Skip to content

Files

Latest commit

 

History

History
108 lines (88 loc) · 11.5 KB

README.md

File metadata and controls

108 lines (88 loc) · 11.5 KB

Terraform configuration for deploying to Amazon Web Services (AWS)

Specific cloud prerequisites

Before deploying your extension app on AWS, complete the following setup steps:

  1. Sign up for a free AWS account (if you don’t already have one).

  2. Create an IAM user with programmatic access and generate an access key (access key ID and secret access key).

  3. Install the AWS CLI to interact with AWS services from the command line.

  4. Configure AWS CLI: Configure the AWS CLI to interact with your AWS account. You can follow the instructions here.

  • Run the following command in your terminal and follow the prompts: 
    aws configure
  • Enter your AWS access key ID and AWS secret access key (generated from your IAM user).
  • Specify your default AWS region (e.g., us-east-1, us-west-2).
  • Set the default output format (json, text, or table—json is recommended).

In that case aws Terraform provider is authenticated to AWS using shared configuration and credentials files, but you may use other methods for authenticating to AWS.

Now that you’ve set up your AWS environment, continue with the Terraform deployment guide to provision your infrastructure.

Requirements

Name Version
terraform >= 1.0.0, < 2.0.0
aws ~> 5.0
docker ~> 3.0
local ~> 2.5
random ~> 3.6
time ~> 0.12

Providers

Name Version
aws ~> 5.0
time ~> 0.12

Modules

Name Source Version
generate_authorization_code ../common/modules/generate n/a
generate_jwt_secret_key ../common/modules/generate n/a
generate_oauth_client_id ../common/modules/generate n/a
generate_oauth_client_secret ../common/modules/generate n/a
image ../common/modules/docker n/a
manifest ../common/modules/template n/a

Resources

Name Type
aws_apprunner_service.this resource
aws_ecr_repository.this resource
aws_ecr_repository_policy.this resource
aws_iam_role.access resource
aws_iam_role.instance resource
aws_iam_role_policy_attachment.apprunner resource
time_sleep.access_iam_role_propagation resource
aws_caller_identity.current data source
aws_ecr_authorization_token.current data source
aws_iam_policy_document.app_role_assume_role_policy data source
aws_iam_policy_document.apprunner data source
aws_iam_policy_document.ecr data source
aws_region.current data source

Inputs

Name Description Type Default Required
application_authorization_code The authorization code for the application. If empty, a random code will be generated. string "" no
application_build_base_image_name The name of the base image to use for the application build string "node:lts-alpine" no
application_build_context The relative path to the build context for the application. The build context is the directory from which the Dockerfile is read. If it is empty the current working directory will be used. string "../.." no
application_build_image_tag The tag to apply to the application build image. If empty the timestamp tag will be used. string "" no
application_build_labels The labels to apply to the application build image map(string) 
{
  "org.opencontainers.image.authors": "DocuSign Inc.",
  "org.opencontainers.image.description": "This reference implementation models the implementation of connected fields functionalities in an extension app.",
  "org.opencontainers.image.licenses": "MIT",
  "org.opencontainers.image.source": "https://github.com/docusign/extension-app-connected-fields-reference-implementation",
  "org.opencontainers.image.title": "Connected Fields Extension App Reference Implementation",
  "org.opencontainers.image.vendor": "DocuSign Inc."
}
 no
application_build_paths Paths of files relative to the build context, changes to which lead to a rebuild of the image. Supported pattern matches are the same as for the fileset Terraform function (https://developer.hashicorp.com/terraform/language/functions/fileset). list(string) 
[
  "public/",
  "src/",
  "views/**",
  "package.json",
  "tsconfig.json",
  "Dockerfile",
  ".dockerignore"
]
 no
application_environment_mode The environment mode for the application string "production" no
application_instance_cpu The number of CPU units to allocate to the application instance string "256" no
application_instance_memory The amount of memory to allocate to the application instance string "512" no
application_jwt_secret_key The secret key to use for signing JWT tokens. If empty, a random key will be generated. string "" no
application_name The name of the application string "extension-app-connected-fields" no
application_oauth_client_id The OAuth client ID for the application. If empty, a random client ID will be generated. string "" no
application_oauth_client_secret The OAuth client secret for the application. If empty, a random client secret will be generated. string "" no
application_port The port the application listens on number 3000 no
container_tool The container tool to use for building and pushing images string "docker" no
do_force_delete_repository Whether to delete the ECR repository even if it contains images bool true no
do_scan_images Whether images are scanned after being pushed to the ECR repository bool true no
docker_host The Docker host (e.g. 'tcp://127.0.0.1:2376' or 'unix:///var/run/docker.sock') to connect to. If empty, the default Docker host will be used string null no
manifest_files_paths The list of manifest files relative paths to generate list(string) 
[
  "../../manifest.json"
]
 no
output_manifest_files_directory The directory to output the generated manifest files string ".terraform" no
region The AWS region string "us-east-1" no
repository_image_tag_mutability The image tag mutability setting for the ECR repository string "MUTABLE" no
tags A map of the tags to apply to various resources map(string) {} no

Outputs

Name Description
application_service_url The base URL of the application service
output_manifest_files_paths The absolute paths to the output manifest files