-
-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathoutputs.tf
136 lines (124 loc) · 4.27 KB
/
outputs.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
output "id" {
description = "The ID of the current region."
value = data.aws_region.this.id
}
output "code" {
description = "The short code of the current region."
value = local.region_codes[data.aws_region.this.id]
}
output "name" {
description = "The name of the current region."
value = data.aws_region.this.name
}
output "description" {
description = "The description of the current region in this format: `Location (Region name)`"
value = data.aws_region.this.description
}
output "cloudwdatch" {
description = <<EOF
The region-level configurations of CloudWatch service.
`oam_sink` - A configuration of CloudWatch OAM(Observability Access Manager) sink.
EOF
value = {
oam_sink = one(module.cloudwatch_oam_sink[*])
}
}
output "ebs" {
description = <<EOF
The region-level configurations of EBS service.
`default_encryption` - The configurations for EBS Default Encryption.
EOF
value = {
default_encryption = {
enabled = aws_ebs_encryption_by_default.this.enabled
kms_key = one(aws_ebs_default_kms_key.this[*].key_arn)
}
}
}
output "ec2" {
description = <<EOF
The region-level configurations of EC2 service.
`ami_public_access_enabled` - Whether to allow or block public access for AMIs at the account level to prevent the public sharing of your AMIs in this region.
`serial_console_enabled` - Whether serial console access is enabled for the current AWS region.
EOF
value = {
ami_public_access_enabled = aws_ec2_image_block_public_access.this.state == "unblocked"
instance_metadata_defaults = var.ec2.instance_metadata_defaults
serial_console_enabled = aws_ec2_serial_console_access.this.enabled
}
}
output "guardduty" {
description = <<EOF
The region-level configurations of GuardDuty service.
`delegated_administrator` - The AWS account ID for the account to designate as the delegated Amazon GuardDuty administrator account for the organization.
EOF
value = {
delegated_administrator = one(aws_guardduty_organization_admin_account.this[*].admin_account_id)
}
}
output "inspector" {
description = <<EOF
The region-level configurations of Inspector service.
`delegated_administrator` - The AWS account ID for the account to designate as the delegated Amazon Inspector administrator account for the organization.
EOF
value = {
delegated_administrator = one(aws_inspector2_delegated_admin_account.this[*].account_id)
}
}
output "macie" {
description = <<EOF
The region-level configurations of Macie service.
`delegated_administrator` - The AWS account ID for the account to designate as the delegated Amazon Macie administrator account for the organization.
EOF
value = {
delegated_administrator = one(aws_macie2_organization_admin_account.this[*].admin_account_id)
}
}
output "resource_explorer" {
description = <<EOF
The region-level configurations of Resource Explorer service.
`enabled` - Whether the Resource Explorer is enabled in the current AWS region.
`index_type` - The type of the index.
`views` - The list of views.
EOF
value = {
enabled = length(aws_resourceexplorer2_index.this) > 0
index_arn = one(aws_resourceexplorer2_index.this[*].arn)
index_type = one(aws_resourceexplorer2_index.this[*].type)
views = {
for name, view in aws_resourceexplorer2_view.this :
name => {
arn = view.arn
name = view.name
is_default = view.default_view
filter_queries = view.filters[*].filter_string
additional_resource_attributes = view.included_property[*].name
}
}
}
}
output "service_quotas" {
description = <<EOF
The region-level configurations of Service Quotas.
EOF
value = {
for code, quota in aws_servicequotas_service_quota.this :
code => {
quota_code = quota.quota_code
quota_name = quota.quota_name
default_value = quota.default_value
value = quota.value
}
}
}
output "vpc" {
description = <<EOF
The region-level configurations of VPC.
EOF
value = {
availability_zone_groups = {
for name, group in aws_ec2_availability_zone_group.this :
name => group.opt_in_status == "opted-in"
}
}
}