app |
The application's name |
string |
- |
yes |
aws_profile |
The AWS Profile to use |
string |
- |
yes |
certificate_arn |
The ARN for the SSL certificate |
string |
- |
yes |
container_name |
The name of the container to run |
string |
app |
no |
container_port |
The port the container will listen on, used for load balancer health check Best practice is that this value is higher than 1024 so the container processes isn't running at root. |
string |
- |
yes |
default_backend_image |
The default docker image to deploy with the infrastructure. Note that you can use the fargate CLI for application concerns like deploying actual application images and environment variables on top of the infrastructure provisioned by this template https://github.com/turnerlabs/fargate note that the source for the turner default backend image is here: https://github.com/turnerlabs/turner-defaultbackend |
string |
quay.io/turner/turner-defaultbackend:0.2.0 |
no |
deregistration_delay |
The amount time for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused |
string |
30 |
no |
ecs_as_cpu_high_threshold_per |
If the average CPU utilization over a minute rises to this threshold, the number of containers will be increased (but not above ecs_autoscale_max_instances). |
string |
80 |
no |
ecs_as_cpu_low_threshold_per |
If the average CPU utilization over a minute drops to this threshold, the number of containers will be reduced (but not below ecs_autoscale_min_instances). |
string |
20 |
no |
ecs_autoscale_max_instances |
The maximum number of containers that should be running. used by both autoscale-perf.tf and autoscale.time.tf |
string |
8 |
no |
ecs_autoscale_min_instances |
The minimum number of containers that should be running. Must be at least 1. used by both autoscale-perf.tf and autoscale.time.tf For production, consider using at least "2". |
string |
1 |
no |
environment |
The environment that is being built |
string |
- |
yes |
health_check |
The path to the health check for the load balancer to know if the container(s) are ready |
string |
- |
yes |
health_check_interval |
How often to check the liveliness of the container |
string |
30 |
no |
health_check_matcher |
What HTTP response code to listen for |
string |
200 |
no |
health_check_timeout |
How long to wait for the response on the health check path |
string |
10 |
no |
https_port |
The port to listen on for HTTPS, always use 443 |
string |
443 |
no |
internal |
Whether the application is available on the public internet, also will determine which subnets will be used (public or private) |
string |
true |
no |
lb_port |
The port the load balancer will listen on |
string |
80 |
no |
lb_protocol |
The load balancer protocol |
string |
HTTP |
no |
logs_retention_in_days |
Specifies the number of days you want to retain log events |
int |
90 |
no |
logz_token |
The auth token to use for sending logs to Logz.io |
string |
- |
yes |
logz_url |
The endpoint to use for sending logs to Logz.io |
string |
https://listener.logz.io:8071 |
no |
private_subnets |
The private subnets, minimum of 2, that are a part of the VPC(s) |
string |
- |
yes |
public_subnets |
The public subnets, minimum of 2, that are a part of the VPC(s) |
string |
- |
yes |
region |
The AWS region to use for the dev environment's infrastructure`. |
string |
us-east-1 |
no |
replicas |
How many containers to run |
string |
1 |
no |
saml_role |
The SAML role to use for adding users to the ECR policy |
string |
- |
yes |
scale_down_cron |
Default scale down at 7 pm every day |
string |
cron(0 23 * * ? *) |
no |
scale_down_max_capacity |
The maximum number of containers to scale down to. |
string |
0 |
no |
scale_down_min_capacity |
The mimimum number of containers to scale down to. Set this and scale_down_max_capacity to 0 to turn off service on the scale_down_cron schedule. |
string |
0 |
no |
scale_up_cron |
Default scale up at 7 am weekdays, this is UTC so it doesn't adjust to daylight savings https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html |
string |
cron(0 11 ? * MON-FRI *) |
no |
secret_dir |
directory where secret is written |
string |
/var/secret |
yes |
secret_sidecar_image |
sidecar container that writes the secret to a file accessible by app container |
string |
quay.io/turner/secretsmanager-sidecar |
yes |
secrets_saml_users |
The users (email addresses) from the saml role to give access |
list |
- |
yes |
tags |
Tags for the infrastructure |
map |
- |
yes |
vpc |
The VPC to use for the Fargate cluster |
string |
- |
yes |