additional_env_vars |
Additional environment variables (e.g. BASE_DOMAIN) |
list(map(string)) |
[] |
no |
additional_temporal_env_vars |
Additional environment variables for Temporal containers (e.g. DYNAMIC_CONFIG_PATH) |
list(map(string)) |
[] |
no |
alb_egress_rules |
Egress rules for load balancer |
list( object({ description = string from_port = string to_port = string protocol = string cidr_blocks = list(string) ipv6_cidr_blocks = list(string) }) ) |
[ { "cidr_blocks": [ "0.0.0.0/0" ], "description": "Global outbound", "from_port": "0", "ipv6_cidr_blocks": [ "::/0" ], "protocol": "-1", "to_port": "0" } ] |
no |
alb_idle_timeout |
The time in seconds that the connection is allowed to be idle. Defaults to 60. |
number |
60 |
no |
alb_ingress_rules |
Ingress rules for load balancer |
list( object({ description = string from_port = string to_port = string protocol = string cidr_blocks = list(string) ipv6_cidr_blocks = list(string) }) ) |
[ { "cidr_blocks": [ "0.0.0.0/0" ], "description": "Global HTTP inbound", "from_port": "80", "ipv6_cidr_blocks": [ "::/0" ], "protocol": "tcp", "to_port": "80" } ] |
no |
alb_internal |
Whether the load balancer is internal or external. Defaults to false. |
bool |
false |
no |
autoscaling_memory_reservation_target |
Memory reservation target for the Autoscaling Group. Defaults to 70.0. |
number |
70 |
no |
aws_region |
AWS region. Defaults to us-east-1 |
string |
"us-east-1" |
no |
container_egress_rules |
Egress rules for EC2 instances in autoscaling group or ECS services in Fargate |
list( object({ description = string from_port = string to_port = string protocol = string cidr_blocks = list(string) ipv6_cidr_blocks = list(string) }) ) |
[ { "cidr_blocks": [ "0.0.0.0/0" ], "description": "Global outbound", "from_port": "0", "ipv6_cidr_blocks": [ "::/0" ], "protocol": "-1", "to_port": "0" } ] |
no |
container_ingress_rules |
Ingress rules for EC2 instances in autoscaling group or ECS services in Fargate |
map( object({ description = string from_port = string to_port = string protocol = string cidr_block = optional(string) ipv6_cidr_block = optional(string) referenced_security_group_id = optional(string) }) ) |
{ "fifth": { "cidr_block": "0.0.0.0/0", "description": "SSH inbound ipv4", "from_port": "22", "protocol": "tcp", "to_port": "22" }, "first": { "cidr_block": "0.0.0.0/0", "description": "Global HTTP inbound ipv4", "from_port": "80", "protocol": "tcp", "to_port": "3000" }, "fourth": { "description": "Global HTTPS inbound ipv4", "from_port": "443", "ipv6_cidr_block": "::/0", "protocol": "tcp", "to_port": "3000" }, "second": { "description": "Global HTTP inbound ipv6", "from_port": "80", "ipv6_cidr_block": "::/0", "protocol": "tcp", "to_port": "3000" }, "sixth": { "description": "SSH inbound ipv6", "from_port": "22", "ipv6_cidr_block": "::/0", "protocol": "tcp", "to_port": "22" }, "third": { "cidr_block": "0.0.0.0/0", "description": "Global HTTPS inbound ipv4", "from_port": "443", "protocol": "tcp", "to_port": "3000" } } |
no |
cookie_insecure |
Whether to allow insecure cookies. Should be turned off when serving on HTTPS. Defaults to true. |
bool |
true |
no |
deployment_name |
Name prefix for created resources. Defaults to retool . |
string |
"retool" |
no |
ecs_insights_enabled |
Whether or not to enable ECS Container Insights. Defaults to enabled |
string |
"disabled" |
no |
ecs_retool_image |
Container image for desired Retool version. Defaults to 2.106.2 |
string |
"tryretool/backend:2.116.3" |
no |
ecs_task_resource_map |
Amount of CPU and Memory provisioned for each task. |
map(object({ cpu = number memory = number })) |
{ "jobs_runner": { "cpu": 1024, "memory": 2048 }, "main": { "cpu": 2048, "memory": 4096 }, "workflows_backend": { "cpu": 2048, "memory": 4096 }, "workflows_worker": { "cpu": 2048, "memory": 4096 } } |
no |
force_deployment |
Used to force the deployment even when the image and parameters are otherwised unchanged. Defaults to false. |
