ghndrx/terraform-foundation
1
0
Fork 0
mirror of https://github.com/ghndrx/terraform-foundation.git synced 2026-02-10 14:54:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
a4e07796b892cf21d45cd7e3494824340ef9d6f5
terraform-foundation/terraform/modules/tenant-onboard/variables.tf
Greg Hendrickson 6136cde9bb feat: Terraform Foundation - AWS Landing Zone 
Enterprise-grade multi-tenant AWS cloud foundation.

Modules:
- GitHub OIDC for keyless CI/CD authentication
- IAM account settings and security baseline
- AWS Config Rules for compliance
- ABAC (Attribute-Based Access Control)
- SCPs (Service Control Policies)

Features:
- Multi-account architecture
- Cost optimization patterns
- Security best practices
- Comprehensive documentation

Tech: Terraform, AWS Organizations, IAM Identity Center
2026-02-02 02:57:23 +00:00

71 lines
1.6 KiB
HCL
Raw Blame History

variable "tenant" {
description = "Tenant identifier (lowercase, no spaces)"
type = string
validation {
condition = can(regex("^[a-z0-9-]+$", var.tenant))
error_message = "Tenant must be lowercase alphanumeric with hyphens only."
}
}
variable "email_domain" {
description = "Domain for AWS account emails"
type = string
}
variable "email_prefix" {
description = "Email prefix before + sign"
type = string
default = "aws"
}
variable "production_ou_id" {
description = "ID of the Production OU"
type = string
}
variable "nonproduction_ou_id" {
description = "ID of the Non-Production OU"
type = string
}
variable "environments" {
description = "Environments to create for each app"
type = list(string)
default = ["prod", "staging", "dev"]
}
variable "apps" {
description = "Map of applications for this tenant"
type = map(object({
monthly_budget = number
owner_email = string
}))
}
variable "monthly_budget" {
description = "Total monthly budget for tenant"
type = number
default = 1000
}
variable "alert_emails" {
description = "Emails to receive budget alerts"
type = list(string)
}
variable "permission_set_admin_arn" {
description = "ARN of the TenantAdmin permission set"
type = string
}
variable "permission_set_developer_arn" {
description = "ARN of the TenantDeveloper permission set"
type = string
}
variable "permission_set_readonly_arn" {
description = "ARN of the TenantReadOnly permission set"
type = string
}
Reference in New Issue View Git Blame Copy Permalink