11variable "ebs" {
2+ description = " EBS account-level config"
23 type = object ({
34 encrypted = optional (bool , true )
45 })
56 default = {}
67}
78
89variable "s3" {
10+ description = " S3 account-level config"
911 type = object ({
10- block_public_acls = optional (bool , true )
11- block_public_policy = optional (bool , true )
12- ignore_public_acls = optional (bool , true )
13- restrict_public_buckets = optional (bool , true )
12+ public_access_block = optional (object ({
13+ enabled = optional (bool , true )
14+ block_public_acls = optional (bool , true )
15+ block_public_policy = optional (bool , true )
16+ ignore_public_acls = optional (bool , true )
17+ restrict_public_buckets = optional (bool , true )
18+ }), {})
1419 })
1520 default = {}
1621}
1722
18- # variable "iam" {
19- # type = object({
20- # password_policy = optional(object({
21- # allow_password_change = optional(bool, true)
22- # reuse_prevention = optional(bool, true)
23- # hard_expiry = optional(bool, false)
24- # max_password_age = optional(number, null)
25- # min_length = optional(number, 8)
23+ variable "iam" {
24+ description = " IAM account-level config"
25+ type = object ({
26+ password_policy = optional (object ({
27+ enabled = optional (bool , true )
28+ allow_users_to_change_password = optional (bool , true )
29+ password_reuse_prevention = optional (number , 0 )
30+ hard_expiry = optional (bool , false )
31+ max_password_age = optional (number , null )
32+ minimum_password_length = optional (number , 12 )
2633
27- # }), {})
28- # })
29- # }
34+ require_lowercase_characters = optional (bool , true )
35+ require_uppercase_characters = optional (bool , true )
36+ require_numbers = optional (bool , true )
37+ require_symbols = optional (bool , true )
38+ }), {})
39+ })
40+ default = {}
41+ }
0 commit comments