README.md

ecs-email-login-microsite

Creates a microsite linked to CICD with email based login on Keycloak

Releases

There have been no releases yet for this module

Variables

Name	Type	Description	Default Value
aws_region	string	region where provisioning should happen	``
host_name	string	host name of the microsite	``
root_domain	string	root domain, only needed when CNAME is created	``
cluster_name	string	name of cluster where service will run	``
cpu	number	CPU units for the task	256
memory	number	memory for the task	512
image_repo	string	name of image repo (ECR repo)	``
tag_name	string	name of the image which is deployed for this microsite	``
service_registry_id	string	ID for the AWS service discovery namespace we will use	``
gh_username	string	GitHub username used to access your site source code repo	``
gh_secret_sm_param_name	string	name of SSM parameter where GitHub webhook secret is stored	``
gh_token_sm_param_name	string	name of SSM parameter where the GitHub Oauth token is stored	``
gh_repo	string	name of repo containing site source and buildspec.yml file	``
gh_branch	not specified	branch of git repo to use for changes	master
send_notifications	bool	should pipeline notifications be sent	false
sns_topic_for_notifications	string	arn for sns topic to send notifications to	``
notifications_to_send	list(string)	which notifications should we send, for values see here https://docs.aws.amazon.com/codestar-notifications/latest/userguide/concepts.html#concepts-api	[codepipeline-pipeline-pipeline-execution-failed, codepipeline-pipeline-pipeline-execution-canceled, codepipeline-pipeline-pipeline-execution-started, codepipeline-pipeline-pipeline-execution-resumed, codepipeline-pipeline-pipeline-execution-succeeded, codepipeline-pipeline-pipeline-execution-superseded]
launch_type	string	should we use EC2 or fargate	EC2
use_spot	bool	use spot capacity? only takes effect for a the fargate launch type	false
fargate_task_subnets	list(string)	list of subnets to use for tasks launched on fargate	[]
fargate_task_sec_groups	list(string)	list of security groups to use for tasks launched on fargate	[]
number_of_tasks	number	number of tasks to spawn for service	2
create_cname	bool	should we create a CNAME for this pointing to the LB?	false
lb_endpoint	string	LB A record	``
override_host	string	override host name for cname record	``
realm_name	string	What name should be used for the keycloak realm	``
keycloak_host	string	name of keycloak host	``
allowed_group	string	Name of the group needed to allow access to the site, if blank then no restrictions are applied	``
oidc_redirect_url	string	if you want to override the automatically determined by the module then set this variable	``
build_role_policies	list(string)	list of ARNs of policies to attach to the build role	[]
build_environment	list(object({name=string,value=string}))	non secret build environment variables	[]
secure_build_environment	list(object({name=string,type=string,value=string}))	secret build environment variables	[]
theme_name	string	What theme should be used for the login screen	base
access_token_lifespan	string	How long will access tokens last for	240h
sso_session_lifespan	string	How long do SSO sessions last for	240h
sso_session_timeout	string	How much inactivity before an SSO session times out	30m
email_from_address	string	Which email address should the magic link emails be sent from	``
allowed_email_suffixes	list(string)	List of allowed email suffixes	[]
create_users_on_demand	bool	Should we create users on demand?	true
email_subject	string	Subject line to use for email	``
email_html	string	HTML to use for the email	``
email_text	string	Text to use for the email	``
first_run	bool	Used to know if we should set the browser auth flow to magic-browser or not	true

Outputs

Name	Description
webhook_url	URL for webhook to run pipeline