latest--environment

shared
Type object
Schema URL https://catalog.lintel.tools/schemas/schemastore/aws-copilot-manifest/_shared/latest--environment.json
Parent schema aws-copilot-manifest
Type: object

Environment manifest for AWS Copilot https://aws.github.io/copilot-cli/docs/manifest/environment/

Properties

name string required

The name of your environment.

pattern=^[a-zA-Z][a-zA-Z0-9-]*$
type string required

Must be set to 'Environment'.

Constant: "Environment"
network object

The network section contains parameters for importing an existing VPC or configuring the Copilot-generated VPC.

1 nested properties
vpc object

The vpc section contains parameters to configure CIDR settings and subnets.

Any of: variant, variant, variant
5 nested properties
id string

The ID of the VPC to import. This field is mutually exclusive with cidr.

pattern=^vpc-[a-f0-9]{8}([a-f0-9]{9})?$
cidr string

An IPv4 CIDR block to associate with the Copilot-generated VPC. This field is mutually exclusive with id.

pattern=^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/\d{1,2}$
subnets object

Configure public and private subnets in a VPC.

2 nested properties
public subnet-config[]

A list of public subnets configuration.

private subnet-config[]

A list of private subnets configuration.

security_group object

Rules for the environment's security group.

2 nested properties
ingress security-group-rule[]

A list of inbound security group rules.

egress security-group-rule[]

A list of outbound security group rules.

flow_logs boolean | object

If you specify 'true', Copilot will enable VPC flow logs to capture information about the IP traffic going in and out of the environment VPC. The default value for VPC flow logs is 14 days (2 weeks).

cdn boolean | object

The cdn section contains parameters related to integrating your service with a CloudFront distribution. To enable the CloudFront distribution, specify cdn: true.

http object

The http section contains parameters to configure the public load balancer shared by Load Balanced Web Services and the internal load balancer shared by Backend Services.

2 nested properties
public object

Configuration for the public load balancer.

4 nested properties
certificates string[]

List of public AWS Certificate Manager certificate ARNs. By attaching public certificates to your load balancer, you can associate your Load Balanced Web Services with a domain name and reach them with HTTPS.

access_logs boolean | object

Enable Elastic Load Balancing access logs. If you specify true, Copilot will create an S3 bucket where the Public Load Balancer will store access logs.

ssl_policy string

Optional. Specify an SSL policy for the HTTPS listener of your Public Load Balancer, when applicable.

Values: "ELBSecurityPolicy-2016-08" "ELBSecurityPolicy-TLS-1-0-2015-04" "ELBSecurityPolicy-TLS-1-1-2017-01" "ELBSecurityPolicy-TLS-1-2-2017-01" "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" "ELBSecurityPolicy-FS-2018-06" "ELBSecurityPolicy-FS-1-1-2019-08" "ELBSecurityPolicy-FS-1-2-2019-08" "ELBSecurityPolicy-FS-1-2-Res-2019-08" "ELBSecurityPolicy-FS-1-2-Res-2020-10"
ingress object

Ingress rules to restrict the Public Load Balancer's traffic.

2 nested properties
cdn boolean

Restrict ingress traffic for the public load balancer to come from a CloudFront distribution.

source_ips string[]

Restrict public load balancer ingress traffic to source IPs.

private object

Configuration for the internal load balancer.

4 nested properties
certificates string[]

List of AWS Certificate Manager certificate ARNs. By attaching public or private certificates to your load balancer, you can associate your Backend Services with a domain name and reach them with HTTPS.

subnets string[]

The subnet IDs to place the internal load balancer in.

ingress object

Ingress rules to allow for the internal load balancer.

1 nested properties
vpc boolean

Enable traffic from within the VPC to the internal load balancer.

ssl_policy string

Optional. Specify an SSL policy for the HTTPS listener of your Internal Load Balancer, when applicable.

Values: "ELBSecurityPolicy-2016-08" "ELBSecurityPolicy-TLS-1-0-2015-04" "ELBSecurityPolicy-TLS-1-1-2017-01" "ELBSecurityPolicy-TLS-1-2-2017-01" "ELBSecurityPolicy-TLS-1-2-Ext-2018-06" "ELBSecurityPolicy-FS-2018-06" "ELBSecurityPolicy-FS-1-1-2019-08" "ELBSecurityPolicy-FS-1-2-2019-08" "ELBSecurityPolicy-FS-1-2-Res-2019-08" "ELBSecurityPolicy-FS-1-2-Res-2020-10"
observability object

The observability section lets you configure ways to collect data about the services and jobs deployed in your environment.

1 nested properties
container_insights boolean

Whether to enable CloudWatch container insights in your environment's ECS cluster.