authenticate-cognito-action |
any |
{} |
no |
| alb_authenticate_oidc |
Map of Authenticate OIDC parameters to protect ALB (eg, using Auth0). See https://www.terraform.io/docs/providers/aws/r/lb_listener.html#authenticate-oidc-action |
any |
{} |
no |
| alb_ingress_cidr_blocks |
List of IPv4 CIDR ranges to use on all ingress rules of the ALB. |
list(string) |
[
"0.0.0.0/0"
] |
no |
| alb_log_bucket_name |
S3 bucket (externally created) for storing load balancer access logs. Required if alb_logging_enabled is true. |
string |
"" |
no |
| alb_log_location_prefix |
S3 prefix within the log_bucket_name under which logs are stored. |
string |
"" |
no |
| alb_logging_enabled |
Controls if the ALB will log requests to S3. |
bool |
false |
no |
| allow_github_webhooks |
Whether to allow access for GitHub webhooks |
bool |
false |
no |
| allow_unauthenticated_access |
Whether to create ALB listener rule to allow unauthenticated access for certain CIDR blocks (eg. allow GitHub webhooks to bypass OIDC authentication) |
bool |
false |
no |
| allow_unauthenticated_access_priority |
ALB listener rule priority for allow unauthenticated access rule |
number |
10 |
no |
| assume_role_arn |
A list of the ARN to add as allowed assume role |
list(string) |
[
"arn:aws:iam::098105867987:role/Terraform",
"arn:aws:iam::098105867987:role/Terraform"
] |
no |
| atlantis_allow_repo_config |
When true allows the use of atlantis.yaml config files within the source repos. |
string |
"false" |
no |
| atlantis_allowed_repo_names |
Git repositories where webhook should be created |
list(string) |
[] |
no |
| atlantis_fqdn |
FQDN of Atlantis to use. Set this only to override Route53 and ALB's DNS name. |
string |
null |
no |
| atlantis_hide_prev_plan_comments |
Enables atlantis server --hide-prev-plan-comments hiding previous plan comments on update |
string |
"false" |
no |
| atlantis_image |
Docker image to run Atlantis with. If not specified, official Atlantis image will be used |
string |
"" |
no |
| atlantis_log_level |
Log level that Atlantis will run with. Accepted values are: <debug|info|warn|error> |
string |
"debug" |
no |
| atlantis_port |
Local port Atlantis should be running on. Default value is most likely fine. |
number |
4141 |
no |
| atlantis_version |
Verion of Atlantis to run. If not specified latest will be used |
string |
"latest" |
no |
| azs |
A list of availability zones in the region |
list(string) |
[] |
no |
| certificate_arn |
ARN of certificate issued by AWS ACM. If empty, a new ACM certificate will be created and validated using Route53 DNS |
string |
"" |
no |
| cidr |
The CIDR block for the VPC which will be created if vpc_id is not specified |
string |
"" |
no |
| cloudwatch_log_retention_in_days |
Retention period of Atlantis CloudWatch logs |
number |
7 |
no |
| container_memory_reservation |
The amount of memory (in MiB) to reserve for the container |
number |
128 |
no |
| create_route53_record |
Whether to create Route53 record for Atlantis |
bool |
true |
no |
| custom_container_definitions |
A list of valid container definitions provided as a single valid JSON document. By default, the standard container definition is used. |
string |
"" |
no |
| custom_environment_secrets |
List of additional secrets the container will use (list should contain maps with name and valueFrom) |
list(object(
{
name = string
valueFrom = string
}
)) |
[] |
no |
| custom_environment_variables |
List of additional environment variables the container will use (list should contain maps with name and value) |
list(object(
{
name = string
value = string
}
)) |
[] |
no |
| ecs_cluster_id |
The ECS cluster ID |
any |
n/a |
yes |
| ecs_service_assign_public_ip |
Should be true, if ECS service is using public subnets (more info: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_cannot_pull_image.html) |
bool |
false |
no |
| ecs_service_deployment_maximum_percent |
The upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment |
number |
200 |
no |
| ecs_service_deployment_minimum_healthy_percent |
The lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment |
number |
50 |
no |
| ecs_service_desired_count |
The number of instances of the task definition to place and keep running |
number |
1 |
no |
| ecs_task_cpu |
The number of cpu units used by the task |
number |
256 |
no |
| ecs_task_memory |
The amount (in MiB) of memory used by the task |
number |
512 |
no |
| environment |
The name of the environment |
string |
n/a |
yes |
| github_atlantis_user |
GitHub username that is running the Atlantis command |
string |
n/a |
yes |
| github_atlantis_user_ssh_key_ssm_parameter_name |
Name of SSM parameter to keep the ssh private secret |
string |
"/atlantis/github/user/private_ssh_key" |
no |
| github_atlantis_user_token_ssm_parameter_name |
Name of SSM parameter to keep github_atlantis_user_token |
string |
"/atlantis/github/user/token" |
no |
| github_repo_whitelist |
List of allowed repositories Atlantis can be used with |
list(string) |
n/a |
yes |
| github_webhook_ssm_parameter_name |
Name of SSM parameter to keep webhook secret |
string |
n/a |
yes |
| github_webhooks_cidr_blocks |
List of CIDR blocks used by GitHub webhooks |
list(string) |
[
"140.82.112.0/20",
"185.199.108.0/22",
"192.30.252.0/22"
] |
no |
| internal |
Whether the load balancer is internal or external |
bool |
false |
no |
| lb_extra_security_group_ids |
List of one or more security groups to be added to the load balancer |
list(string) |
[] |
no |
| name |
Name to use on all resources created (VPC, ALB, etc) |
string |
"atlantis" |
no |
| policies_arn |
A list of the ARN of the policies you want to apply |
list(string) |
[
"arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
] |
no |
| private_subnet_ids |
A list of IDs of existing private subnets inside the VPC |
list(string) |
[] |
no |
| private_subnets |
A list of private subnets inside the VPC |
list(string) |
[] |
no |
| public_subnet_ids |
A list of IDs of existing public subnets inside the VPC |
list(string) |
[] |
no |
| public_subnets |
A list of public subnets inside the VPC |
list(string) |
[] |
no |
| route53_record_name |
Name of Route53 record to create ACM certificate in and main A-record. If null is specified, var.name is used instead. Provide empty string to point root domain name to ALB. |
string |
null |
no |
| route53_zone_name |
Route53 zone name to create ACM certificate in and main A-record, without trailing dot |
string |
"" |
no |
| ssm_kms_key_arn |
ARN of KMS key to use for encryption and decryption of SSM Parameters. Required only if your key uses a custom KMS key and not the default key |
string |
"" |
no |
| tags |
A map of tags to use on all resources |
map(string) |
n/a |
yes |
| vpc_id |
ID of an existing VPC where resources will be created |
string |
"" |
no |
| whitelist_unauthenticated_cidr_blocks |
List of allowed CIDR blocks to bypass authentication |
list(string) |
[] |
no |
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent