| additional_env_vars |
Additional environment variables (e.g. BASE_DOMAIN) |
list(map(string)) |
[] |
no |
| additional_temporal_env_vars |
Additional environment variables for Temporal containers (e.g. DYNAMIC_CONFIG_PATH) |
list(map(string)) |
[] |
no |
| alb_egress_rules |
Egress rules for load balancer |
list(
object({
description = string
from_port = string
to_port = string
protocol = string
cidr_blocks = list(string)
ipv6_cidr_blocks = list(string)
})
) |
[
{
"cidr_blocks": [
"0.0.0.0/0"
],
"description": "Global outbound",
"from_port": "0",
"ipv6_cidr_blocks": [
"::/0"
],
"protocol": "-1",
"to_port": "0"
}
] |
no |
| alb_idle_timeout |
The time in seconds that the connection is allowed to be idle. Defaults to 60. |
number |
60 |
no |
| alb_ingress_rules |
Ingress rules for load balancer |
list(
object({
description = string
from_port = string
to_port = string
protocol = string
cidr_blocks = list(string)
ipv6_cidr_blocks = list(string)
})
) |
[
{
"cidr_blocks": [
"0.0.0.0/0"
],
"description": "Global HTTP inbound",
"from_port": "80",
"ipv6_cidr_blocks": [
"::/0"
],
"protocol": "tcp",
"to_port": "80"
}
] |
no |
| alb_internal |
Whether the load balancer is internal or external. Defaults to false. |
bool |
false |
no |
| autoscaling_memory_reservation_target |
Memory reservation target for the Autoscaling Group. Defaults to 70.0. |
number |
70 |
no |
| aws_region |
AWS region. Defaults to us-east-1 |
string |
"us-east-1" |
no |
| container_egress_rules |
Egress rules for EC2 instances in autoscaling group or ECS services in Fargate |
list(
object({
description = string
from_port = string
to_port = string
protocol = string
cidr_blocks = list(string)
ipv6_cidr_blocks = list(string)
})
) |
[
{
"cidr_blocks": [
"0.0.0.0/0"
],
"description": "Global outbound",
"from_port": "0",
"ipv6_cidr_blocks": [
"::/0"
],
"protocol": "-1",
"to_port": "0"
}
] |
no |
| container_ingress_rules |
Ingress rules for EC2 instances in autoscaling group or ECS services in Fargate |
map(
object({
description = string
from_port = string
to_port = string
protocol = string
cidr_block = optional(string)
ipv6_cidr_block = optional(string)
referenced_security_group_id = optional(string)
})
) |
{
"fifth": {
"cidr_block": "0.0.0.0/0",
"description": "SSH inbound ipv4",
"from_port": "22",
"protocol": "tcp",
"to_port": "22"
},
"first": {
"cidr_block": "0.0.0.0/0",
"description": "Global HTTP inbound ipv4",
"from_port": "80",
"protocol": "tcp",
"to_port": "3000"
},
"fourth": {
"description": "Global HTTPS inbound ipv4",
"from_port": "443",
"ipv6_cidr_block": "::/0",
"protocol": "tcp",
"to_port": "3000"
},
"second": {
"description": "Global HTTP inbound ipv6",
"from_port": "80",
"ipv6_cidr_block": "::/0",
"protocol": "tcp",
"to_port": "3000"
},
"sixth": {
"description": "SSH inbound ipv6",
"from_port": "22",
"ipv6_cidr_block": "::/0",
"protocol": "tcp",
"to_port": "22"
},
"third": {
"cidr_block": "0.0.0.0/0",
"description": "Global HTTPS inbound ipv4",
"from_port": "443",
"protocol": "tcp",
"to_port": "3000"
}
} |
no |
| cookie_insecure |
Whether to allow insecure cookies. Should be turned off when serving on HTTPS. Defaults to true. |
bool |
true |
no |
| deployment_name |
Name prefix for created resources. Defaults to retool. |
string |
"retool" |
no |
| ecs_insights_enabled |
Whether or not to enable ECS Container Insights. Defaults to enabled |
string |
"disabled" |
no |
| ecs_retool_image |
Container image for desired Retool version. Defaults to 2.106.2 |
string |
"tryretool/backend:2.116.3" |
no |
| ecs_task_resource_map |
Amount of CPU and Memory provisioned for each task. |
map(object({
cpu = number
memory = number
})) |
{
"jobs_runner": {
"cpu": 1024,
"memory": 2048
},
"main": {
"cpu": 2048,
"memory": 4096
},
"workflows_backend": {
"cpu": 2048,
"memory": 4096
},
"workflows_worker": {
"cpu": 2048,
"memory": 4096
}
} |
no |
| force_deployment |
Used to force the deployment even when the image and parameters are otherwised unchanged. Defaults to false. |
string |
false |
no |
| instance_type |
ECS cluster instance type. Defaults to t2.large |
string |
"t2.large" |
no |
| launch_type |
n/a |
string |
"FARGATE" |
no |
| log_retention_in_days |
Number of days to retain logs in CloudWatch. Defaults to 14. |
number |
14 |
no |
| max_instance_count |
Max number of EC2 instances. Defaults to 10. |
number |
10 |
no |
| maximum_percent |
Maximum percentage of tasks to run during a deployment. Defaults to 250. |
number |
250 |
no |
| min_instance_count |
Min/desired number of EC2 instances. Defaults to 4. |
number |
1 |
no |
| minimum_healthy_percent |
Minimum percentage of tasks to run during a deployment. Defaults to 50. |
number |
50 |
no |
| node_env |
Value for NODE_ENV variable. Defaults to production and should not be set to any other value, regardless of environment. |
string |
"production" |
no |
| rds_allocated_storage |
Instance allocated storage for RDS. Defaults to 20 |
number |
20 |
no |
| rds_engine_version |
Instance engine version for RDS. Defaults to 13.7 |
string |
"13.7" |
no |
| rds_instance_class |
Instance class for RDS. Defaults to db.m6g.large |
string |
"db.tg4.micro" |
no |
| rds_performance_insights_enabled |
Whether to enable Performance Insights for RDS. Defaults to true. |
bool |
true |
no |
| rds_performance_insights_retention_period |
The time in days to retain Performance Insights for RDS. Defaults to 14. |
number |
14 |
no |
| rds_publicly_accessible |
Whether the RDS instance should be publicly accessible. Defaults to false. |
bool |
true |
no |
| rds_username |
Master username for the RDS instance. Defaults to Retool. |
string |
"retool" |
no |
| retool_license_key |
Retool license key |
string |
"EXPIRED-LICENSE-KEY-TRIAL" |
no |
| secret_length |
Length of secrets generated (e.g. ENCRYPTION_KEY, RDS_PASSWORD). Defaults to 48. |
number |
48 |
no |
| ssh_key_name |
SSH key name for accessing EC2 instances |
string |
"" |
no |
| subnet_ids |
Select at two subnets in your selected VPC. |
list(string) |
n/a |
yes |
| temporal_aurora_performance_insights_enabled |
Whether to enable Performance Insights for Temporal Aurora. Defaults to true. |
bool |
true |
no |
| temporal_aurora_performance_insights_retention_period |
The time in days to retain Performance Insights for Temporal Aurora. Defaults to 14. |
number |
14 |
no |
| temporal_aurora_publicly_accessible |
Whether the Temporal Aurora instance should be publicly accessible. Defaults to false. |
bool |
false |
no |
| temporal_aurora_username |
Master username for the Temporal Aurora instance. Defaults to Retool. |
string |
"retool" |
no |
| temporal_cluster_config |
namescape: temporal namespace to use for Retool Workflows. We recommend this is only used by Retool. If use_existing_temporal_cluster == true this should be config for currently existing cluster. If use_existing_temporal_cluster == false, you should use the defaults. host: hostname for Temporal Frontend service port: port for Temporal Frontend service tls_enabled: Whether to use tls when connecting to Temporal Frontend. For mTLS, configure tls_crt and tls_key. tls_crt: For mTLS only. Base64 encoded string of public tls certificate tls_key: For mTLS only. Base64 encoded string of private tls key |
object({
namespace = string
host = string
port = string
tls_enabled = bool
tls_crt = optional(string)
tls_key = optional(string)
}) |
{
"host": "temporal.retoolsvc",
"namespace": "workflows",
"port": "7233",
"tls_enabled": false
} |
no |
| use_exising_temporal_cluster |
Whether to use an already existing Temporal Cluster. Defaults to false. Set to true and set temporal_cluster_config if you already have a Temporal cluster you want to use with Retool. |
bool |
false |
no |
| vpc_id |
Select a VPC that allows instances access to the Internet. |
string |
n/a |
yes |
| workflows_enabled |
Whether to enable Workflows-specific containers, services, etc.. Defaults to false. |
bool |
false |
no |