Skip to content

Latest commit

 

History

History
 
 

ui

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
cloudwatch.tf
cloudwatch.tf
 
 
data.tf
data.tf
 
 
ec2.tf
ec2.tf
 
 
ecs.tf
ecs.tf
 
 
ecs_ui_backend.tf
ecs_ui_backend.tf
 
 
ecs_ui_static.tf
ecs_ui_static.tf
 
 
iam.tf
iam.tf
 
 
locals.tf
locals.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

UI

Metaflow operational UI. This module deploys the UI as a set of Fargate tasks. It connects to an existing RDS instance, that can be created by Metaflow datastore module.

The services are deployed behind an AWS ALB, and the module will output the ALB DNS name. This module only comes with rudimentary IP-based auth: only users with IPs matching ui_allow_list will be able to access the UI.

Inputs

Name Description Type Default Required
METAFLOW_DATASTORE_SYSROOT_S3 METAFLOW_DATASTORE_SYSROOT_S3 value string n/a yes
alb_internal Defines whether the ALB is internal bool false no
certificate_arn SSL certificate ARN. The certificate will be used by the UI load balancer. string n/a yes
database_name The database name string "metaflow" no
database_password The database password string n/a yes
database_username The database username string n/a yes
datastore_s3_bucket_kms_key_arn The ARN of the KMS key used to encrypt the Metaflow datastore S3 bucket string n/a yes
extra_ui_backend_env_vars Additional environment variables for UI backend container map(string) {} no
extra_ui_static_env_vars Additional environment variables for UI static app map(string) {} no
fargate_execution_role_arn This role allows Fargate to pull container images and logs. We'll use it as execution_role for our Fargate task string n/a yes
iam_partition IAM Partition (Select aws-us-gov for AWS GovCloud, otherwise leave as is) string "aws" no
is_gov Set to true if IAM partition is 'aws-us-gov' bool false no
metadata_service_security_group_id The security group ID used by the MetaData service. This security group should allow connections to the RDS instance. string n/a yes
metaflow_vpc_id VPC to deploy services into string n/a yes
rds_master_instance_endpoint The database connection endpoint in address:port format string n/a yes
resource_prefix Prefix given to all AWS resources to differentiate between applications string n/a yes
resource_suffix Suffix given to all AWS resources to differentiate between environment and workspace string n/a yes
s3_bucket_arn The ARN of the bucket used for Metaflow datastore string n/a yes
standard_tags The standard tags to apply to every AWS resource. map(string) n/a yes
subnet1_id First private subnet used for availability zone redundancy string n/a yes
subnet2_id Second private subnet used for availability zone redundancy string n/a yes
ui_allow_list A list of CIDRs the UI will be available to list(string) [] no
ui_backend_container_image Container image for UI backend string "" no
ui_static_container_image Container image for the UI frontend app string "" no

Outputs

Name Description
alb_arn UI ALB ARN
alb_dns_name UI ALB DNS name