Skip to content

Latest commit

 

History

History
131 lines (114 loc) · 13.7 KB

README.md

File metadata and controls

131 lines (114 loc) · 13.7 KB

deployment

AWS Deployment

Deployment of the OBI platform in AWS with Terraform.

Requirements

Name Version
terraform >= 1.2.0
aws ~> 5.55, != 5.71.0
ec ~> 0.9.0

Providers

Name Version
aws 5.84.0
terraform n/a

Modules

Name Source Version
accounting_svc ./accounting_svc n/a
bbp_workflow_svc ./bbp_workflow_svc n/a
billing_cost_management ./billing_cost_management n/a
bluenaas_svc ./bluenaas_svc n/a
cells_svc ./cells_svc n/a
core_webapp ./core_webapp n/a
coreservices_key ./ssh_key n/a
cs ./cs n/a
dashboards ./dashboards n/a
hpc ./hpc n/a
kg_inference_api ./kg-inference-api n/a
ml ./ml n/a
networking ./networking n/a
nexus ./nexus n/a
nse ./nse n/a
static-server ./static-server n/a
thumbnail_generation_api ./thumbnail-generation-api n/a
virtual_lab_manager ./virtual-lab-manager n/a
viz ./viz n/a

Resources

Name Type
aws_api_gateway_account.this resource
aws_iam_group.obp_nse_team resource
aws_iam_group_membership.obp_nse_team resource
aws_iam_group_policy_attachment.nse-policy-attach resource
aws_iam_policy.cell_svc_bucket_role_policy resource
aws_iam_role.apigw_cloudwatch resource
aws_iam_role_policy_attachments_exclusive.apigw_cloudwatch_policy_attachment resource
aws_iam_user.cell_svc_bucket_user resource
aws_instance.ssh_bastion resource
aws_network_acl.public resource
aws_route53_record.ssh_bastion resource
aws_s3_bucket.sbo-cell-svc-perf-test resource
aws_s3_bucket_lifecycle_configuration.sbo-cell-svc-perf-test resource
aws_s3_bucket_metric.sbo-cell-svc-perf-test-metrics resource
aws_s3_bucket_public_access_block.sbo-cell-svc-perf-test resource
aws_s3_bucket_versioning.sbo-cell-svc-perf-test-versioning resource
aws_s3_object.sbo-cell-svc-perf-test-directory resource
aws_security_group.ssh_bastion_hosts resource
aws_ssoadmin_permission_set.readonly_with_additional_billing_rights resource
aws_ssoadmin_permission_set.readonly_with_additional_dashboard_rights resource
aws_ssoadmin_permission_set.readonly_with_additional_ecs_rights resource
aws_ssoadmin_permission_set.readonly_with_additional_hpc_rights resource
aws_ssoadmin_permission_set.readonly_with_additional_s3_rights resource
aws_ssoadmin_permission_set.readonly_with_additional_waframework_rights resource
aws_ssoadmin_permission_set_inline_policy.readonly_with_additional_billing_rights resource
aws_ssoadmin_permission_set_inline_policy.readonly_with_additional_dashboard_rights resource
aws_ssoadmin_permission_set_inline_policy.readonly_with_additional_ecs_rights resource
aws_ssoadmin_permission_set_inline_policy.readonly_with_additional_hpc_rights resource
aws_ssoadmin_permission_set_inline_policy.readonly_with_additional_s3_rights resource
aws_ssoadmin_permission_set_inline_policy.readonly_with_additional_waframework_rights resource
aws_vpc_security_group_egress_rule.ssh_bastion_hosts_allow_everything_outgoing resource
aws_vpc_security_group_ingress_rule.ssh_bastion_hosts_allow_http_internal resource
aws_vpc_security_group_ingress_rule.ssh_bastion_hosts_allow_https_internal resource
aws_vpc_security_group_ingress_rule.ssh_bastion_hosts_allow_ssh_external resource
aws_ami.almalinux data source
aws_ami.amazon_linux_2_ecs data source
aws_caller_identity.current data source
aws_iam_policy_document.apigw data source
aws_region.current data source
aws_ssoadmin_instances.ssoadmin_instances data source
terraform_remote_state.common data source

Inputs

Name Description Type Default Required
cell_svc_bucket_name n/a string n/a yes
core_web_app_docker_image_url docker image for the core-web-app string n/a yes
create_ssh_bastion_vm_on_public_a_network Create SSH bastion VM on public network in availability zone A: needed for access to HPC resources for example bool true no
ec_apikey n/a string n/a yes
is_production Whether deployment is happening in production or not bool true no
ml_paper_bucket_name n/a string n/a yes
nexus_az_letter_id n/a string n/a yes
nexus_domain_name n/a string n/a yes
nexus_obp_bucket_name n/a string n/a yes
nexus_openscience_bucket_name n/a string n/a yes
nexus_ship_bucket_name n/a string n/a yes
nise_dockerhub_password Password for the NISE dockerhub access. Set via TF_VAR_nise_dockerhub_password variable. string n/a yes
terraform_remote_state_bucket_name Bucket name storing the deployment-common tfstate string n/a yes
virtual_lab_manager_base_path The base path for the virtual lab manager string "/api/virtual-lab-manager" no
virtual_lab_manager_docker_image_url docker image for the virtual lab manager string "bluebrain/obp-virtual-lab-api:latest" no
virtual_lab_manager_ecs_number_of_containers Number of containers for the virtual lab manager number 1 no
virtual_lab_manager_log_group_name The log name within cloudwatch for the virtual lab manager string "virtual_lab_manager" no

Outputs

Name Description
admin_vm_on_public_a_dns_cname n/a
admin_vm_on_public_a_network_ip n/a
admin_vm_on_public_a_network_name n/a
admin_vm_on_public_b_network_ip n/a
admin_vm_on_public_b_network_name n/a

Funding and Acknowledgement

The development of this software was supported by funding to the Blue Brain Project, a research center of the École polytechnique fédérale de Lausanne (EPFL), from the Swiss government’s ETH Board of the Swiss Federal Institutes of Technology.

Copyright (c) 2015-2024 Blue Brain Project/EPFL Copyright (c) 2025 Open Brain Institute