Rebar Environment Variables

Monkton, Inc.

This page contains all the configuration settings for Rebar for instantiating the Rebar Hub. This will enable deployment of the Rebar API and Rebar Admin portals.

Common Environment Variables

These keys provide the root Rebar configuration for the Rebar Hub, both the API and Admin services.

Key Description Required
ASPNETCORE_ENVIRONMENT A .NET Core environment variable indicating the deployment environment. Development or Production are allowed values. No
REBAR_AWS Indicates if we are deployed inside AWS. true or false are allowed values. No
REBAR_CORE_TYPE Indicates the service being deployed, API or Admin. ADMIN or API are allowed values. Configure the value depending on the service in use. Yes
REBAR_DISABLE_SSL Indicates if we are expecting an TLS connection. Reverse proxies should indicate false. true or false are allowed values. Yes
REBAR_CACHE_ENABLED Indicates if we are caching data for apps. Admin should be false and APIs should be true. true or false are allowed values. Yes
REBAR_AUTH_COOKIE_LIFE Indicates the duration (in minutes) for administrative logins. Yes
REBAR_AUTH_COOKIE_SLIDING Indicates if the admin cookie should have a sliding expiration the default is false. true or false are allowed values. Yes
REBAR_CDN_TARGET Indicates the CDN scheme, host, and path for CDN hosted Rebar static assets. No
REBAR_DOCKER_URLS The Admin configuration should be set to http://0.0.0.0:5959 and the Rebar API services should be set to http://0.0.0.0:5858 Yes

AWS FedRAMP and DoD SRG Compliance

These keys provide AWS specific Configuration elements that are required for AWS FedRAMP and DoD SRG Compliance. Rebar leverages AWS Kinesis to provide a reliable stream for log data to be stored for at least 6 years.

Key Description Required
MONKTON_AUDIT_KINESIS_STREAM Indicates the name of the AWS Kinesis stream for logging. If you are enabling Rebar for FedRAMP Environments within AWS this is required for compliance. Yes
MONKTON_AWS_REGION Indicates the region that AWS Kinesis is available in. If you are enabling Rebar for FedRAMP Environments within AWS this is required for compliance. No

AWS Specific Configuration

These keys provide AWS specific Configuration elements. Each of these, as denoted by the description fills a specific purpose to configure an AWS service that is consumed by Rebar.

Key Description Required
REBAR_AWS_SNS_REGION Indicates the region that AWS SNS is being deployed in. No
REBAR_S3_DATA_PROTECTION Indicates if we are using S3 to store the session encryption keys, the default is false. true or false are allowed values. No
REBAR_S3_DATA_PROTECTION_PREFIX The S3 key prefix for the keys. Ideally, you will create a key for admin and api No
REBAR_SSM_PREFIX The Prefix for SSM variables for this instance of Rebar No
REBAR_SSM_KMS The ARN for the SSM KMS Key No
REBAR_SSM_REGION The Region for the SSM KMS Key No

AWS Specific DynamoDB Configuration

These keys provide AWS specific Configuration elements for the DynamoDB data storage service that Rebar leverages within AWS.

Key Description Required
REBAR_DATABASE_KIND Indicates what type of database we are storing data in. This should be dynamodb Yes
REBAR_DYNAMO_AUTO_CONFIGURED Indicates if DynamoDB is automatically configured, set to true Yes
REBAR_DYNAMO_TYPE Indicates what type of database credentials we will use to connect to DynamoDB. This should be iam Yes
REBAR_DYNAMO_REGION The region where DynamoDB is located Yes
REBAR_DYNAMO_PREFIX The prefix for our DynamoDB tables Yes
REBAR_DYNAMO_POSTFIX The postfix for our DynamoDB tables Yes

Okta Specific Configuration

These keys provide Okta specific Configuration elements to configure the Okta security services.

Key Description Required
OTKA_ENABLED Indicates if Okta is enabled, the default is false. true or false are allowed values. Yes
OTKA_DOMAIN The Okta Domain for Authentication Yes
OTKA_CLIENT_ID The Okta OIDC Client ID Yes
OTKA_CLIENT_SECRET The Okta OIDC Client Secret Yes