Metaflow operational UI. This module deploys the UI as a set of Fargate tasks. It connects to an existing RDS instance, that can be created by Metaflow datastore
module.
The services are deployed behind an AWS ALB, and the module will output the ALB DNS name. Note that the UI is deployed with no auth by default, you can limit the users by IP by using ui_cidr_allow_list
parameter.
Name | Description | Type | Default | Required |
---|---|---|---|---|
METAFLOW_DATASTORE_SYSROOT_S3 | METAFLOW_DATASTORE_SYSROOT_S3 value | string |
n/a | yes |
alb_internal | Defines whether the ALB is internal | bool |
false |
no |
certificate_arn | SSL certificate ARN. The certificate will be used by the UI load balancer. | string |
n/a | yes |
database_password_secret_manager_arn | The arn of the database password stored in AWS secrets manager | string |
n/a | yes |
database_username | The database username | string |
n/a | yes |
datastore_s3_bucket_kms_key_arn | The ARN of the KMS key used to encrypt the Metaflow datastore S3 bucket | string |
n/a | yes |
ecs_cluster_id | The ID of an existing ECS cluster to run services on. If no cluster ID is specfied, a new cluster will be created. | string |
null |
no |
extra_ui_backend_env_vars | Additional environment variables for UI backend container | map(string) |
{} |
no |
extra_ui_static_env_vars | Additional environment variables for UI static app | map(string) |
{} |
no |
fargate_execution_role_arn | This role allows Fargate to pull container images and logs. We'll use it as execution_role for our Fargate task | string |
n/a | yes |
iam_partition | IAM Partition (Select aws-us-gov for AWS GovCloud, otherwise leave as is) | string |
"aws" |
no |
is_gov | Set to true if IAM partition is 'aws-us-gov' | bool |
false |
no |
metadata_service_security_group_id | The security group ID used by the MetaData service. This security group should allow connections to the RDS instance. | string |
n/a | yes |
metaflow_vpc_id | VPC to deploy services into | string |
n/a | yes |
rds_master_instance_endpoint | The database connection endpoint in address:port format | string |
n/a | yes |
resource_prefix | Prefix given to all AWS resources to differentiate between applications | string |
n/a | yes |
resource_suffix | Suffix given to all AWS resources to differentiate between environment and workspace | string |
n/a | yes |
s3_bucket_arn | The ARN of the bucket used for Metaflow datastore | string |
n/a | yes |
standard_tags | The standard tags to apply to every AWS resource. | map(string) |
n/a | yes |
subnet1_id | First private subnet used for availability zone redundancy | string |
n/a | yes |
subnet2_id | Second private subnet used for availability zone redundancy | string |
n/a | yes |
ui_allow_list | A list of CIDRs the UI will be available to | list(string) |
[] |
no |
ui_backend_container_image | Container image for UI backend | string |
"" |
no |
ui_static_container_image | Container image for the UI frontend app | string |
"" |
no |
Name | Description |
---|---|
alb_arn | UI ALB ARN |
alb_dns_name | UI ALB DNS name |