From 2c6a172e4eb94f9d3e6aa52e799bc3a7956c6fbb Mon Sep 17 00:00:00 2001 From: Paul Freedman Date: Tue, 15 Nov 2022 09:04:46 +0000 Subject: [PATCH] feat: transfer-server-enhancements Additional vars to allow more deployment options --- main.tf | 16 +++++++++++++--- variables.tf | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 67 insertions(+), 3 deletions(-) diff --git a/main.tf b/main.tf index c030556..e27a146 100644 --- a/main.tf +++ b/main.tf @@ -2,9 +2,19 @@ resource "aws_transfer_server" "this" { count = var.create_transfer_server ? 1 : 0 identity_provider_type = var.identity_provider_type - logging_role = var.logging_role_arn - - endpoint_type = var.endpoint_type + logging_role = var.create_transfer_logging_role == true ? aws_iam_role.logging[0].arn : var.logging_role_arn + endpoint_type = var.endpoint_type + protocols = var.protocols + certificate = var.certificate + function = var.function + url = var.url + invocation_role = var.invocation_role + endpoint_details { + subnet_ids = var.subnet_ids + vpc_id = var.vpc_id + security_group_ids = var.security_group_ids + address_allocation_ids = var.address_allocation_ids + } tags = var.tags } diff --git a/variables.tf b/variables.tf index 78dc12f..bcd297a 100644 --- a/variables.tf +++ b/variables.tf @@ -84,4 +84,58 @@ variable "iam_path" { variable "aws_region" { description = "AWS region used in provider" default = "eu-west-1" +} + +variable "protocols" { + description = "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint" + default = ["SFTP"] + type = list(string) +} + +variable "certificate" { + description = "The Amazon Resource Name (ARN) of the AWS Certificate Manager (ACM) certificate" + default = "" +} + +variable "function" { + description = "The ARN for a lambda function to use for the Identity provider" + default = "" +} + +variable "url" { + description = "URL of the service endpoint used to authenticate users with an identity_provider_type of API_GATEWAY" + default = "" +} + +variable "invocation_role" { + description = "Amazon Resource Name (ARN) of the IAM role used to authenticate the user account with an identity_provider_type of API_GATEWAY" + default = "" +} + +variable "address_allocation_ids" { + description = "A list of address allocation IDs that are required to attach an Elastic IP address to your SFTP server's endpoint. This property can only be used when endpoint_type is set to VPC" + default = [] + type = list(string) +} + +variable "security_group_ids" { + description = "A list of security groups IDs that are available to attach to your server's endpoint. If no security groups are specified, the VPC's default security groups are automatically assigned to your endpoint. This property can only be used when endpoint_type is set to VPC." + default = [] + type = list(string) +} + +variable "subnet_ids" { + description = "A list of subnet IDs that are required to host your SFTP server endpoint in your VPC. This property can only be used when endpoint_type is set to VPC" + default = [] + type = list(string) +} + +variable "vpc_endpoint_id" { + description = "The ID of the VPC endpoint. This property can only be used when endpoint_type is set to VPC_ENDPOINT" + default = "" +} + +variable "vpc_id" { + description = "The VPC ID of the virtual private cloud in which the SFTP server's endpoint will be hosted. This property can only be used when endpoint_type is set to VPC." + default = "" } \ No newline at end of file