Awesome

AWS AppConfig Terraform module

Terraform module which creates AWS AppConfig resources.

Usage

See examples directory for working examples to reference:

module "appconfig" {
  source  = "terraform-aws-modules/appconfig/aws"

  name        = "example"
  description = "AppConfig hosted configuration"

  # environments
  environments = {
    nonprod = {
      name        = "nonprod"
      description = "Non-production environment"
    },
    prod = {
      name        = "prod"
      description = "Production environment"
    }
  }

  # hosted config version
  use_hosted_configuration           = true
  hosted_config_version_content_type = "application/json"
  hosted_config_version_content = jsonencode({
    isEnabled     = false,
    messageOption = "ItWorks!"
  })

  # configuration profile
  config_profile_validator = [{
    type = "JSON_SCHEMA"
    content = jsonencode({
      "$schema" = "http://json-schema.org/draft-04/schema#",
      type      = "object",
      properties = {
        isEnabled = {
          type = "boolean"
        },
        messageOption = {
          type    = "string",
          minimum = 0
        }
      },
      additionalProperties = false,
      required             = ["isEnabled", "messageOption"]
    }) }, {
    type    = "LAMBDA"
    content = "arn:aws:lambda:us-east-1:123456789101:function:example-appconfig-hosted"
  }]

  tags = {
    Terraform   = "true"
    Environment = "dev"
  }
}

Examples

Examples codified under the examples are intended give users references for how to use the module(s) as well as testing/validating changes to the source code of the module(s). If contributing to the project, please be sure to make any appropriate updates to the relevant examples to allow maintainers to test your changes and to keep the examples up to date for users. Thank you!

Requirements

Name	Version
<a name="requirement_terraform"></a> terraform	>= 1.0
<a name="requirement_aws"></a> aws	>= 5.0

Providers

Name	Version
<a name="provider_aws"></a> aws	>= 5.0

Modules

No modules.

Resources

Name	Type
aws_appconfig_application.this	resource
aws_appconfig_configuration_profile.this	resource
aws_appconfig_deployment.this	resource
aws_appconfig_deployment_strategy.this	resource
aws_appconfig_environment.this	resource
aws_appconfig_hosted_configuration_version.this	resource
aws_iam_policy.retrieval	resource
aws_iam_role.retrieval	resource
aws_iam_role_policy_attachment.retrieval	resource
aws_iam_policy_document.retreival	data source
aws_iam_policy_document.retrieval_s3	data source
aws_iam_policy_document.retrieval_ssm_document	data source
aws_iam_policy_document.retrieval_ssm_parameter	data source

