You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Infisical is a secrets and config manager. They have an open source version that could fit in a
lot of your use cases.
Besides, from the available open source solutions available, they have a beautiful interface and have more features that doesn't limit you in the Open Source version, and I think this is amazing.
With this terraform module you can setup a Infisical Vault in AWS using the ECS + Postgres setup.
When setting up this module for the first time, the variable run_infisical_migrations must be true otherwhise Infisical will not start. After the migrations are ran, you can set this variable to false and then the server will be able to start.
How to contribute
Clone/Fork this repository
Install pre-commit
Write your changes
Open a PR =)
Observations
The Postgres configuration is hard coded to use the "13.12" Aurora Serverless version. If you plan to have a heavy use of the Infisical, it's recomended to migrate the database to RDS. Feel free to contribute in this module to support RDS and Serverless.
The Redis instance runs as a sidecar together with the main container in the same task definition. The Memory and CPU of the ECS Service is shared between the Redis and the Infisical Container
The Redis instance does not have a password configured.
The Postgres connection uses the admin user and password. It's not the best scenario, but this module can be edited to support a user and password as an input. You can check this series of blog posts to check how can you use Terraform + Ansible to manage a RDS instance.