Truefoundry AWS platform features
Name | Version |
---|---|
terraform | ~> 1.4 |
aws | ~> 5.57 |
Name | Version |
---|---|
aws | ~> 5.57 |
Name | Source | Version |
---|---|---|
truefoundry_bucket | terraform-aws-modules/s3-bucket/aws | 3.15.0 |
Name | Description | Type | Default | Required |
---|---|---|---|---|
aws_account_id | AWS account id | string |
n/a | yes |
aws_region | AWS region | string |
n/a | yes |
blob_storage_cors_origins | List of CORS origins for Mlfoundry bucket | list(string) |
[ |
no |
blob_storage_enable_override | Enable overriding the name of s3 bucket. This will only be used if feature_blob_storage_enabled is enabled. You need to pass blob_storage_override_name to pass the bucket name | bool |
false |
no |
blob_storage_encryption_algorithm | Algorithm used for encrypting the default bucket. | string |
"AES256" |
no |
blob_storage_encryption_key_arn | ARN of the key used to encrypt the bucket. Only needed if you set aws:kms as encryption algorithm. | string |
null |
no |
blob_storage_force_destroy | Force destroy for mlfoundry s3 bucket | bool |
true |
no |
blob_storage_override_name | S3 bucket name. Only used if s3_enable_override is enabled | string |
"" |
no |
cluster_name | Name of the EKS cluster | string |
n/a | yes |
control_plane_roles | Control plane roles that can assume your platform role | list(string) |
[ |
no |
feature_blob_storage_enabled | Enable blob storage feature in the platform | bool |
true |
no |
feature_cluster_integration_enabled | Enable cluster integration feature in the platform | bool |
true |
no |
feature_docker_registry_enabled | Enable docker registry feature in the platform | bool |
true |
no |
feature_parameter_store_enabled | Enable parameter store feature in the platform | bool |
true |
no |
feature_secrets_manager_enabled | Enable secrets manager feature in the platform | bool |
false |
no |
flyte_propeller_serviceaccount_name | Name for the Flyte Propeller service account | string |
"flytepropeller" |
no |
flyte_propeller_serviceaccount_namespace | Namespace for the Flyte Propeller service account | string |
"tfy-workflow-propeller" |
no |
oidc_provider_url | OIDC provider URL | string |
"" |
no |
platform_role_enable_override | Enable overriding the platform role name. You need to pass blob_storage_override_name to pass the bucket name | bool |
false |
no |
platform_role_override_name | Platform IAM role name which will have access to S3 bucket, SSM and ECR | string |
"" |
no |
platform_user_enabled | Enable creation of a platform feature user | bool |
false |
no |
platform_user_force_destroy | Enable force destroy of the user | bool |
true |
no |
platform_user_name_override_enabled | Enable overriding the platform user name. You need to pass platform_user_override_name to pass the user name | bool |
false |
no |
platform_user_override_name | Username to override the default platform feature user | string |
"" |
no |
tags | A map of tags to add to all resources | map(string) |
{} |
no |
Name | Description |
---|---|
blob_storage_uri | URI of the S3 bucket |
platform_bucket_arn | ARN of the S3 bucket |
platform_bucket_enabled | Flag to enable S3 bucket for the platform |
platform_bucket_name | Name/ID of the S3 bucket |
platform_cluster_integration_enabled | Flag to enable cluster integration for the platform |
platform_ecr_enabled | Flag to enable ECR for the platform |
platform_ecr_url | The ECR url to connect |
platform_iam_role_arn | The platform IAM role arn |
platform_iam_role_assume_role_arns | The role arns that can assume the platform IAM role |
platform_iam_role_enabled | Flag to enable IAM role for the platform. If false, the user will be created. |
platform_iam_role_policy_arns | The platform IAM role policy arns |
platform_secrets_manager_enabled | Flag to enable Secrets Manager for the platform |
platform_ssm_enabled | Flag to enable Parameter Store for the platform |
platform_user_access_key | The user access key ID |
platform_user_arn | The user IAM resource arn |
platform_user_enabled | Flag to enable user for the platform. If false, the iam role will be created. |
platform_user_secret_key | The user secret key |