Skip to content

Hyperfine/terraform-aws-appconfig

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AWS AppConfig Terraform module

Terraform module which creates AWS AppConfig resources.

Usage

See examples directory for working examples to reference:

module "appconfig" {
  source  = "clowdhaus/appconfig/aws"
  version = "~> 1.0"

  name        = "example"
  description = "AppConfig hosted configuration"

  # environments
  environments = {
    nonprod = {
      name        = "nonprod"
      description = "Non-production environment"
    },
    prod = {
      name        = "prod"
      description = "Production environment"
    }
  }

  # hosted config version
  use_hosted_configuration           = true
  hosted_config_version_content_type = "application/json"
  hosted_config_version_content = jsonencode({
    isEnabled     = false,
    messageOption = "ItWorks!"
  })

  # configuration profile
  config_profile_validator = [{
    type = "JSON_SCHEMA"
    content = jsonencode({
      "$schema" = "http://json-schema.org/draft-04/schema#",
      type      = "object",
      properties = {
        isEnabled = {
          type = "boolean"
        },
        messageOption = {
          type    = "string",
          minimum = 0
        }
      },
      additionalProperties = false,
      required             = ["isEnabled", "messageOption"]
    }) }, {
    type    = "LAMBDA"
    content = "arn:aws:lambda:us-east-1:123456789101:function:example-appconfig-hosted"
  }]

  tags = {
    Terraform   = "true"
    Environment = "dev"
  }
}

Examples

Examples codified under the examples are intended give users references for how to use the module(s) as well as testing/validating changes to the source code of the module(s). If contributing to the project, please be sure to make any appropriate updates to the relevant examples to allow maintainers to test your changes and to keep the examples up to date for users. Thank you!

Security & Compliance

Security scanning results provided by Bridgecrew. Bridgecrew is the leading fully hosted, cloud-native solution providing continuous Terraform security and compliance.

Benchmark Description
Infrastructure Tests Infrastructure Security Compliance
Infrastructure Tests Center for Internet Security, AWS Compliance
Infrastructure Tests Payment Card Industry Data Security Standards Compliance
Infrastructure Tests National Institute of Standards and Technology Compliance
Infrastructure Tests Information Security Management System, ISO/IEC 27001 Compliance
Infrastructure Tests Service Organization Control 2 Compliance
Infrastructure Tests Health Insurance Portability and Accountability Compliance
Infrastructure Tests FedRAMP Moderate Impact Level

Requirements

Name Version
terraform >= 0.13.1
aws >= 3.55

Providers

Name Version
aws >= 3.55

Modules

No modules.

Resources

Name Type
aws_appconfig_application.this resource
aws_appconfig_configuration_profile.this resource
aws_appconfig_deployment.this resource
aws_appconfig_deployment_strategy.this resource
aws_appconfig_environment.this resource
aws_appconfig_hosted_configuration_version.this resource
aws_iam_policy.retrieval resource
aws_iam_role.retrieval resource
aws_iam_role_policy_attachment.retrieval resource
aws_iam_policy_document.retreival data source
aws_iam_policy_document.retrieval_s3 data source
aws_iam_policy_document.retrieval_ssm_document data source
aws_iam_policy_document.retrieval_ssm_parameter data source