Inputs

Name	Description	Type	Default	Required
<a name="input_config_profile_description"></a> config_profile_description	The description of the configuration profile. Can be at most 1024 characters	`string`	`null`	no
<a name="input_config_profile_location_uri"></a> config_profile_location_uri	A URI to locate the configuration. You can specify the AWS AppConfig hosted configuration store, Systems Manager (SSM) document, an SSM Parameter Store parameter, or an Amazon S3 object	`string`	`"hosted"`	no
<a name="input_config_profile_name"></a> config_profile_name	The name for the configuration profile. Must be between 1 and 64 characters in length	`string`	`null`	no
<a name="input_config_profile_retrieval_role_arn"></a> config_profile_retrieval_role_arn	The ARN of an IAM role with permission to access the configuration at the specified `location_uri`. A retrieval role ARN is not required for configurations stored in the AWS AppConfig `hosted` configuration store. It is required for all other sources that store your configuration	`string`	`null`	no
<a name="input_config_profile_tags"></a> config_profile_tags	A map of additional tags to apply to the configuration profile	`map(string)`	`{}`	no
<a name="input_config_profile_type"></a> config_profile_type	Type of configurations contained in the profile. Valid values: `AWS.AppConfig.FeatureFlags` and `AWS.Freeform`	`string`	`null`	no
<a name="input_config_profile_validator"></a> config_profile_validator	A set of methods for validating the configuration. Maximum of 2	`list(map(any))`	`[]`	no
<a name="input_create"></a> create	Determines whether resources are created	`bool`	`true`	no
<a name="input_create_deployment_strategy"></a> create_deployment_strategy	Determines whether a deployment strategy is created	`bool`	`true`	no
<a name="input_create_retrieval_role"></a> create_retrieval_role	Determines whether configuration retrieval IAM role is created	`bool`	`true`	no
<a name="input_deployment_configuration_version"></a> deployment_configuration_version	The configuration version to deploy. Can be at most 1024 characters	`string`	`null`	no
<a name="input_deployment_description"></a> deployment_description	A description of the deployment. Can be at most 1024 characters	`string`	`null`	no
<a name="input_deployment_strategy_deployment_duration_in_minutes"></a> deployment_strategy_deployment_duration_in_minutes	Total amount of time for a deployment to last. Minimum value of 0, maximum value of 1440	`number`	`0`	no
<a name="input_deployment_strategy_description"></a> deployment_strategy_description	A description of the deployment strategy. Can be at most 1024 characters	`string`	`null`	no
<a name="input_deployment_strategy_final_bake_time_in_minutes"></a> deployment_strategy_final_bake_time_in_minutes	Total amount of time for a deployment to last. Minimum value of 0, maximum value of 1440	`number`	`0`	no
<a name="input_deployment_strategy_growth_factor"></a> deployment_strategy_growth_factor	The percentage of targets to receive a deployed configuration during each interval. Minimum value of 1, maximum value of 100	`number`	`100`	no
<a name="input_deployment_strategy_growth_type"></a> deployment_strategy_growth_type	The algorithm used to define how percentage grows over time. Valid value: `LINEAR` and `EXPONENTIAL`. Defaults to `LINEAR`	`string`	`null`	no
<a name="input_deployment_strategy_id"></a> deployment_strategy_id	An existing AppConfig deployment strategy ID	`string`	`null`	no
<a name="input_deployment_strategy_name"></a> deployment_strategy_name	A name for the deployment strategy. Must be between 1 and 64 characters in length	`string`	`null`	no
<a name="input_deployment_strategy_replicate_to"></a> deployment_strategy_replicate_to	Where to save the deployment strategy. Valid values: `NONE` and `SSM_DOCUMENT`	`string`	`"NONE"`	no
<a name="input_deployment_strategy_tags"></a> deployment_strategy_tags	A map of additional tags to apply to the deployment strategy	`map(string)`	`{}`	no
<a name="input_deployment_tags"></a> deployment_tags	A map of additional tags to apply to the deployment	`map(string)`	`{}`	no
<a name="input_description"></a> description	The description of the application. Can be at most 1024 characters	`string`	`null`	no
<a name="input_environments"></a> environments	Map of attributes for AppConfig environment resource(s)	`map(any)`	`{}`	no
<a name="input_hosted_config_version_content"></a> hosted_config_version_content	The content of the configuration or the configuration data	`string`	`null`	no
<a name="input_hosted_config_version_content_type"></a> hosted_config_version_content_type	A standard MIME type describing the format of the configuration content. For more information, see Content-Type	`string`	`null`	no
<a name="input_hosted_config_version_description"></a> hosted_config_version_description	A description of the configuration	`string`	`null`	no
<a name="input_name"></a> name	The name for the application. Must be between 1 and 64 characters in length	`string`	`""`	no
<a name="input_retrieval_role_description"></a> retrieval_role_description	Description of the configuration retrieval role	`string`	`null`	no
<a name="input_retrieval_role_name"></a> retrieval_role_name	The name for the configuration retrieval role	`string`	`""`	no
<a name="input_retrieval_role_path"></a> retrieval_role_path	Path to the configuration retrieval role	`string`	`null`	no
<a name="input_retrieval_role_permissions_boundary"></a> retrieval_role_permissions_boundary	ARN of the policy that is used to set the permissions boundary for the configuration retrieval role	`string`	`null`	no
<a name="input_retrieval_role_tags"></a> retrieval_role_tags	A map of additional tags to apply to the configuration retrieval role	`map(string)`	`{}`	no
<a name="input_retrieval_role_use_name_prefix"></a> retrieval_role_use_name_prefix	Determines whether to a name or name-prefix strategy is used on the role	`bool`	`true`	no
<a name="input_s3_configuration_bucket_arn"></a> s3_configuration_bucket_arn	The ARN of the configuration S3 bucket	`string`	`null`	no
<a name="input_s3_configuration_object_key"></a> s3_configuration_object_key	Name of the configuration object/file stored in the S3 bucket	`string`	`"*"`	no
<a name="input_ssm_document_configuration_arn"></a> ssm_document_configuration_arn	ARN of the configuration SSM document	`string`	`null`	no
<a name="input_ssm_parameter_configuration_arn"></a> ssm_parameter_configuration_arn	ARN of the configuration SSM parameter	`string`	`null`	no
<a name="input_tags"></a> tags	A list of tag blocks. Each element should have keys named key, value, and propagate_at_launch	`map(string)`	`{}`	no
<a name="input_use_hosted_configuration"></a> use_hosted_configuration	Determines whether a hosted configuration is used	`bool`	`false`	no
<a name="input_use_s3_configuration"></a> use_s3_configuration	Determines whether an S3 configuration is used	`bool`	`false`	no
<a name="input_use_ssm_document_configuration"></a> use_ssm_document_configuration	Determines whether an SSM document configuration is used	`bool`	`false`	no
<a name="input_use_ssm_parameter_configuration"></a> use_ssm_parameter_configuration	Determines whether an SSM parameter configuration is used	`bool`	`false`	no

