-
Notifications
You must be signed in to change notification settings - Fork 53
Detailed NPK Settings
NPK uses a single settings file npk/npk-settings.json in JSON format to specify all the details of your NPK deployment. You can read about each setting, its effects, and its expected values below. The interactive setup wizard will populate the settings file with the most common options based on your installation, but there are a few advanced features that require you to modify the file directly.
It's best to keep a backup copy of your settings file in case you run into trouble, but worst-case you can regenerate it from scratch using the interactive setup wizard with this command:
npk$ npm run configure
This setting specifies the named credential profile that both AWS CLI and Terraform will use when deploying NPK. If not specified, the deployment will use the first valid profile it finds from the following credential sources (in order):
- AWS credential environment variables
- The 'default' named profile in
~/.aws/credentials - Credentials from the EC2 instance metadata service
If you're using the AWS CloudShell for deployment, leave this undefined.
Default value: null.
Allowed Values: a string matching the name of an AWS credential profile in ~/.aws/credentials.
This setting specifies the length of time that user-uploaded files and campaign results should persist in S3 before they are automatically deleted.
Default value: 604800 seconds (7 days)
Allowed Values: integer seconds. Values under 86400 will cause issues with campaigns.
This setting specifies the 'hard limit' of cost for any given campaign run by NPK. The campaign builder will allow campaigns in excess of this to be created, but will terminate the instances when the total cost exceeds this value.
Default value: 50 dollars
Allowed Values: integer dollars.
This setting specifies what geographic regions are permitted to access the NPK UI in a 'allowlist' behavior. Regions not specified here will receive an HTTP '403 Forbidden' error when attempting to access the UI. Note that this does not prevent interaction with other management plane components in AWS - it only blocks the CloudFront-hosted UI.
Default value: []
Allowed Values: Array of strings, each string being an ISO 3166-1 alpha-2 country code.
NPK allows you to configure a SAML-based federated identity provider to allow SSO to the NPK UI. This allows users to log into NPK using an external federated identity provider. To enable this feature, use EITHER the sAMLMetadataFile or the sAMLMetadataUrl setting below. Not both. See the Wiki article for NPK + SAML SSO for step-by-step setup instructions.
This setting specifies the file path for a SAML Metadata XML file, which NPK will consume to configure federated authentication and authorization to the NPK UI. This file will typically be exported from your federated identity provider, such as ADFS, Okta, etc.
Default value: null
Allowed Values: Absolute path to the metadata file on the local filesystem.
Some SAML providers expose XML files via a publicly-accessible URL, which consumers can use to keep their configurations up-to-date automatically. This setting allows you to specify a URL for the SAML Metadata XML file instead of providing a static file. NPK will then consume the file at this URL to configure federated authentication and authorization to the NPK UI. This URL will typically be provided by your federated identity provider, such as ADFS, Okta, etc.
Default value: null
Allowed Values: A string representing the protocol ('https://') and URL to the SAML Metadata XML file you intend to use for SSO.