This repository allows you to deploy Directus in AWS using Terraform following AWS Best Practises.
MIT License
This Terraform module simplifies the deployment of Directus on an AWS Fargate ECS cluster.
Deploy Directus quickly and easily by including this module in your Terraform configuration:
module "directus" {
source = "GiamPy5/directus/aws"
application_name = local.name # Change this to your application name
admin_email = "[email protected]" # Change this to your email address
vpc_id = module.vpc.vpc_id # Change this to your VPC ID
subnet_ids = module.vpc.public_subnets # Change this to your subnet IDs
create_cloudwatch_logs_group = true
cloudwatch_logs_stream_prefix = "directus"
cpu = 1024
memory = 2048
ecs_service_enable_execute_command = true # Allows you to connect via CLI to the ECS Task Container (just like `docker exec`). It's disabled by default.
enable_ses_emails_sending = true
force_new_ecs_deployment_on_apply = true
# Add additional custom configuration here (https://docs.directus.io/self-hosted/config-options.html#configuration-options)
additional_configuration = {
"LOG_LEVEL" = "debug"
}
rds_database_name = "database_name"
rds_database_host = "database_host"
rds_database_port = "database_port"
rds_database_engine = "database_engine"
rds_database_username = "database_username"
rds_database_password_secrets_manager_arn = "database_user_password_secrets_manager_arn"
redis_host = module.elasticache.cluster_cache_nodes[0].address
redis_port = module.elasticache.cluster_cache_nodes[0].port
create_s3_bucket = true # If you do not create an S3 bucket, you will need to provide an existing S3 bucket name
s3_bucket_name = "terraform-aws-directus-${local.region}"
healthcheck_path = "/server/health"
image_tag = "10.12"
autoscaling = {
enable = true
cpu_threshold = 60
memory_threshold = 80
min_capacity = 1
max_capacity = 2
}
tags = {
Application = "Directus"
Environment = "Test"
} # Change these tags to your preferred tags
}
For a complete example, including all dependencies like database inputs, check out the examples section.
Before using this module, ensure you have the following:
Name | Version |
---|---|
terraform | >= 1.5 |
aws | >= 5.30 |
random | >= 3.0 |
Name | Version |
---|---|
aws | >= 5.30 |
random | >= 3.0 |
Name | Source | Version |
---|---|---|
ecs | terraform-aws-modules/ecs/aws | 5.11.2 |
s3_bucket_for_logs | terraform-aws-modules/s3-bucket/aws | 4.1.2 |
Name | Description | Type | Default | Required |
---|---|---|---|---|
additional_configuration | Additional configuration to apply to the Directus container | map(string) |
{} |
no |
admin_email | The email address of the admin user | string |
n/a | yes |
admin_password | The password of the admin user (if empty, it will be generated automatically) | string |
"" |
no |
application_name | The name of the application | string |
n/a | yes |
autoscaling | Autoscaling Configuration | object({ enable = bool memory_threshold = number cpu_threshold = number min_capacity = number max_capacity = number }) | { "cpu_threshold": 60, "enable": false, "max_capacity": 3, "memory_threshold": 80, "min_capacity": 1} | no |
cloudwatch_logs_stream_prefix | The prefix of the CloudWatch Logs stream | string |
"directus" |
no |
cognito_allow_public_registration | Whether to allow public registration in Directus through Cognito External Users | bool |
false |
no |
cognito_identifier_key | The key of the Cognito identifier | string |
"email" |
no |
cognito_scopes | The Cognito scopes | list(string) |
[ "email", "openid", "profile"] | no |
cognito_user_pool_client_id | The ID of the Cognito user pool client | string |
"" |
no |
cognito_user_pool_id | The ID of the Cognito user pool | string |
"" |
no |
cpu | The number of CPU units to reserve for the Directus service | number |
2048 |
no |
create_cloudwatch_logs_group | Whether to create a CloudWatch Logs group | bool |
false |
no |
create_s3_bucket | Whether to create an S3 bucket | bool |
false |
no |
ecs_service_enable_execute_command | Whether to enable ECS service execute command | bool |
false |
no |
enable_alb_access_logs | Whether to enable access logs of the Load Balancer | bool |
false |
no |
enable_cognito_authentication | Whether to enable Cognito authentication | bool |
false |
no |
enable_ecs_volume | Whether to enable ECS volume | bool |
false |
no |
enable_kms_encryption | Whether to enable KMS encryption | bool |
false |
no |
enable_s3_bucket_versioning | Whether to enable S3 bucket versioning | bool |
true |
no |
enable_ses_emails_sending | Whether to enable sending emails using SES | bool |
false |
no |
force_new_ecs_deployment_on_apply | Whether to force a new deployment of the ECS service on apply | bool |
false |
no |
image_tag | The tag of the Docker image | string |
"latest" |
no |
kms_key_id | The ID of the KMS key | string |
"" |
no |
load_balancer_allowed_cidr_blocks | The CIDR blocks allowed to access the Load Balancer | list(string) |
[ "0.0.0.0/0"] | no |
load_balancer_prefix_list_ids | The prefix list IDs allowed to access the Load Balancer | list(string) |
[] |
no |
memory | The amount of memory to reserve for the Directus service | number |
4096 |
no |
private_subnet_ids | The IDs of the private subnets used by the ECS service to run tasks | list(string) |
n/a | yes |
public_subnet_ids | The IDs of the public subnets used by the Load Balancer to serve traffic | list(string) |
n/a | yes |
public_url | The public URL of the Directus service | string |
"" |
no |
rds_database_engine | The engine of the RDS database | string |
n/a | yes |
rds_database_host | The host of the RDS database | string |
n/a | yes |
rds_database_name | The Name of the RDS database | string |
n/a | yes |
rds_database_password_secrets_manager_arn | The ARN of the Secrets Manager secret containing the RDS database password | string |
n/a | yes |
rds_database_port | The port of the RDS database | number |
n/a | yes |
rds_database_username | The username of the RDS database user | string |
n/a | yes |
redis_host | The host of the Redis server | string |
"" |
no |
redis_port | The port of the Redis server | number |
6379 |
no |
redis_username | The username of the Redis server | string |
"default" |
no |
s3_bucket_name | The name of the S3 bucket | string |
"" |
no |
s3_bucket_versioning_configuration | S3 bucket versioning configuration | object({ mfa_delete = string }) | { "mfa_delete": "Disabled"} | no |
ssl_certificate_arn | The ARN of the SSL certificate | string |
"" |
no |
tags | The tags to apply to the resources | map(string) |
{} |
no |
vpc_id | The ID of the VPC | string |
n/a | yes |
Name | Description |
---|---|
load_balancer_dns_name | The DNS name of the load balancer |
load_balancer_listener_arn | The ARN of the load balancer listener |
load_balancer_target_group_arn | The ARN of the load balancer target group |
public_url | The public URL of the Directus service |
s3_bucket_arn | The ARN of the S3 bucket |
s3_bucket_name | The name of the S3 bucket |
Contributions are welcome! If you encounter any issues or have suggestions for improvements, please open an issue or submit a pull request on the GitHub repository.
This module is open source and available under the MIT License.