Home

Awesome

AWS AppConfig Terraform module

Terraform module which creates AWS AppConfig resources.

Usage

See examples directory for working examples to reference:

module "appconfig" {
  source  = "terraform-aws-modules/appconfig/aws"

  name        = "example"
  description = "AppConfig hosted configuration"

  # environments
  environments = {
    nonprod = {
      name        = "nonprod"
      description = "Non-production environment"
    },
    prod = {
      name        = "prod"
      description = "Production environment"
    }
  }

  # hosted config version
  use_hosted_configuration           = true
  hosted_config_version_content_type = "application/json"
  hosted_config_version_content = jsonencode({
    isEnabled     = false,
    messageOption = "ItWorks!"
  })

  # configuration profile
  config_profile_validator = [{
    type = "JSON_SCHEMA"
    content = jsonencode({
      "$schema" = "http://json-schema.org/draft-04/schema#",
      type      = "object",
      properties = {
        isEnabled = {
          type = "boolean"
        },
        messageOption = {
          type    = "string",
          minimum = 0
        }
      },
      additionalProperties = false,
      required             = ["isEnabled", "messageOption"]
    }) }, {
    type    = "LAMBDA"
    content = "arn:aws:lambda:us-east-1:123456789101:function:example-appconfig-hosted"
  }]

  tags = {
    Terraform   = "true"
    Environment = "dev"
  }
}

Examples

Examples codified under the examples are intended give users references for how to use the module(s) as well as testing/validating changes to the source code of the module(s). If contributing to the project, please be sure to make any appropriate updates to the relevant examples to allow maintainers to test your changes and to keep the examples up to date for users. Thank you!

<!-- BEGIN_TF_DOCS -->

Requirements

NameVersion
<a name="requirement_terraform"></a> terraform>= 1.0
<a name="requirement_aws"></a> aws>= 5.0

Providers

NameVersion
<a name="provider_aws"></a> aws>= 5.0

Modules

No modules.

Resources

NameType
aws_appconfig_application.thisresource
aws_appconfig_configuration_profile.thisresource
aws_appconfig_deployment.thisresource
aws_appconfig_deployment_strategy.thisresource
aws_appconfig_environment.thisresource
aws_appconfig_hosted_configuration_version.thisresource
aws_iam_policy.retrievalresource
aws_iam_role.retrievalresource
aws_iam_role_policy_attachment.retrievalresource
aws_iam_policy_document.retreivaldata source
aws_iam_policy_document.retrieval_s3data source
aws_iam_policy_document.retrieval_ssm_documentdata source
aws_iam_policy_document.retrieval_ssm_parameterdata source

