terraform-azurerm-backup-vault/variables.tf

variable "rg_name" {
  type = string
}

variable "location" {
  type = string
}

variable "base_name" {
  type    = string
  default = null
}

variable "name" {
  type    = string
  default = null

  validation {
    condition = (
      (var.name != null && trimspace(var.name) != "") ||
      (var.base_name != null && trimspace(var.base_name) != "")
    )
    error_message = "Provide name or base_name with a non-empty value."
  }
}

variable "datastore_type" {
  type    = string
  default = "VaultStore"

  validation {
    condition     = contains(["ArchiveStore", "OperationalStore", "SnapshotStore", "VaultStore"], var.datastore_type)
    error_message = "datastore_type must be one of 'ArchiveStore', 'OperationalStore', 'SnapshotStore', or 'VaultStore'."
  }
}

variable "redundancy" {
  type    = string
  default = "LocallyRedundant"

  validation {
    condition     = contains(["GeoRedundant", "LocallyRedundant", "ZoneRedundant"], var.redundancy)
    error_message = "redundancy must be one of 'GeoRedundant', 'LocallyRedundant', or 'ZoneRedundant'."
  }
}

variable "cross_region_restore_enabled" {
  type    = bool
  default = false

  validation {
    condition     = var.cross_region_restore_enabled == false || var.redundancy == "GeoRedundant"
    error_message = "cross_region_restore_enabled can only be true when redundancy is 'GeoRedundant'."
  }
}

variable "retention_duration_in_days" {
  type    = number
  default = 14

  validation {
    condition     = var.retention_duration_in_days >= 14 && var.retention_duration_in_days <= 180
    error_message = "retention_duration_in_days must be between 14 and 180."
  }
}

variable "immutability" {
  type    = string
  default = "Disabled"

  validation {
    condition     = contains(["Disabled", "Locked", "Unlocked"], var.immutability)
    error_message = "immutability must be one of 'Disabled', 'Locked', or 'Unlocked'."
  }
}

variable "soft_delete" {
  type    = string
  default = "On"

  validation {
    condition     = contains(["AlwaysOn", "Off", "On"], var.soft_delete)
    error_message = "soft_delete must be one of 'AlwaysOn', 'Off', or 'On'."
  }
}

variable "identity" {
  type = object({
    type         = string
    identity_ids = optional(list(string))
  })
  default = null

  validation {
    condition = (
      var.identity == null ||
      contains([
        "SystemAssigned",
        "UserAssigned",
        "SystemAssigned, UserAssigned",
      ], var.identity.type)
    )
    error_message = "identity.type must be one of 'SystemAssigned', 'UserAssigned', or 'SystemAssigned, UserAssigned'."
  }

  validation {
    condition = (
      var.identity == null ||
      var.identity.type != "UserAssigned" ||
      length(try(var.identity.identity_ids, [])) > 0
    )
    error_message = "identity.identity_ids must be provided when identity.type is 'UserAssigned'."
  }
}

variable "tags" {
  type    = map(string)
  default = {}
}