The Terraform and Dockerfile needed to run Keycloak in Fargate. This is based on @sibinnediyoram's Medium post.
Easiest way to get started is with a VS Code devcontainer or GitHub Codespace as it has the tools you'll need installed.
- Set values in
./terragrunt/env/dev/env_vars.hcl
. - Set your AWS account ID and region in the
Makefile
. - Run the following:
make setup
- This creates an ECS Fargate cluster with a single keyclock service running.
- The database is an Aurora MySQL Serverless V2 cluster with an RDS proxy to handle connection pooling.
- This is fronted by an ALB with a single listener and target group.
- The VPC has two public subnets (with the ALB) and two private subnets (with the ECS Fargate cluster and RDS proxy).
Uncomment the pull_request
and push
event triggers in the .github/workflows/terraform_*.yml
workflows to enable GitHub Actions. You will need to set the repository variables below and have GitHub OIDC auth setup in the AWS account:
AWS_TF_APPLY_ROLE_ARN # OIDC role ARN for the Terraform apply action
AWS_TF_PLAN_ROLE_ARN # OIDC role ARN for the Terraform plan action
AWS_REGION # The region to deploy to
Copy the ./terragrunt/env/dev
directory and update env_vars.hcl
file with new values.