A Terraform module which deploys Growthbook platform on AWS ECS.
GrowthBook is an open-source platform for feature flagging and a/b testing built for data teams, engineers, and product managers. It's great whether you're looking to just analyze experiment results or looking to make it easier to deploy code.
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "2.57.0"
name = "production"
cidr = "10.10.0.0/16"
azs = ["us-east-1a", "us-east-1b"]
private_subnets = ["10.10.0.0/20", "10.10.16.0/20"]
public_subnets = ["10.10.128.0/20", "10.10.144.0/20"]
enable_nat_gateway = true
enable_dns_hostnames = true
tags = {
owner = "terraform"
environment = "production"
team = "infra"
}
}
module "growthbook-ecs-cluster" {
source = "terraform-aws-modules/ecs/aws"
cluster_name = "growthbook-ecs-fargate"
tags = {
owner = "terraform"
environment = "production"
project = "growthbook"
team = "infra"
}
}
module "growthbook-ecs" {
source = ""g2crowd/terraform-aws-growthbook-ecs/aws"
environment = "production"
image_tag = "latest"
ecs_cluster_id = module.growthbook-ecs-cluster.ecs_cluster_id
vpc_id = module.vpc.vpc_id
infrastructure_vpc_cidr = module.vpc.vpc_cidr_block
ecs_subnets = module.vpc.private_subnets
alb_subnets = module.vpc.public_subnets
alb_ssl_cert_arn = data.terraform_remote_state.global.outputs.acm_production_g2
db_username = var.db_username
db_password = var.db_password
s3_bucket_name = var.s3_bucket_name
environment_variables = [
{
name = "APP_ORIGIN"
value = "https://growthbook.${var.domain_name}"
},
{
name = "CORS_ORIGIN_REGEX"
value = "https://growthbook.${var.domain_name}*"
},
{
name = "API_HOST"
value = "https://growthbook.${var.domain_name}:3100"
},
{
name = "NODE_ENV"
value = "production"
},
{
name = "JWT_SECRET"
value = var.jwt_secret
},
{
name = "ENCRYPTION_KEY"
value = var.encryption_key
}
]
tags = {
project = "growthbook"
team = "infra"
owner = "terraform"
environment = "production"
}
}
resource "aws_route53_record" "growthbook" {
provider = aws.dns
zone_id = var.hosted_zone_id
name = "growthbook.${var.domain_name}"
type = "CNAME"
ttl = "300"
records = [module.growthbook-ecs.alb_domain_name]
}| Name | Version |
|---|---|
| terraform | >= 0.13 |
| aws | >= 3.25.0 |
| Name | Version |
|---|---|
| aws | >= 3.25.0 |
| Name | Source | Version |
|---|---|---|
| #module_container_definition | cloudposse/ecs-container-definition/aws | 0.58.1 |
| module_alb | terraform-aws-modules/alb/aws | 5.13 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | The name of the service | string |
growthbook |
no |
| tags | The tags to append to this resource | map(string) |
{} |
no |
| environment | The name of the environment | string |
"" |
yes |
| image_name | Docker image to run growthbook with | string |
growthbook/growthbook |
no |
| image_tag | Verion of growthbook to run. If not specified latest will be used | string |
latest |
no |
| app_port | Local port growthbook app should be running on | number |
3000 |
no |
| api_port | Local port growthbook api should be running on | number |
3100 |
no |
| ecs_task_cpu | The number of cpu units used by the task | number |
256 |
no |
| ecs_task_memory | The amount (in MiB) of memory used by the task | number |
512 |
no |
| container_memory_reservation | The amount of memory (in MiB) to reserve for the container | number |
128 |
no |
| environment_secrets | List of additional secrets the container will use (list should contain maps with name and valueFrom) |
list(map(string)) |
[] |
no |
| environment_variables | List of additional environment variables the container will use (list should contain maps with name and value) |
list(map(string)) |
[] |
no |
| requires_compatibilities | A set of launch types required by the task. The valid values are EC2 and FARGATE. | list(string) |
["FARGATE"] |
no |
| network_mode | The Docker networking mode to use for the containers in the task. The valid values are none, bridge, awsvpc, and host. | string |
