Skip to content

Commit

Permalink
update with example of getting a cert to use
Browse files Browse the repository at this point in the history
  • Loading branch information
@alismx
alismx committed Nov 22, 2024
1 parent a3658a3 commit 72d31f0
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 174 deletions.
170 changes: 0 additions & 170 deletions terraform/implementation/ecs/SERVICEDATA.md
View file

This file was deleted.

33 changes: 29 additions & 4 deletions terraform/implementation/ecs/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
data "aws_acm_certificate" "this" {
domain = "streamline.dibbs.cloud"
types = ["AMAZON_ISSUED"] # or ["ISSUED"] or ["PRIVATE"]
statuses = ["ISSUED"]
}

module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "5.16.0"
Expand All @@ -16,7 +22,8 @@ module "vpc" {

module "ecs" {
source = "CDCgov/dibbs-ecr-viewer/aws"
version = "0.1.2"
version = "0.2.0"
# source = "../../../../terraform-aws-dibbs-ecr-viewer"

public_subnet_ids = flatten(module.vpc.public_subnets)
private_subnet_ids = flatten(module.vpc.private_subnets)
Expand All @@ -31,13 +38,31 @@ module "ecs" {
# If intent is to pull from the phdi GHCR, set disable_ecr to true (default is false)
# disable_ecr = true

# If intent is to use the non-integrated viewer, set non_integrated_viewer to "true" (default is false)
# non_integrated_viewer = "true"

# If the intent is to make the ecr-viewer availabble on the public internet, set internal to false (default is true)
# This requires an internet gateway to be present in the VPC.
internal = var.internal

# If the intent is to use a custom domain, set certificate_domain to the domain name (default is "")
certificate_arn = data.aws_acm_certificate.this.arn

# If the intent is to disable authentication, set ecr_viewer_app_env to "test" (default is "prod")
# ecr_viewer_app_env = "test"

# If intent is to use a metadata database for polutating the ecr-viewer library, setup the database data object to connect to the database (supported databases are postgres and sqlserver)
# Postgresql database example
postgres_database_data = {
non_integrated_viewer = "true"
metadata_database_type = "postgres"
metadata_database_schema = "core" # (core or extended)
secrets_manager_postgres_database_url_arn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret-1a2b3c"
}
# SqlServer database example
# sqlserver_database_data = {
# non_integrated_viewer = "true"
# metadata_database_type = "sqlserver"
# metadata_database_schema = "core" # (core or extended)
# secrets_manager_sqlserver_user_arn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret"
# secrets_manager_sqlserver_password_arn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret"
# secrets_manager_sqlserver_host_arn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret"
# }
}

0 comments on commit 72d31f0

Please sign in to comment.