variable "aws_region" { description = "AWS region" type = string default = "us-east-1" } variable "project_name" { description = "Name of the project" type = string default = "aws-cf" } variable "environment" { description = "Environment (dev, staging, prod)" type = string default = "dev" } variable "origin_domain" { description = "Origin domain name" type = string default = "origin.servidor.it.com" } variable "cloudfront_aliases" { description = "List of aliases for CloudFront distribution" type = list(string) default = ["servidor.it.com", "www.servidor.it.com"] } variable "domain_name" { description = "Main domain name for ACM certificate" type = string default = "servidor.it.com" } variable "certificate_domain_validation_options" { description = "Domain validation method for ACM certificate" type = string default = "DNS" } variable "create_route53_records" { description = "Whether to create Route53 records for domain validation and alias" type = bool default = true } variable "price_class" { description = "CloudFront distribution price class" type = string default = "PriceClass_All" validation { condition = contains([ "PriceClass_All", "PriceClass_200", "PriceClass_100" ], var.price_class) error_message = "Price class must be one of: PriceClass_All, PriceClass_200, PriceClass_100" } } variable "origin_protocol_policy" { description = "Origin protocol policy" type = string default = "https-only" validation { condition = contains([ "http-only", "https-only", "match-viewer" ], var.origin_protocol_policy) error_message = "Origin protocol policy must be one of: http-only, https-only, match-viewer" } } variable "viewer_protocol_policy" { description = "Viewer protocol policy" type = string default = "redirect-to-https" validation { condition = contains([ "allow-all", "https-only", "redirect-to-https" ], var.viewer_protocol_policy) error_message = "Viewer protocol policy must be one of: allow-all, https-only, redirect-to-https" } } variable "cache_policy_id" { description = "CloudFront cache policy ID (managed or custom)" type = string default = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad" # CachingDisabled } variable "origin_request_policy_id" { description = "CloudFront origin request policy ID" type = string default = "88a5eaf4-2fd4-4709-b370-b4c650ea3fcf" # CORS-S3Origin } # Security-related variables variable "create_alb_security_group" { description = "Whether to create ALB security group" type = bool default = false } variable "create_web_security_group" { description = "Whether to create web server security group" type = bool default = false } variable "ssh_allowed_cidrs" { description = "CIDR blocks allowed for SSH access" type = list(string) default = ["0.0.0.0/0"] # Restrict this in production } variable "enable_waf" { description = "Whether to enable WAF for CloudFront" type = bool default = false } variable "enable_cloudformation_stack" { description = "Whether to create CloudFormation stack" type = bool default = false } variable "create_acm_certificate" { description = "Whether to create ACM certificate" type = bool default = true } variable "enable_cloudfront_logging" { description = "Whether to enable CloudFront access logging" type = bool default = true } variable "cloudfront_logs_bucket" { description = "S3 bucket for CloudFront logs" type = string default = "" } variable "cloudfront_logs_prefix" { description = "Prefix for CloudFront logs in S3" type = string default = "cloudfront-logs/" }