awsvpc |
no |
| ecs_cluster_id | The ARN of an ECS cluster | string |
"" |
yes |
| launch_type | The launch type on which to run your service. The valid values are EC2 and FARGATE. | string |
FARGATE |
no |
| ecs_assign_public_ip | Should be true, if ECS service is using public subnets (more info: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_cannot_pull_image.html) | bool |
false |
no |
| ecs_subnets | A list of IDs of existing subnets inside the VPC | list(string) |
[] |
yes |
| infrastructure_vpc_cidr | The CIDR of the VPC to allow internal traffic | string |
"" |
yes |
| desired_tasks_count | The number of instances of the task definition to place and keep running | number |
1 |
no |
| ecs_service_deployment_maximum_percent | The upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment | number |
200 |
no |
| ecs_service_deployment_minimum_healthy_percent | The lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment | number |
50 |
no |
| security_group_ids | List of one or more security groups to be added to the load balancer | list(string) |
[] |
no |
| alb_internal | Boolean determining if the load balancer is internal or externally facing. | bool |
false |
no |
| vpc_id | The identifier of the VPC in which to create resources | string |
"" |
yes |
| alb_subnets | A list of IDs of existing subnets inside the VPC | list(string) |
[] |
yes |
| alb_ssl_cert_arn | The ARN of the default SSL server certificate. Exactly one certificate is required if the protocol is HTTPS. | string |
"" |
yes |
| db_username | (Required unless a snapshot_identifier is provided) Username for the master DB user | string |
"" |
yes |
| db_password | (Required unless a snapshot_identifier is provided) Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the DocumentDB Naming Constraints | string |
"" |
yes |
| instance_class | The instance class to use. For more details, see https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-classes.html#db-instance-class-specs | string |
db.t4g.medium |
no |
| db_port | DocumentDB port | number |
27017 |
no |
| engine | The name of the database engine to be used for this DB cluster. Defaults to docdb. Valid values: docdb |
string |
docdb |
no |
| engine_version | The version number of the database engine to use | string |
4.0.0 |
no |
| cluster_family | The family of the DocumentDB cluster parameter group. For more details, see https://docs.aws.amazon.com/documentdb/latest/developerguide/db-cluster-parameter-group-create.html | string |
docdb4.0 |
no |
| retention_period | Number of days to retain backups for | number |
7 |
no |
| skip_final_snapshot | Determines whether a final DB snapshot is created before the DB cluster is deleted | bool |
true |
no |
| deletion_protection | A value that indicates whether the DB cluster has deletion protection enabled | bool |
false |
no |
| apply_immediately | Specifies whether any cluster modifications are applied immediately, or during the next maintenance window | bool |
true |
no |
| storage_encrypted | Specifies whether the DB cluster is encrypted | bool |
true |
no |
| kms_key_id | The ARN for the KMS encryption key. When specifying kms_key_id, storage_encrypted needs to be set to true |
string |
"" |
no |
| auto_minor_version_upgrade | Specifies whether any minor engine upgrades will be applied automatically to the DB instance during the maintenance window or not | bool |
true |
no |
| cluster_parameters | List of DB parameters to apply | list(object({})) |
"" |
no |
| s3_bucket_name | Name of the S3 bucket to store uploaded files and screenshots | string |
"" |
yes |
| s3_region | Region of the S3 bucket | string |
us-east-1 |
no |
| cloudwatch_log_retention_in_days | Retention period of growthbook CloudWatch logs | number |
7 |
no |
| Name | Description |
|---|---|
| alb_domain_name | The DNS name of the load balancer |
Apache 2 Licensed. See LICENSE for full details.