-
-
Notifications
You must be signed in to change notification settings - Fork 29
/
Copy pathvariables.tf
73 lines (65 loc) · 2.66 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
variable "datadog_aws_account_id" {
type = string
description = "The AWS account ID Datadog's integration servers use for all integrations"
default = "464622532012"
}
variable "policies" {
type = list(string)
description = <<-EOT
List of Datadog's names for AWS IAM policies names to apply to the role.
Valid options are "core-integration", "full-integration", "resource-collection", "CSPM", "SecurityAudit", "everything".
"CSPM" is for Cloud Security Posture Management, which also requires "full-integration".
"SecurityAudit" is for the AWS-managed `SecurityAudit` Policy.
"everything" means all permissions for offerings.
EOT
validation {
condition = alltrue([
for policy in var.policies :
contains([
"core-integration",
"full-integration",
"resource-collection",
"CSPM",
"SecurityAudit",
"everything"
], policy)
])
error_message = "Invalid policy. Valid options are: core-integration, full-integration, resource-collection, CSPM, SecurityAudit, everything."
}
default = []
}
variable "filter_tags" {
type = list(string)
description = "An array of EC2 tags (in the form `key:value`) that defines a filter that Datadog use when collecting metrics from EC2. Wildcards, such as ? (for single characters) and * (for multiple characters) can also be used"
default = null
}
variable "host_tags" {
type = list(string)
description = "An array of tags (in the form `key:value`) to add to all hosts and metrics reporting through this integration"
default = null
}
variable "excluded_regions" {
type = list(string)
default = null
description = "An array of AWS regions to exclude from metrics collection"
}
variable "account_specific_namespace_rules" {
type = map(string)
default = null
description = "An object, (in the form {\"namespace1\":true/false, \"namespace2\":true/false} ), that enables or disables metric collection for specific AWS namespaces for this AWS account only"
}
variable "cspm_resource_collection_enabled" {
type = bool
default = null
description = "Whether Datadog collects cloud security posture management resources from your AWS account."
}
variable "metrics_collection_enabled" {
type = bool
default = null
description = "Whether Datadog collects metrics for this AWS account."
}
variable "extended_resource_collection_enabled" {
type = bool
description = "Whether Datadog collects additional attributes and configuration information about the resources in your AWS account. Required for `cspm_resource_collection_enabled`."
default = null
}