Installing & Updating

Reveloo is delivered as a Container-as-a-Service hosted in your AWS Account. It works well with Fargate. For detailed Fargate configuration instructions, or if you’re interested in a managed service instead, contact Justin.

The container requires the following environmental variables:

  • SECRET_KEY — a token that enables authorization (provided by Justin)
  • COMPANY — a unique lowercase slug representing your company (provided by Justin)
  • REDSHIFT_URL — connection string in the form of postgresql://[user:password]@[netloc][:port][/dbname] Note that the Redshift user specified must have the ability to either create schemas or read/write to two schemas named rloo and rloo_dev, and should have read access to any tables that will be supplying data shared in the portal.
  • SLACK_API_TOKEN (optional) – Slack “Bot User OAuth Access Token” token, created by:

    • Visiting & creating a new app
    • Navigating to “OAuth & Permissions”, enabling the chat:write Bot Token Scope, and clicking “Install App to Workspace”

HTTPS (port 443) egress traffic to the following IPs needs to be allowed:

  • — Reveloo’s admin server, used for serving additional configuration and SQL schemas which determine how data is transformed
  • — Sentry, for exception monitoring


The service must have a custom domain with HTTPS auto-redirection. When this is setup, share the domain with Justin so he can enable automatic token generation from Contact Justin if you’d like to use a subdomain.


Authentication is handled by redirecting unauthenticated users to, which uses Google OAuth to identify users and verify emails. If an email belonging to a domain associated with Reveloo is identified, and the user is whitelisted to use the service, they are redirected back to the on-premise service with a short term token signing them in.


The service has three publicly accessible endpoints:

  • /health — Return “Healthy” if the service is serving requests
  • /version — Returns the app version
  • /test — Return “Connected” if the service is successfully connected to Redshift

All other endpoints are private.

The web application is a Vue.js app. All displayed content is automatically escaped. SQL is automatically escaped using the standard psycopg2 module.

© Reveloo 2020
FAQ · Docs · Terms