Created
September 26, 2019 10:54
-
-
Save devopsbrett/313a4cccbfe839daf3a42e037c6393b7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
######################################################## | |
# | |
# Vars for creating project level related resources | |
# (ie. vpc, firewall rules, vpc-peering, etc.) | |
# | |
######################################################## | |
#####Project setup info | |
region = "us-central1" #used for makefile | |
organization = "" | |
org_id = "" | |
prefix_org_setup = "org_setup_hashicorp-demo-vault" | |
prefix_project_setup = "project_setup_hashicorp-demo-vault" | |
prefix_infrastructure = "vault_setup" | |
prefix_roots = "vault_setup" | |
state_bucket_name = "gcp-sm-vault-bmack" | |
state_project_name = "vault-playground" | |
#### Uncomment this if not using our makefiles | |
#terraform_workspace = "project_setup_hashicorp-demo-vault" | |
# | |
#### Architecture Decisions | |
use_userdata = false | |
use_mig = true | |
use_elb = true | |
internal_elb = true | |
use_auto_unseal = true | |
####VPC (google_network) info | |
create_vpc_secondary_ranges = false | |
hashicorp-demo_vault_region = "us-central1" | |
hashicorp-demo_vault_network_name = "vaultdemo" | |
hashicorp-demo_vault_private-subnet_name = "hashicorp-demo-vault-private" | |
hashicorp-demo_private_subnet_ip = "10.130.11.5" | |
private_subnets_cidr = ["10.130.11.0/24"] | |
hashicorp-demo_vault_private-subnet_flow_logs = false | |
hashicorp-demo_vault_private-subnet_private_access = true | |
hashicorp-demo_vault_public-subnet_name = "hashicorp-demo-vault-public" | |
hashicorp-demo_vault_public_subnet_ip = "10.130.12.5" | |
public_subnets_cidr = ["10.130.12.0/24"] | |
hashicorp-demo_vault_public-subnet_flow_logs = false | |
hashicorp-demo_vault_public-subnet_private_access = false | |
###### Firewall Rule Info | |
hashicorp-demo_ingress_enable_logging = true | |
hashicorp-demo_ingress_priority = "1000" | |
hashicorp-demo_ingress_direction = "INGRESS" | |
hashicorp-demo_ingress_bastion_protocol = "tcp" | |
hashicorp-demo_ingress_bastion_ports = ["22"] | |
hashicorp-demo_ingress_bastion_source_ranges = ["0.0.0.0/0"] | |
hashicorp-demo_ingress_bastion_target_tags = ["bretttest-ingress-bastion"] | |
hashicorp-demo_ingress_cluster_protocol = "tcp" | |
hashicorp-demo_ingress_cluster_ports = ["22", "80", "443", "8200", "8201"] | |
hashicorp-demo_ingress_cluster_source_ranges = ["0.0.0.0/0"] | |
hashicorp-demo_ingress_cluster_target_tags = ["bretttest-ingress-cluster"] | |
###### Bastion Host Info | |
bastion_instance_name = "vault-bastion" | |
bastion_instance_type = "n1-standard-1" | |
bastion_count_compute = 1 | |
bastion_image_id = "centos-7-v20190916" | |
ssh_user = "brett" | |
ssh_key_pub = "~/.ssh/id_rsa.pub" | |
# Service Account block | |
bastion_scopes = ["cloud-platform"] | |
# Tags and Label Variables | |
bastion_compute_tags = ["allow-ssh", "bretttest-ingress-cluster"] | |
bastion_compute_labels = { | |
"owner" = "brett" | |
} | |
#####Managed Instance Group info | |
availability_zones = ["us-central1-a", "us-central1-b", "us-central1-c"] | |
gcp_zones = ["us-central1-a", "us-central1-b", "us-central1-c"] | |
//additional_ag_ids = | |
#temporary | |
image_id = "centos-7/centos-7-v20190916" | |
vault_image_name = "centos-7-v20190916" | |
consul_image_name = "centos-7-v20190916" | |
#temporary | |
instance_type = "n1-standard-1" | |
vault_instance_type = "n1-standard-1" | |
consul_instance_type = "n1-standard-1" | |
##### Cluster Info | |
cluster_name = "brett-cluster" | |
consul_cluster_tag = "consul-server" | |
vault_cluster_tag = "vault-server" | |
gcp_region = "us-central1" | |
vault_cluster_size = 3 | |
consul_cluster_size = 3 | |
# vault_binary = "vault.zip" | |
vault_version = "1.2.2" | |
consul_version = "1.6.0" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment