Reveloo is delivered as a Container-as-a-Service hosted in your AWS Account. It works well with Fargate. For detailed Fargate configuration instructions, or if you’re interested in a managed service instead, contact Justin.
The container requires the following environmental variables:
SECRET_KEY— a token that enables authorization (provided by Justin)
COMPANY— a unique lowercase slug representing your company (provided by Justin)
REDSHIFT_URL— connection string in the form of
postgresql://[user:password]@[netloc][:port][/dbname]Note that the Redshift user specified must have the ability to either create schemas or read/write to two schemas named
rloo_dev, and should have read access to any tables that will be supplying data shared in the portal.
SLACK_API_TOKEN (optional) – Slack “Bot User OAuth Access Token” token, created by:
chat:writeBot Token Scope, and clicking “Install App to Workspace”
HTTPS (port 443) egress traffic to the following IPs needs to be allowed:
18.104.22.168— Reveloo’s admin server, used for serving additional configuration and SQL schemas which determine how data is transformed
22.214.171.124— Sentry, for exception monitoring
The service must have a custom domain with HTTPS auto-redirection. When this is setup, share the domain with Justin so he can enable automatic token generation from reveloo.com. Contact Justin if you’d like to use a reveloo.com subdomain.
Authentication is handled by redirecting unauthenticated users to reveloo.com, which uses Google OAuth to identify users and verify emails. If an email belonging to a domain associated with Reveloo is identified, and the user is whitelisted to use the service, they are redirected back to the on-premise service with a short term token signing them in.
The service has three publicly accessible endpoints:
/health— Return “Healthy” if the service is serving requests
/version— Returns the app version
/test— Return “Connected” if the service is successfully connected to Redshift
All other endpoints are private.
The web application is a Vue.js app. All displayed content is automatically escaped. SQL is automatically escaped using the standard psycopg2 module.