string |
false |
no |
instance_type |
ECS cluster instance type. Defaults to t2.large |
string |
"t2.large" |
no |
launch_type |
n/a |
string |
"FARGATE" |
no |
log_retention_in_days |
Number of days to retain logs in CloudWatch. Defaults to 14. |
number |
14 |
no |
max_instance_count |
Max number of EC2 instances. Defaults to 10. |
number |
10 |
no |
maximum_percent |
Maximum percentage of tasks to run during a deployment. Defaults to 250. |
number |
250 |
no |
min_instance_count |
Min/desired number of EC2 instances. Defaults to 4. |
number |
1 |
no |
minimum_healthy_percent |
Minimum percentage of tasks to run during a deployment. Defaults to 50. |
number |
50 |
no |
node_env |
Value for NODE_ENV variable. Defaults to production and should not be set to any other value, regardless of environment. |
string |
"production" |
no |
rds_allocated_storage |
Instance allocated storage for RDS. Defaults to 20 |
number |
20 |
no |
rds_engine_version |
Instance engine version for RDS. Defaults to 13.7 |
string |
"13.7" |
no |
rds_instance_class |
Instance class for RDS. Defaults to db.m6g.large |
string |
"db.tg4.micro" |
no |
rds_performance_insights_enabled |
Whether to enable Performance Insights for RDS. Defaults to true. |
bool |
true |
no |
rds_performance_insights_retention_period |
The time in days to retain Performance Insights for RDS. Defaults to 14. |
number |
14 |
no |
rds_publicly_accessible |
Whether the RDS instance should be publicly accessible. Defaults to false. |
bool |
true |
no |
rds_username |
Master username for the RDS instance. Defaults to Retool. |
string |
"retool" |
no |
retool_license_key |
Retool license key |
string |
"EXPIRED-LICENSE-KEY-TRIAL" |
no |
secret_length |
Length of secrets generated (e.g. ENCRYPTION_KEY, RDS_PASSWORD). Defaults to 48. |
number |
48 |
no |
ssh_key_name |
SSH key name for accessing EC2 instances |
string |
"" |
no |
subnet_ids |
Select at two subnets in your selected VPC. |
list(string) |
n/a |
yes |
temporal_aurora_performance_insights_enabled |
Whether to enable Performance Insights for Temporal Aurora. Defaults to true. |
bool |
true |
no |
temporal_aurora_performance_insights_retention_period |
The time in days to retain Performance Insights for Temporal Aurora. Defaults to 14. |
number |
14 |
no |
temporal_aurora_publicly_accessible |
Whether the Temporal Aurora instance should be publicly accessible. Defaults to false. |
bool |
false |
no |
temporal_aurora_username |
Master username for the Temporal Aurora instance. Defaults to Retool. |
string |
"retool" |
no |
temporal_cluster_config |
namescape: temporal namespace to use for Retool Workflows. We recommend this is only used by Retool. If use_existing_temporal_cluster == true this should be config for currently existing cluster. If use_existing_temporal_cluster == false, you should use the defaults. host: hostname for Temporal Frontend service port: port for Temporal Frontend service tls_enabled: Whether to use tls when connecting to Temporal Frontend. For mTLS, configure tls_crt and tls_key. tls_crt: For mTLS only. Base64 encoded string of public tls certificate tls_key: For mTLS only. Base64 encoded string of private tls key |
object({ namespace = string host = string port = string tls_enabled = bool tls_crt = optional(string) tls_key = optional(string) }) |
{ "host": "temporal.retoolsvc", "namespace": "workflows", "port": "7233", "tls_enabled": false } |
no |
use_exising_temporal_cluster |
Whether to use an already existing Temporal Cluster. Defaults to false. Set to true and set temporal_cluster_config if you already have a Temporal cluster you want to use with Retool. |
bool |
false |
no |
vpc_id |
Select a VPC that allows instances access to the Internet. |
string |
n/a |
yes |
workflows_enabled |
Whether to enable Workflows-specific containers, services, etc.. Defaults to false. |
bool |
false |
no |