Truefoundry AWS platform features
| Name | Version |
|---|---|
| terraform | >= 1.4 |
| aws | 5.14.0 |
| Name | Version |
|---|---|
| aws | 5.14.0 |
| Name | Source | Version |
|---|---|---|
| truefoundry_bucket | terraform-aws-modules/s3-bucket/aws | 3.15.0 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_account_id | AWS account id | string |
n/a | yes |
| aws_region | AWS region | string |
n/a | yes |
| blob_storage_cors_origins | List of CORS origins for Mlfoundry bucket | list(string) |
[ |
no |
| blob_storage_enable_override | Enable overriding the name of s3 bucket. This will only be used if feature_blob_storage_enabled is enabled. You need to pass s3_override_name to pass the bucket name | bool |
false |
no |
| blob_storage_encryption_algorithm | Algorithm used for encrypting the default bucket. | string |
"AES256" |
no |
| blob_storage_encryption_key_arn | ARN of the key used to encrypt the bucket. Only needed if you set aws:kms as encryption algorithm. | string |
null |
no |
| blob_storage_force_destroy | Force destroy for mlfoundry s3 bucket | bool |
true |
no |
| blob_storage_override_name | S3 bucket name. Only used if s3_enable_override is enabled | string |
"" |
no |
| cluster_name | Name of the EKS cluster | string |
n/a | yes |
| control_plane_roles | Control plane roles that can assume your platform role | list(string) |
[ |
no |
| feature_blob_storage_enabled | Enable blob storage feature in the platform | bool |
true |
no |
| feature_cluster_integration_enabled | Enable cluster integration feature in the platform | bool |
true |
no |
| feature_docker_registry_enabled | Enable docker registry feature in the platform | bool |
true |
no |
| feature_parameter_store_enabled | Enable parameter store feature in the platform | bool |
true |
no |
| feature_secrets_manager_enabled | Enable secrets manager feature in the platform | bool |
false |
no |
| platform_feature_enabled | Enable platform features like docker registry, secrets manager and blob storage | bool |
true |
no |
| platform_role_enable_override | Enable overriding the platform role name. You need to pass s3_override_name to pass the bucket name | bool |
false |
no |
| platform_role_override_name | Platform IAM role name which will have access to S3 bucket, SSM and ECR | string |
"" |
no |
| platform_user_enabled | Enable creation of a platform feature user | bool |
false |
no |
| platform_user_force_destroy | Enable force destroy of the user | bool |
true |
no |
| platform_user_name_override_enabled | Enable overriding the platform user name. You need to pass platform_user_override_name to pass the user name | bool |
false |
no |
| platform_user_override_name | Username to override the default platform feature user | string |
"" |
no |
| tags | A map of tags to add to all resources | map(string) |
{} |
no |
| Name | Description |
|---|---|
| platform_iam_role_arn | The IAM role resource arn |
| platform_iam_role_assume_role_arns | The IAM role arns which has been assume by platform_iam_role |
| platform_iam_role_name | Then name of the IAM role |
| platform_iam_role_policy_arns | The list of ARNs of policies directly assigned to the IAM user |
| platform_user_access_key | The user access key ID |
| platform_user_arn | The user IAM resource arn |
| platform_user_bucket_arn | The bucket's arn |
| platform_user_bucket_name | The bucket's ID/name |
| platform_user_ecr_url | The ECR url to connect |
| platform_user_enabled | The user is enabled |
| platform_user_secret_key | The user secret key |