AWS Runtime Setup

Suggest Edits

🚧

You can generate this

If you ran symflow generate, you might already be configured with a connectors.tf file! If so, then you do not need to complete these steps.

This page will describe how to Terraform the resources needed to connect Sym to your AWS account. We will create a file named connectors.tf that declares a runtime_connector module. This module creates

  • An AWS IAM Role that the Sym Runtime can assume when executing your workflows (the Runtime Connector Role)
  • An AWS IAM Policy that allows this Runtime Connector Role to assume additional roles in the /sym/ path
  • A sym_integration resource that connects Sym to the new AWS IAM Role
  • A sym_runtime resource that defines an execution context for the Sym Runtime

For information about the various inputs and outputs of the runtime_connector module, see the Terraform registry.

📘

Prerequisites

We will need the environment.tf file generated by symflow init. If you have not done so yet, please follow the instructions in Installing Sym.

Declare the Runtime Connector Module

In the directory that contains your Sym configuration (i.e. the directory created by symflow init), create a new file named connectors.tf with the following contents:

############ Runtime Connector Setup ##############
# The runtime_connector module creates an IAM Role that the Sym Runtime can assume to execute operations in your AWS account.
module "runtime_connector" {
  source  = "symopsio/runtime-connector/aws"
  version = "~> 2.0"

  environment = local.environment_name
}

Optional: Add the sym_runtime to the sym_environment

If you are going to configure an AWS Strategy (e.g. AWS IAM), then you will also need to declare a runtime_id in your sym_environment resource.

In environment.tf, add a runtime_id to sym_environment.this

resource "sym_environment" "this" {
  name            = local.environment_name
  error_logger_id = sym_error_logger.slack.id

  # This is required for AWS Strategies
  runtime_id = module.runtime_connector.sym_runtime.id

  integrations = {
    slack_id = sym_integration.slack.id
  }
}

Finally, run terraform init && terraform apply.

Updated 5 months ago