Inputs

NameDescriptionTypeDefaultRequired
<a name="input_config_profile_description"></a> config_profile_descriptionThe description of the configuration profile. Can be at most 1024 charactersstringnullno
<a name="input_config_profile_location_uri"></a> config_profile_location_uriA URI to locate the configuration. You can specify the AWS AppConfig hosted configuration store, Systems Manager (SSM) document, an SSM Parameter Store parameter, or an Amazon S3 objectstring"hosted"no
<a name="input_config_profile_name"></a> config_profile_nameThe name for the configuration profile. Must be between 1 and 64 characters in lengthstringnullno
<a name="input_config_profile_retrieval_role_arn"></a> config_profile_retrieval_role_arnThe ARN of an IAM role with permission to access the configuration at the specified location_uri. A retrieval role ARN is not required for configurations stored in the AWS AppConfig hosted configuration store. It is required for all other sources that store your configurationstringnullno
<a name="input_config_profile_tags"></a> config_profile_tagsA map of additional tags to apply to the configuration profilemap(string){}no
<a name="input_config_profile_type"></a> config_profile_typeType of configurations contained in the profile. Valid values: AWS.AppConfig.FeatureFlags and AWS.Freeformstringnullno
<a name="input_config_profile_validator"></a> config_profile_validatorA set of methods for validating the configuration. Maximum of 2list(map(any))[]no
<a name="input_create"></a> createDetermines whether resources are createdbooltrueno
<a name="input_create_deployment_strategy"></a> create_deployment_strategyDetermines whether a deployment strategy is createdbooltrueno
<a name="input_create_retrieval_role"></a> create_retrieval_roleDetermines whether configuration retrieval IAM role is createdbooltrueno
<a name="input_deployment_configuration_version"></a> deployment_configuration_versionThe configuration version to deploy. Can be at most 1024 charactersstringnullno
<a name="input_deployment_description"></a> deployment_descriptionA description of the deployment. Can be at most 1024 charactersstringnullno
<a name="input_deployment_strategy_deployment_duration_in_minutes"></a> deployment_strategy_deployment_duration_in_minutesTotal amount of time for a deployment to last. Minimum value of 0, maximum value of 1440number0no
<a name="input_deployment_strategy_description"></a> deployment_strategy_descriptionA description of the deployment strategy. Can be at most 1024 charactersstringnullno
<a name="input_deployment_strategy_final_bake_time_in_minutes"></a> deployment_strategy_final_bake_time_in_minutesTotal amount of time for a deployment to last. Minimum value of 0, maximum value of 1440number0no
<a name="input_deployment_strategy_growth_factor"></a> deployment_strategy_growth_factorThe percentage of targets to receive a deployed configuration during each interval. Minimum value of 1, maximum value of 100number100no
<a name="input_deployment_strategy_growth_type"></a> deployment_strategy_growth_typeThe algorithm used to define how percentage grows over time. Valid value: LINEAR and EXPONENTIAL. Defaults to LINEARstringnullno
<a name="input_deployment_strategy_id"></a> deployment_strategy_idAn existing AppConfig deployment strategy IDstringnullno
<a name="input_deployment_strategy_name"></a> deployment_strategy_nameA name for the deployment strategy. Must be between 1 and 64 characters in lengthstringnullno
<a name="input_deployment_strategy_replicate_to"></a> deployment_strategy_replicate_toWhere to save the deployment strategy. Valid values: NONE and SSM_DOCUMENTstring"NONE"no
<a name="input_deployment_strategy_tags"></a> deployment_strategy_tagsA map of additional tags to apply to the deployment strategymap(string){}no
<a name="input_deployment_tags"></a> deployment_tagsA map of additional tags to apply to the deploymentmap(string){}no
<a name="input_description"></a> descriptionThe description of the application. Can be at most 1024 charactersstringnullno
<a name="input_environments"></a> environmentsMap of attributes for AppConfig environment resource(s)map(any){}no
<a name="input_hosted_config_version_content"></a> hosted_config_version_contentThe content of the configuration or the configuration datastringnullno
<a name="input_hosted_config_version_content_type"></a> hosted_config_version_content_typeA standard MIME type describing the format of the configuration content. For more information, see Content-Typestringnullno
<a name="input_hosted_config_version_description"></a> hosted_config_version_descriptionA description of the configurationstringnullno
<a name="input_name"></a> nameThe name for the application. Must be between 1 and 64 characters in lengthstring""no
<a name="input_retrieval_role_description"></a> retrieval_role_descriptionDescription of the configuration retrieval rolestringnullno
<a name="input_retrieval_role_name"></a> retrieval_role_nameThe name for the configuration retrieval rolestring""no
<a name="input_retrieval_role_path"></a> retrieval_role_pathPath to the configuration retrieval rolestringnullno
<a name="input_retrieval_role_permissions_boundary"></a> retrieval_role_permissions_boundaryARN of the policy that is used to set the permissions boundary for the configuration retrieval rolestringnullno
<a name="input_retrieval_role_tags"></a> retrieval_role_tagsA map of additional tags to apply to the configuration retrieval rolemap(string){}no
<a name="input_retrieval_role_use_name_prefix"></a> retrieval_role_use_name_prefixDetermines whether to a name or name-prefix strategy is used on the rolebooltrueno
<a name="input_s3_configuration_bucket_arn"></a> s3_configuration_bucket_arnThe ARN of the configuration S3 bucketstringnullno
<a name="input_s3_configuration_object_key"></a> s3_configuration_object_keyName of the configuration object/file stored in the S3 bucketstring"*"no
<a name="input_ssm_document_configuration_arn"></a> ssm_document_configuration_arnARN of the configuration SSM documentstringnullno
<a name="input_ssm_parameter_configuration_arn"></a> ssm_parameter_configuration_arnARN of the configuration SSM parameterstringnullno
<a name="input_tags"></a> tagsA list of tag blocks. Each element should have keys named key, value, and propagate_at_launchmap(string){}no
<a name="input_use_hosted_configuration"></a> use_hosted_configurationDetermines whether a hosted configuration is usedboolfalseno
<a name="input_use_s3_configuration"></a> use_s3_configurationDetermines whether an S3 configuration is usedboolfalseno
<a name="input_use_ssm_document_configuration"></a> use_ssm_document_configurationDetermines whether an SSM document configuration is usedboolfalseno
<a name="input_use_ssm_parameter_configuration"></a> use_ssm_parameter_configurationDetermines whether an SSM parameter configuration is usedboolfalseno

