Secure Environment
A secure environment can be specified for a container in the docker-compose.yml
file by adding convox.environment.secure=true
to the labels, like so:
version: "2"
services:
web:
build: .
ports:
- 4444:4444
labels:
- convox.environment.secure=true
Once the secure environment is enabled, 3 environment variables will be passed into the container at runtime. These variables are:
-
SECURE_ENVIRONMENT_URL
- The url to the s3 file that contains the environment (encrypted with KMS) -
SECURE_ENVIRONMENT_TYPE
- The type of the file that is encrypted in s3. This is reserved for the future. For now it only returnsenvfile
-
SECURE_ENVIRONMENT_KEY
- The arn to the KMS key. Used for decryption of the environment file referenced bySECURE_ENVIRONMENT_URL
See #2150 and #2160 for more information
Remove instance type check
Removing the instance type check to prevent users from being blocked when a new instance type is introduced. Any typos will not be immediately obvious as it’s now CloudFormation’s responsibility to validate the type. The rack will eventually rollback and show the original instance type if an invalid type is specified.
See #2165 for more information