| apim_auth_token_schedule |
Schedule to renew the APIM auth token |
string |
"rate(9 minutes)" |
no |
| apim_auth_token_url |
URL to generate an APIM auth token |
string |
"https://int.api.service.nhs.uk/oauth2/token" |
no |
| apim_base_url |
The URL used to send requests to PDM |
string |
"https://int.api.service.nhs.uk" |
no |
| apim_keygen_schedule |
Schedule to refresh key pairs if necessary |
string |
"cron(0 14 * * ? *)" |
no |
| aws_account_id |
The AWS Account ID (numeric) |
string |
n/a |
yes |
| component |
The variable encapsulating the name of this component |
string |
"dl" |
no |
| core_notify_url |
The URL used to send requests to Notify |
string |
"https://sandbox.api.service.nhs.uk" |
no |
| default_tags |
A map of default tags to apply to all taggable resources within the component |
map(string) |
{} |
no |
| enable_dynamodb_delete_protection |
Enable DynamoDB Delete Protection on all Tables |
bool |
true |
no |
| enable_mock_mesh |
Enable mock mesh access (dev only). Grants lambda permission to read mock-mesh prefix in non-pii bucket. |
bool |
false |
no |
| enable_pdm_mock |
Flag indicating whether to deploy PDM mock API (should be false in production environments) |
bool |
true |
no |
| environment |
The name of the tfscaffold environment |
string |
n/a |
yes |
| force_destroy |
Flag to force deletion of S3 buckets |
bool |
false |
no |
| force_lambda_code_deploy |
If the lambda package in s3 has the same commit id tag as the terraform build branch, the lambda will not update automatically. Set to True if making changes to Lambda code from on the same commit for example during development |
bool |
false |
no |
| group |
The group variables are being inherited from (often synonmous with account short-name) |
string |
n/a |
yes |
| kms_deletion_window |
When a kms key is deleted, how long should it wait in the pending deletion state? |
string |
"30" |
no |
| log_level |
The log level to be used in lambda functions within the component. Any log with a lower severity than the configured value will not be logged: https://docs.python.org/3/library/logging.html#levels |
string |
"INFO" |
no |
| log_retention_in_days |
The retention period in days for the Cloudwatch Logs events to be retained, default of 0 is indefinite |
number |
0 |
no |
| mesh_poll_schedule |
Schedule to poll MESH for messages |
string |
"rate(5 minutes)" |
no |
| parent_acct_environment |
Name of the environment responsible for the acct resources used, affects things like DNS zone. Useful for named dev environments |
string |
"main" |
no |
| pdm_mock_access_token |
Mock access token for PDM API authentication (used in local/dev environments) |
string |
"mock-pdm-token" |
no |
| pdm_use_non_mock_token |
Whether to use the shared APIM access token from SSM (/component/environment/apim/access_token) instead of the mock token |
bool |
false |
no |
| project |
The name of the tfscaffold project |
string |
n/a |
yes |
| queue_batch_size |
maximum number of queue items to process |
number |
10 |
no |
| queue_batch_window_seconds |
maximum time in seconds between processing events |
number |
1 |
no |
| region |
The AWS Region |
string |
n/a |
yes |
| shared_infra_account_id |
The AWS Shared Infra Account ID (numeric) |
string |
n/a |
yes |
| ttl_poll_schedule |
Schedule to poll for any overdue TTL records |
string |
"rate(10 minutes)" |
no |