Global¶
All 'shared' configuration that applies to all sites.
Schema¶
Required¶
environment(String) Identifier for the environment. For exampledevelopment,testorproduction. Is used to set theenvironmentvariable for terraform componentscloud(String) Eitherazure,awsorgcp. Defines the cloud provider to use. This will be used to load the correct cloud specific configuration.terraform_config(Block) This configuration will determine what type of backend terraform will use to store its state. See below for nested schema
Optional¶
variables(Map of String) Variables for this configuration. Note that variables with the same name set in the site configuration or site component configuration will override these valuessecrets(Map of String) Variables for this configuration that should be stored in an encrypted key-value store . Note that variables with the same name set in the site configuration or site component configuration will override these values
Dynamic¶
Based on loaded plugins in the mach_composer block, more configuration
blocks might be loaded here. For example, if the sentry plugin is loaded a
block named sentry will be loaded here. Refer to the
plugin documentation
to see what configuration blocks will be loaded.
sentry:
auth_token: <your-sentry-auth-token>
organization: <your-sentry-organization>
project: <your-sentry-project>
rate_limit_window: <your-sentry-rate-limit-window>
rate_limit_count: <your-sentry-rate-limit-count>
Nested schema for terraform_config¶
Terraform configuration block. Can be used to configure the state backend and Terraform provider versions.
Optional¶
providers(Map of String) Can be used to overwrite the MACH Plugin defaults for the Terraform provider versions. The format isprovider_name: version. For exampleaws: 3.0.0. If left empty the plugin defaults will be used.remote_state(Block) Remote state configuration. If left empty local state will be used. It is recommended to use one of the supported cloud providers for remote state instead.
Nested schema for remote_state¶
Required¶
plugin(String) The plugin to use. One ofaws,gcp,azureorlocal. This will determine what remote state backend configs will be available
Dynamic¶
Depending on the plugin value, the following blocks will be merged into
the remote_state block:
azure(Block) Azure state configuration for Azure backendaws(Block) AWS state configuration for AWS backendgcp(Block) GCP state configuration for GCP backendlocal(Block) Local state configuration for local backend
Nested schema for azure¶
An Azure state backend can be configured with the following options
Example¶
remote_state:
plugin: azure
resource_group: <your resource group>
storage_account: <storage account name>
container_name: <container name>
state_folder: <state folder>
A good convention is to give the state_folder the same name as the environment
Required¶
resource_group(String) Resource group namestorage_account(String) Storage account namecontainer_name(String) Container name
Optional¶
state_folder(String) Folder name for each individual Terraform state. If left empty the site identifier will be used
Nested schema for aws¶
An AWS S3 state backend can be configured with the following options
Example¶
remote_state:
plugin: aws
bucket: <your bucket>
region: <your region>
key_prefix: <your key prefix>
role_arn: <your role arn>
Required¶
bucket(String) S3 bucket nameregion(String) AWS regionkey_prefix(String) Key prefix for each individual Terraform state
Optional¶
role_arn- Role ARN to access S3 bucket withlock_table- DynamoDB lock tableencrypt- Enable server side encryption of the state file. Defaults toTrue
Nested schema for gcp¶
A GCP state backend can be configured with the following options
Example¶
remote_state:
plugin: gcp
bucket: <your bucket>
prefix: <your prefix>
Required¶
bucket(String) GCS bucket nameprefix(String) Prefix for each individual Terraform state
Nested schema for local¶
A GCP state backend can be configured with the following options
Example¶
remote_state:
plugin: local
path: <your path>
Optional¶
path(String) Local path to store state files. Defaults to./terraform.tfstate