Inputs

Name Description Type Default Required
config_profile_description The description of the configuration profile. Can be at most 1024 characters string null no
config_profile_location_uri A URI to locate the configuration. You can specify the AWS AppConfig hosted configuration store, Systems Manager (SSM) document, an SSM Parameter Store parameter, or an Amazon S3 object string "hosted" no
config_profile_name The name for the configuration profile. Must be between 1 and 64 characters in length string null no
config_profile_retrieval_role_arn The ARN of an IAM role with permission to access the configuration at the specified location_uri. A retrieval role ARN is not required for configurations stored in the AWS AppConfig hosted configuration store. It is required for all other sources that store your configuration string null no
config_profile_tags A map of additional tags to apply to the configuration profile map(string) {} no
config_profile_validator A set of methods for validating the configuration. Maximum of 2 list(map(any)) [] no
create Determines whether resources are created bool true no
create_deployment_strategy Determines whether a deployment strategy is created bool true no
create_retrieval_role Determines whether configuration retrieval IAM role is created bool true no
deployment_configuration_version The configuration version to deploy. Can be at most 1024 characters string null no
deployment_description A description of the deployment. Can be at most 1024 characters string null no
deployment_strategy_deployment_duration_in_minutes Total amount of time for a deployment to last. Minimum value of 0, maximum value of 1440 number 0 no
deployment_strategy_description A description of the deployment strategy. Can be at most 1024 characters string null no
deployment_strategy_final_bake_time_in_minutes Total amount of time for a deployment to last. Minimum value of 0, maximum value of 1440 number 0 no
deployment_strategy_growth_factor The percentage of targets to receive a deployed configuration during each interval. Minimum value of 1, maximum value of 100 number 100 no
deployment_strategy_growth_type The algorithm used to define how percentage grows over time. Valid value: LINEAR and EXPONENTIAL. Defaults to LINEAR string null no
deployment_strategy_id An existing AppConfig deployment strategy ID string null no
deployment_strategy_name A name for the deployment strategy. Must be between 1 and 64 characters in length string null no
deployment_strategy_replicate_to Where to save the deployment strategy. Valid values: NONE and SSM_DOCUMENT string "NONE" no
deployment_strategy_tags A map of additional tags to apply to the deployment strategy map(string) {} no
deployment_tags A map of additional tags to apply to the deployment map(string) {} no
description The description of the application. Can be at most 1024 characters string null no
environments Map of attributes for AppConfig environment resource(s) map(any) {} no
hosted_config_version_content The content of the configuration or the configuration data string null no
hosted_config_version_content_type A standard MIME type describing the format of the configuration content. For more information, see Content-Type string null no
hosted_config_version_description A description of the configuration string null no
name The name for the application. Must be between 1 and 64 characters in length string "" no
retrieval_role_description Description of the configuration retrieval role string null no
retrieval_role_name The name for the configuration retrieval role string "" no
retrieval_role_path Path to the configuration retrieval role string null no
retrieval_role_permissions_boundary ARN of the policy that is used to set the permissions boundary for the configuration retrieval role string null no
retrieval_role_tags A map of additional tags to apply to the configuration retrieval role map(string) {} no
retrieval_role_use_name_prefix Determines whether to a name or name-prefix strategy is used on the role bool true no
s3_configuration_bucket_arn The ARN of the configuration S3 bucket string null no
s3_configuration_object_key Name of the configuration object/file stored in the S3 bucket string "*" no
ssm_document_configuration_arn ARN of the configuration SSM document string null no
ssm_parameter_configuration_arn ARN of the configuration SSM parameter string null no
tags A list of tag blocks. Each element should have keys named key, value, and propagate_at_launch map(string) {} no
use_hosted_configuration Determines whether a hosted configuration is used bool false no
use_s3_configuration Determines whether an S3 configuration is used bool false no
use_ssm_document_configuration Determines whether an SSM document configuration is used bool false no
use_ssm_parameter_configuration Determines whether an SSM parameter configuration is used bool false no

Outputs

Name Description
application_arn The Amazon Resource Name (ARN) of the AppConfig Application
application_id The AppConfig application ID
configuration_profile_arn The Amazon Resource Name (ARN) of the AppConfig Configuration Profile
configuration_profile_configuration_profile_id The configuration profile ID
configuration_profile_id The AppConfig configuration profile ID and application ID separated by a colon (:)
deployment_strategy_arn The Amazon Resource Name (ARN) of the AppConfig Deployment Strategy
deployment_strategy_id The AppConfig deployment strategy ID
deployments The AppConfig deployments
environments The AppConfig environments
hosted_configuration_version_arn The Amazon Resource Name (ARN) of the AppConfig hosted configuration version
hosted_configuration_version_id The AppConfig application ID, configuration profile ID, and version number separated by a slash (/)
hosted_configuration_version_version_number The version number of the hosted configuration
retrieval_role_arn Amazon Resource Name (ARN) specifying the retrieval role
retrieval_role_id Name of the retrieval role
retrieval_role_name Name of the retrieval role
retrieval_role_policy_arn The ARN assigned by AWS to the retrieval role policy
retrieval_role_policy_id The ARN assigned by AWS to the retrieval role policy
retrieval_role_policy_name The name of the policy
retrieval_role_policy_policy The retrieval role policy document
retrieval_role_policy_policy_id The retrieval role policy ID
retrieval_role_unique_id Stable and unique string identifying the retrieval role

License

Apache-2.0 Licensed. See LICENSE.

About

Terraform module which creates AWS AppConfig resources

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages

  • HCL 100.0%