terraform-aws-gatekeeper-eb

This repository is used to create the elastic beanstalk infrastructure for the Gatekeeper OIDC/OAuth2 service.

Requirements

Name	Version
terraform	>=1.2.2
aws	>=4.17.1

Providers

Name	Version
aws	>=4.17.1

Modules

No modules.

Resources

Name	Type
aws_ecr_repository.gatekeeper_arm64	resource
aws_elastic_beanstalk_application.gatekeeper	resource
aws_elastic_beanstalk_environment.web_server_prod	resource
aws_iam_instance_profile.aws_eb_ec2_instance_profile	resource
aws_iam_role.aws_eb_ec2_role	resource
aws_iam_role_policy_attachment.ecr	resource
aws_security_group.ip_block	resource
aws_acm_certificate.gk_cert	data source
aws_elastic_beanstalk_solution_stack.stack	data source
aws_iam_policy.amazon_ec2_container_registry_readonly	data source
aws_iam_policy_document.assume_role_policy	data source
aws_subnets.default_subnets	data source
aws_vpc.default_vpc	data source

Inputs

Name	Description	Type	Default	Required
app_secret	A secret used by the running application	`string`	n/a	yes
custom_domain	The custom domain for the web server environment	`string`	n/a	yes
default_vpc_id	The id of the default VPC in the region	`string`	n/a	yes
deployment_policy	Choose a deployment policy for application version deployments	`string`	n/a	yes
ecr_arm64_repo_name	The name of the ECR that stores arm64 images	`string`	n/a	yes
elastic_beanstalk_app_name	The name of the elastic beanstalk application	`string`	n/a	yes
email_from	Which email address email messages are from	`string`	n/a	yes
email_provider	The third party service that sends email messages	`string`	n/a	yes
enc_key	A key used to encode / encrypt data	`string`	n/a	yes
environment_type	The type of elastic beanstalk environment to deploy, LoadBalanced or SingleInstance	`string`	n/a	yes
inbound_ip_addresses	The set of source IP addresses that are allowed to connect	`set(string)`	n/a	yes
instance_types	The EC2 instance types used by the app servers	`list(string)`	n/a	yes
max_instance_count	The maximum number of instances that can be running under peak load	`number`	n/a	yes
mfa_issuer	The string displayed in Google Authenticator to describe the TOTP	`string`	n/a	yes
min_instance_count	The minimum number of instances that should be running at all times	`number`	n/a	yes
mongo_uri	Connection string used to connect to MongoDB	`string`	n/a	yes
outbound_ip_addresses	The set of IP addresses that can be accessed on outbound connections	`set(string)`	n/a	yes
region	The AWS region the IaC will be deployed into	`string`	n/a	yes
rolling_update_type	This includes three types: time-based rolling updates, health-based rolling updates, and immutable updates. Time-based rolling updates apply a PauseTime between batches. Health-based rolling updates wait for new instances to pass health checks before moving on to the next batch. Immutable updates launch a full set of instances in a new Auto Scaling group.	`string`	n/a	yes
ses_aws_identity_arn	The ARN of the identity used to send email messages	`string`	n/a	yes
ses_aws_region	The AWS region that SES is being used in	`string`	n/a	yes
sms_sender_id	The string used to say where SMS messages have come from	`string`	n/a	yes
tags	Tags associated with all deployed IaC resources	`map(string)`	n/a	yes
valid_azs	The AWS availability zones the app servers should run in	`string`	n/a	yes
web_server_prod_name	Name of web server prod environment	`string`	n/a	yes
wkc_issuer	The well known config issuer url	`string`	n/a	yes

Outputs

Name	Description
eb_application_arn	n/a
eb_application_name	n/a
eb_prod_env_arn	n/a
eb_prod_env_cname	n/a
eb_prod_env_endpoint	n/a
eb_prod_env_name	n/a

License

This code is open sourced licensed under the Apache 2.0 License

About

Apache License 2.0

Languages

Language:HCL 100.0%