This PR adds some improvements to our example CloudFormation template, mainly to enable customers using Google Workspace to deploy a stack with the necessary configuration to connect to Workspace:
introduce Workspace config:
parameters, condition and rule for Workspace config
conditional secrets for creds & settings file
relevant conditional policy to access Workspace secrets
introduce vertical scaling presets based on expected provisioning volume
set /ping as target group health check endpoint to cut down on redundant log entries from the load balancer
run containers in context of non-root users
mount host volumes for Redis and SCIM bridge containers
introduce LogStream resource to use for log-prefix
introduce ephemeral initialization containers to:
change ownership of container volume mounts
create Redis configuration file
log these actions
load Redis config from file on boot
disable Redis persistence (turn off snapshots)
clarified some descriptive text
add appropriate instructions to ./README.md for connecting to Google Workspace
simplify and clarify some steps
white space & formatting
The template can be used for new SCIM bridges connecting to Google Workspace for the first time or to update an existing stack with or without Google Workspace configuration that is deployed using this template or the current template on master.
This PR adds some improvements to our example CloudFormation template, mainly to enable customers using Google Workspace to deploy a stack with the necessary configuration to connect to Workspace:
OP_REDIS_URLenvironment variable/pingas target group health check endpoint to cut down on redundant log entries from the load balancer./README.mdfor connecting to Google WorkspaceThe template can be used for new SCIM bridges connecting to Google Workspace for the first time or to update an existing stack with or without Google Workspace configuration that is deployed using this template or the current template on
master.