Outputs

NameDescription
<a name="output_application_arn"></a> application_arnThe Amazon Resource Name (ARN) of the AppConfig Application
<a name="output_application_id"></a> application_idThe AppConfig application ID
<a name="output_configuration_profile_arn"></a> configuration_profile_arnThe Amazon Resource Name (ARN) of the AppConfig Configuration Profile
<a name="output_configuration_profile_configuration_profile_id"></a> configuration_profile_configuration_profile_idThe configuration profile ID
<a name="output_configuration_profile_id"></a> configuration_profile_idThe AppConfig configuration profile ID and application ID separated by a colon (:)
<a name="output_deployment_strategy_arn"></a> deployment_strategy_arnThe Amazon Resource Name (ARN) of the AppConfig Deployment Strategy
<a name="output_deployment_strategy_id"></a> deployment_strategy_idThe AppConfig deployment strategy ID
<a name="output_deployments"></a> deploymentsThe AppConfig deployments
<a name="output_environments"></a> environmentsThe AppConfig environments
<a name="output_hosted_configuration_version_arn"></a> hosted_configuration_version_arnThe Amazon Resource Name (ARN) of the AppConfig hosted configuration version
<a name="output_hosted_configuration_version_id"></a> hosted_configuration_version_idThe AppConfig application ID, configuration profile ID, and version number separated by a slash (/)
<a name="output_hosted_configuration_version_version_number"></a> hosted_configuration_version_version_numberThe version number of the hosted configuration
<a name="output_retrieval_role_arn"></a> retrieval_role_arnAmazon Resource Name (ARN) specifying the retrieval role
<a name="output_retrieval_role_id"></a> retrieval_role_idName of the retrieval role
<a name="output_retrieval_role_name"></a> retrieval_role_nameName of the retrieval role
<a name="output_retrieval_role_policy_arn"></a> retrieval_role_policy_arnThe ARN assigned by AWS to the retrieval role policy
<a name="output_retrieval_role_policy_id"></a> retrieval_role_policy_idThe ARN assigned by AWS to the retrieval role policy
<a name="output_retrieval_role_policy_name"></a> retrieval_role_policy_nameThe name of the policy
<a name="output_retrieval_role_policy_policy"></a> retrieval_role_policy_policyThe retrieval role policy document
<a name="output_retrieval_role_policy_policy_id"></a> retrieval_role_policy_policy_idThe retrieval role policy ID
<a name="output_retrieval_role_unique_id"></a> retrieval_role_unique_idStable and unique string identifying the retrieval role
<!-- END_TF_DOCS -->

License

Apache-2.0 Licensed. See LICENSE.