mwaa
cloudposse/mwaa/aws
Terraform module to provision Amazon Managed Workflows for Apache Airflow (MWAA)
Terraform module to provision Amazon Managed Workflows for Apache Airflow > [!TIP] > #### 👽 Use Atmos with Terraform > Cloud Posse uses atmos to easily orchestrate multiple environments using Terraform. > Works with Github Actions, Atlantis, or Spacelift. > > > Watch demo of using Atmos with Terraform > > Example of running atmos to manage infrastructure from our Quick Start tutorial. > Usage For a complete example, see examples/complete. For automated tests of the complete example using bats and Terratest (which tests and deploys the example on AWS), see test. ```hcl module "mwaa" { source = "cloudposse/mwaa/aws" # Cloud Posse recommends pinning every module to a specific version # version = "x.x.x" vpc_id = var.vpc_id subnet_ids = var.subnet_ids airflow_version = "2.0.2" dag_s3_path = "d
| Name | Type | Description | Default |
|---|---|---|---|
| region | string | AWS region | |
| subnet_ids | list(string) | The private subnet IDs in which the environment should be created. MWAA requires | |
| create_s3_bucket | bool | Enabling or disabling the creatation of an S3 bucket for AWS MWAA | true |
| startup_script_s3_object_version | string | The version of the startup shell script you want to use. You must specify the ve | null |
| labels_as_tags | set(string) | Set of labels (ID elements) to include as tags in the `tags` output. Default is | [
"default"
] |
| schedulers | number | The number of schedulers that you want to run in your environment. | 2 |
| dag_processing_logs_enabled | bool | Enabling or disabling the collection of logs for processing DAGs | false |
| tags | map(string) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`). Neither the tag keys nor the t | {} |
| security_group_create_timeout | string | How long to wait for the security group to be created. | "10m" |
| allow_all_egress | bool | If `true`, the created security group will allow egress on all ports and protoco | true |
| requirements_s3_path | string | The relative path to the requirements.txt file on your Amazon S3 storage bucket. | null |
| task_logs_enabled | bool | Enabling or disabling the collection of logs for DAG tasks | false |
| scheduler_logs_enabled | bool | Enabling or disabling the collection of logs for the schedulers | false |
| associated_security_group_ids | list(string) | A list of IDs of Security Groups to associate the created resource with, in addi | [] |
| allowed_cidr_blocks | list(string) | A list of IPv4 CIDRs to allow access to the security group created by this modul | [] |
| max_workers | number | The maximum number of workers that can be automatically scaled up. Value need to | 10 |
| enabled | bool | Set to false to prevent the module from creating any resources | null |
| execution_role_arn | string | If `create_iam_role` is `false` then set this to the target MWAA execution role | "" |
| environment_class | string | Environment class for the cluster. Possible options are mw1.small, mw1.medium, m | "mw1.small" |
| requirements_s3_object_version | string | The requirements.txt file version you | null |
| stage | string | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'bu | null |
| descriptor_formats | any | Describe additional descriptors to be output in the `descriptors` output map. Ma | {} |
| … and 10 more inputs | |||
security_group_name — The name of the created security grouparn — The ARN of the Amazon MWAA Environmentcreated_at — The Created At date of the Amazon MWAA Environmentlogging_configuration — The Logging Configuration of the Amazon MWAA Environmentservice_role_arn — The Service Role ARN of the Amazon MWAA Environmentstatus — The status of the Amazon MWAA Environmenttags_all — A map of tags assigned to the resource, including those inherited from the provider for the Amazon Mwebserver_url — The webserver URL of the Amazon MWAA Environmentsecurity_group_id — The ID of the created security groups3_bucket_arn — ARN of the S3 bucketexecution_role_arn — IAM Role ARN for Amazon MWAA Execution Rolesecurity_group_arn — The ARN of the created security group