Skip to content

tfstack/terraform-aws-apprunner

BranchesTags

Repository files navigation

terraform-aws-apprunner

Terraform module to provision and manage AWS App Runner services

Requirements

Name Version
terraform >= 1.0
aws >= 6.0.0

Providers

Name Version
aws 6.15.0

Modules

No modules.

Resources

Name Type
aws_apprunner_auto_scaling_configuration_version.this resource
aws_apprunner_connection.this resource
aws_apprunner_custom_domain_association.this resource
aws_apprunner_observability_configuration.this resource
aws_apprunner_service.this resource
aws_apprunner_vpc_connector.this resource
aws_cloudwatch_dashboard.app_runner resource
aws_cloudwatch_metric_alarm.active_instances resource
aws_cloudwatch_metric_alarm.cpu_utilization resource
aws_cloudwatch_metric_alarm.custom resource
aws_cloudwatch_metric_alarm.error_rate resource
aws_cloudwatch_metric_alarm.memory_utilization resource
aws_cloudwatch_metric_alarm.response_time resource
aws_iam_role.app_runner resource
aws_iam_role.app_runner_instance resource
aws_iam_role_policy.app_runner_instance_cloudwatch_logs resource
aws_iam_role_policy.app_runner_instance_custom resource
aws_iam_role_policy.app_runner_instance_ecr_policy resource
aws_iam_role_policy.app_runner_instance_xray resource
aws_sns_topic.alerts resource
aws_sns_topic_subscription.email_notifications resource
aws_caller_identity.current data source
aws_region.current data source

Inputs

Name Description Type Default Required
alarm_email_addresses List of email addresses to receive alarm notifications list(string) [] no
alarm_thresholds Thresholds for CloudWatch alarms 
object({
    # Response time alarm (milliseconds)
    response_time = optional(object({
      enabled            = optional(bool, true)
      threshold          = optional(number, 1000)
      period             = optional(number, 300)
      evaluation_periods = optional(number, 2)
    }), {})

    # Error rate alarm (percentage)
    error_rate = optional(object({
      enabled            = optional(bool, true)
      threshold          = optional(number, 5)
      period             = optional(number, 300)
      evaluation_periods = optional(number, 2)
    }), {})

    # CPU utilization alarm (percentage)
    cpu_utilization = optional(object({
      enabled            = optional(bool, true)
      threshold          = optional(number, 80)
      period             = optional(number, 300)
      evaluation_periods = optional(number, 2)
    }), {})

    # Memory utilization alarm (percentage)
    memory_utilization = optional(object({
      enabled            = optional(bool, true)
      threshold          = optional(number, 80)
      period             = optional(number, 300)
      evaluation_periods = optional(number, 2)
    }), {})

    # Active instances alarm (count)
    active_instances = optional(object({
      enabled            = optional(bool, true)
      threshold          = optional(number, 1)
      period             = optional(number, 300)
      evaluation_periods = optional(number, 2)
      operator           = optional(string, "LessThanThreshold")
    }), {})
  })
 {} no
auto_deployments_enabled Whether continuous deployment from the source repository is enabled for the App Runner service bool true no
auto_scaling_configuration_name Name of the auto scaling configuration string null no
container_config Container deployment configuration 
object({
    image_identifier           = string
    image_repository_type      = optional(string, "ECR")
    create_image_configuration = optional(bool, true)
    port                       = optional(string, "8000")
    environment_variables      = optional(map(string), {})
    environment_secrets        = optional(map(string), {})
    start_command              = optional(string, null)
  })
 null no
cpu The number of CPU units reserved for each instance of your App Runner service string "1024" no
create_auto_scaling_configuration Whether to create an auto scaling configuration bool false no
create_iam_role Whether to create an IAM role for App Runner bool false no
create_instance_role Whether to create an IAM role for App Runner instances bool true no
create_monitoring Whether to create CloudWatch alarms and monitoring resources bool false no
create_sns_topic Whether to create an SNS topic for alarm notifications bool false no
create_vpc_connector Whether to create a VPC connector bool false no
custom_domain Custom domain name for the App Runner service string null no
egress_type The type of egress configuration. Valid values are DEFAULT and VPC string "DEFAULT" no
enable_www_subdomain Whether to enable www subdomain for the custom domain bool false no
enable_xray_tracing Whether to enable AWS X-Ray tracing for the App Runner service bool false no
health_check_path The URL that App Runner should send a request to, using an HTTP GET request, to determine if this service is healthy string "/" no
health_check_protocol The IP protocol that App Runner uses to perform health checks for your service string "HTTP" no
healthy_threshold The number of consecutive checks that must succeed before App Runner decides that the service is healthy number 1 no
iam_role_name Name of the IAM role for App Runner string null no
instance_role_arn ARN of an existing IAM role for App Runner instances string null no
instance_role_name Name of the IAM role for App Runner instances string null no
instance_role_policy Custom policy document for the App Runner instance role string null no
interval The time interval, in seconds, between health checks number 5 no
max_concurrency The maximum number of concurrent requests that an instance processes number 100 no
max_size The maximum number of instances that your service scales up to number 10 no
memory The amount of memory, in MB or GB, reserved for each instance of your App Runner service string "2048" no
min_size The minimum number of instances that your service scales down to number 1 no
monitoring_config Configuration for monitoring features 
object({
    # Dashboard configuration
    create_dashboard = optional(bool, true)
    dashboard_widgets = optional(object({
      show_metrics = optional(bool, true)
      show_logs    = optional(bool, true)
    }), {})