Outputs

Name	Description
<a name="output_application_arn"></a> application_arn	The Amazon Resource Name (ARN) of the AppConfig Application
<a name="output_application_id"></a> application_id	The AppConfig application ID
<a name="output_configuration_profile_arn"></a> configuration_profile_arn	The Amazon Resource Name (ARN) of the AppConfig Configuration Profile
<a name="output_configuration_profile_configuration_profile_id"></a> configuration_profile_configuration_profile_id	The configuration profile ID
<a name="output_configuration_profile_id"></a> configuration_profile_id	The AppConfig configuration profile ID and application ID separated by a colon (:)
<a name="output_deployment_strategy_arn"></a> deployment_strategy_arn	The Amazon Resource Name (ARN) of the AppConfig Deployment Strategy
<a name="output_deployment_strategy_id"></a> deployment_strategy_id	The AppConfig deployment strategy ID
<a name="output_deployments"></a> deployments	The AppConfig deployments
<a name="output_environments"></a> environments	The AppConfig environments
<a name="output_hosted_configuration_version_arn"></a> hosted_configuration_version_arn	The Amazon Resource Name (ARN) of the AppConfig hosted configuration version
<a name="output_hosted_configuration_version_id"></a> hosted_configuration_version_id	The AppConfig application ID, configuration profile ID, and version number separated by a slash (/)
<a name="output_hosted_configuration_version_version_number"></a> hosted_configuration_version_version_number	The version number of the hosted configuration
<a name="output_retrieval_role_arn"></a> retrieval_role_arn	Amazon Resource Name (ARN) specifying the retrieval role
<a name="output_retrieval_role_id"></a> retrieval_role_id	Name of the retrieval role
<a name="output_retrieval_role_name"></a> retrieval_role_name	Name of the retrieval role
<a name="output_retrieval_role_policy_arn"></a> retrieval_role_policy_arn	The ARN assigned by AWS to the retrieval role policy
<a name="output_retrieval_role_policy_id"></a> retrieval_role_policy_id	The ARN assigned by AWS to the retrieval role policy
<a name="output_retrieval_role_policy_name"></a> retrieval_role_policy_name	The name of the policy
<a name="output_retrieval_role_policy_policy"></a> retrieval_role_policy_policy	The retrieval role policy document
<a name="output_retrieval_role_policy_policy_id"></a> retrieval_role_policy_policy_id	The retrieval role policy ID
<a name="output_retrieval_role_unique_id"></a> retrieval_role_unique_id	Stable and unique string identifying the retrieval role

License

Apache-2.0 Licensed. See LICENSE.