/terraform-statcan-aaw-platform

Terraform module for the Advanced Analytics Workspaces (AAW) platform

Primary LanguageHCLOtherNOASSERTION

terraform-statcan-aaw-platform

Requirements

Name Version
terraform >= 1.3
azurerm >= 2.0.0, < 3.0.0
helm >= 2.0.0, < 3.0.0
kubernetes >= 2.0.0, < 3.0.0

Providers

Name Version
kubernetes >= 2.0.0, < 3.0.0

Modules

Name Source Version
app_platform git::https://gitlab.k8s.cloud.statcan.ca/cloudnative/terraform/modules/terraform-statcan-kubernetes-app-platform.git v4.3.0
core_platform git::https://gitlab.k8s.cloud.statcan.ca/cloudnative/terraform/modules/terraform-statcan-kubernetes-core-platform.git v2.18.0
namespace_daaas_system git::https://github.com/canada-ca-terraform-modules/terraform-kubernetes-namespace.git v2.2.0
platform_infrastructure git::https://gitlab.k8s.cloud.statcan.ca/cloudnative/terraform/modules/terraform-azure-statcan-cloud-native-platform-infrastructure.git n/a

Inputs

Name Description Type Default Required
administrative_groups List of administrative groups list(string) n/a yes
aks_system_subnet_id AKS System subnet ID any n/a yes
argo_workflows_client_id The Client ID for Argo Workflows any n/a yes
argo_workflows_client_secret The Client Secret for Argo Workflows any n/a yes
azure_region Region to deploy Azure resources in any n/a yes
azure_tags Tags to apply to Azure resources map(string) n/a yes
cluster_node_resource_group_name Name of resource group containing the AKS cluster nodes any n/a yes
cluster_resource_group_name Name of resource group containing the AKS cluster any n/a yes
dns_zone_id Azure DNS Zone ID any n/a yes
dns_zone_name Name of the dns zone any n/a yes
dns_zone_resource_group_name Azure DNS Zone ID any n/a yes
dns_zone_subscription_id Azure DNS Zone ID any n/a yes
gk_audit_limits_cpu n/a any n/a yes
gk_audit_limits_memory n/a any n/a yes
gk_audit_requests_cpu n/a any n/a yes
gk_audit_requests_memory n/a any n/a yes
gk_limits_cpu n/a any n/a yes
gk_limits_memory n/a any n/a yes
gk_replicas n/a any n/a yes
gk_requests_cpu n/a any n/a yes
gk_requests_memory n/a any n/a yes
grafana_client_id n/a any n/a yes
grafana_client_secret n/a any n/a yes
kubecost_client_id n/a any n/a yes
kubecost_client_secret n/a any n/a yes
kubecost_cluster_profile n/a any n/a yes
kubecost_product_key n/a any n/a yes
kubecost_shared_namespaces n/a any n/a yes
kubecost_slack_token n/a any n/a yes
kubecost_storage_access_key n/a any n/a yes
kubecost_storage_account n/a any n/a yes
kubecost_storage_container n/a any n/a yes
kubecost_token n/a any n/a yes
kubernetes_identity_object_id Kubernetes identity object ID any n/a yes
logging_elasticsearch_url URL to elasticsearch for logging any n/a yes
prefix Prefix for Azure resources any n/a yes
subscription_id Azure Subscription ID any n/a yes
tenant_id Azure Tenant ID any n/a yes
vault_address n/a any n/a yes
additional_alertmanagers List of additional Alertmanager targets for the Platform Prometheus list(string) [] no
global_fluentd_config Global Fluentd config, usually used to define the default plugin string "<plugin default>\n @type null\n</plugin>\n" no
infrastructure_pipeline_subnet_ids Subnet ID of infrastructure pipeline list(string) [] no
kiali_grafana_token The token used to authentiate Kiali to Grafana. string "" no
kiali_resources The limits and requests to set on the Kiali pod.
object({
limits = optional(object({
cpu = optional(string, "50m"),
memory = optional(string, "256Mi"),
}), {
cpu = "50m",
memory = "256Mi",
}),
requests = optional(object({
cpu = optional(string, "10m"),
memory = optional(string, "128Mi"),
}), {
cpu = "10m",
memory = "128Mi",
}),
})
{} no
kubecost_additional_alert_config Additional alerts for kubecost to pick up. Default should never trigger string "- type: budget\n threshold: 100000000000000\n window: 1d\n aggregation: namespace\n filter: default\n" no
kubecost_alert_slack_webhook_url Kubecost global url for reporting alerts string "https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX" no
kubecost_prometheus_node_selector The nodeSelector to apply to the Prometheus instance backing Kubecost. map(string) {} no
load_balancer_subnet Load balancer subnet any null no
logging_elasticsearch_password Elasticsearch password for logging string "" no
logging_elasticsearch_username Elasticsearch username for logging string "" no
meshconfig_enable_tracing Flag to control generation of trace spans and request IDs. bool false no
meshconfig_zipkin_address The URL to send zipkin compatible traces to string "zipkin.istio-system:9411" no
prometheus_additional_scrape_config Default additional scrape configuration for prometheus string `"- job_name: kubecost\n honor_labels: true\n scrape_interval: 1m\n scrape_timeout: 10s\n metrics_path: /metrics\n scheme: http\n dns_sd_configs:\n - names:\n - kubecost-cost-analyzer.kubecost-system\n type: 'A'\n port: 9003\n metric_relabel_configs:\n - source_labels: [persistentvolumeclaim]\n separator: ;\n regex: (aaw-unclassified aaw-protected-b
prometheus_disk_size n/a string "80Gi" no
prometheus_resources The limits and requests to set on the Prometheus pod.
object({
limits = optional(map(string), {}),
requests = optional(map(string), {}),
})
{
"limits": {},
"requests": {}
}
no