    # Custom metrics
    custom_metrics = optional(list(object({
      metric_name = string
      namespace   = string
      statistic   = optional(string, "Average")
      threshold   = number
      operator    = optional(string, "GreaterThanThreshold")
      enabled     = optional(bool, true)
    })), [])

    # Application type specific settings
    application_type = optional(string, "web") # web, api, background, batch
  })
 {} no
security_group_ids List of security group IDs for the VPC connector list(string) [] no
service_name Name of the App Runner service string n/a yes
sns_topic_arn ARN of an existing SNS topic for alarm notifications string null no
sns_topic_name Name of the SNS topic for alarm notifications string null no
source_code_config Source code deployment configuration 
object({
    repository_url = string
    source_code_version = object({
      type  = string
      value = string
    })
    connection_provider = optional(string, null)
    connection_name     = optional(string, null)
    code_configuration = object({
      configuration_source          = string
      runtime                       = optional(string, null)
      build_command                 = optional(string, null)
      start_command                 = optional(string, null)
      runtime_environment_variables = optional(map(string), {})
      runtime_environment_secrets   = optional(map(string), {})
    })
  })
 null no
source_type Type of source for the App Runner service. Valid values are 'container' or 'source_code' string "container" no
subnet_ids List of subnet IDs for the VPC connector list(string) [] no
tags A map of tags to assign to the resource map(string) {} no
timeout The time, in seconds, to wait for a health check response before deciding it failed number 2 no
unhealthy_threshold The number of consecutive checks that must fail before App Runner decides that the service is unhealthy number 5 no
vpc_connector_arn ARN of an existing VPC connector string null no
vpc_connector_name Name of the VPC connector string null no

Outputs

Name Description
alarm_arns The ARNs of the CloudWatch alarms
app_runner_role_arn The ARN of the App Runner IAM role
app_runner_role_name The name of the App Runner IAM role
auto_scaling_configuration_arn The ARN of the auto scaling configuration
auto_scaling_configuration_name The name of the auto scaling configuration
cloudwatch_dashboard_url The URL of the CloudWatch dashboard
cloudwatch_logs_iam_policy_id The ID of the IAM policy for CloudWatch logs
cloudwatch_logs_iam_policy_name The name of the IAM policy for CloudWatch logs
connection_arn The ARN of the App Runner connection
connection_name The name of the App Runner connection
custom_domain_certificate_validation_records The certificate validation records for the custom domain
custom_domain_dns_target The DNS target for the custom domain
custom_domain_name The custom domain name
custom_domain_status The status of the custom domain association
instance_role_arn The ARN of the App Runner instance IAM role
instance_role_name The name of the App Runner instance IAM role
service_arn The App Runner service ARN
service_id The App Runner service ID
service_name The App Runner service name
service_url The App Runner service URL
sns_topic_arn The ARN of the SNS topic for alarm notifications
status The current state of the App Runner service
vpc_connector_arn The ARN of the VPC connector
vpc_connector_id The ID of the VPC connector

About

Terraform module to provision and manage AWS App Runner services

registry.terraform.io/modules/tfstack/apprunner/aws/latest

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

v1.0.0 Latest
Oct 5, 2025

Packages

No packages published

Contributors 2

  •  
  •  

Languages