Merge pull request #4 from MaterializeInc/update-examples

Add `enable_cluster_creator_admin_permissions` variable
MaterializeInc · Nov 19, 2024 · 4d0bb24 · 4d0bb24
2 parents f1dcbe1 + 5334dba
commit 4d0bb24
Show file tree

Hide file tree

Showing 8 changed files with 88 additions and 39 deletions.
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
diff --git a/README.md b/README.md
@@ -22,7 +22,7 @@ The module has been tested with:
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.75.1 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.76.0 |
 
 ## Modules
 
@@ -66,6 +66,7 @@ The module has been tested with:
 | <a name="input_db_multi_az"></a> [db\_multi\_az](#input\_db\_multi\_az) | Enable multi-AZ deployment for RDS | `bool` | `false` | no |
 | <a name="input_enable_bucket_encryption"></a> [enable\_bucket\_encryption](#input\_enable\_bucket\_encryption) | Enable server-side encryption for the S3 bucket | `bool` | `true` | no |
 | <a name="input_enable_bucket_versioning"></a> [enable\_bucket\_versioning](#input\_enable\_bucket\_versioning) | Enable versioning for the S3 bucket | `bool` | `true` | no |
+| <a name="input_enable_cluster_creator_admin_permissions"></a> [enable\_cluster\_creator\_admin\_permissions](#input\_enable\_cluster\_creator\_admin\_permissions) | To add the current caller identity as an administrat | `bool` | `true` | no |
 | <a name="input_enable_monitoring"></a> [enable\_monitoring](#input\_enable\_monitoring) | Enable CloudWatch monitoring | `bool` | `true` | no |
 | <a name="input_environment"></a> [environment](#input\_environment) | Environment name (e.g., prod, staging, dev) | `string` | `"dev"` | no |
 | <a name="input_metrics_retention_days"></a> [metrics\_retention\_days](#input\_metrics\_retention\_days) | Number of days to retain CloudWatch metrics | `number` | `7` | no |

diff --git a/examples/simple/main.tf b/examples/simple/main.tf
@@ -3,6 +3,8 @@ provider "aws" {
 }
 
 module "materialize_infrastructure" {
+  # To pull this from GitHub, use the following:
+  # source = "git::https://github.com/MaterializeInc/terraform-aws-materialize.git"
   source = "../../"
 
   # Basic settings
@@ -18,12 +20,13 @@ module "materialize_infrastructure" {
   single_nat_gateway   = true
 
   # EKS Configuration
-  cluster_version           = "1.31"
-  node_group_instance_types = ["t3.medium"]
-  node_group_desired_size   = 2
-  node_group_min_size       = 1
-  node_group_max_size       = 3
-  node_group_capacity_type  = "ON_DEMAND"
+  cluster_version                          = "1.31"
+  node_group_instance_types                = ["m6g.medium"]
+  node_group_desired_size                  = 2
+  node_group_min_size                      = 1
+  node_group_max_size                      = 3
+  node_group_capacity_type                 = "ON_DEMAND"
+  enable_cluster_creator_admin_permissions = true
 
   # Storage Configuration
   bucket_name              = "materialize-simple-storage-${random_id.suffix.hex}"
@@ -43,7 +46,7 @@ module "materialize_infrastructure" {
 
   # Basic monitoring
   enable_monitoring      = true
-  metrics_retention_days = 7
+  metrics_retention_days = 3
 
   # Tags
   tags = {
@@ -58,7 +61,12 @@ resource "random_id" "suffix" {
   byte_length = 4
 }
 
-# outputs.tf
+# Outputs
+output "vpc_id" {
+  description = "VPC ID"
+  value       = module.materialize_infrastructure.vpc_id
+}
+
 output "eks_cluster_endpoint" {
   description = "EKS cluster endpoint"
   value       = module.materialize_infrastructure.eks_cluster_endpoint
@@ -73,3 +81,24 @@ output "s3_bucket_name" {
   description = "Name of the S3 bucket"
   value       = module.materialize_infrastructure.s3_bucket_name
 }
+
+output "metadata_backend_url" {
+  description = "PostgreSQL connection URL in the format required by Materialize"
+  value       = module.materialize_infrastructure.metadata_backend_url
+  sensitive   = true
+}
+
+output "persist_backend_url" {
+  description = "S3 connection URL in the format required by Materialize using IRSA"
+  value       = module.materialize_infrastructure.persist_backend_url
+}
+
+output "oidc_provider_arn" {
+  description = "The ARN of the OIDC Provider"
+  value       = module.materialize_infrastructure.oidc_provider_arn
+}
+
+output "materialize_s3_role_arn" {
+  description = "The ARN of the IAM role for Materialize"
+  value       = module.materialize_infrastructure.materialize_s3_role_arn
+}
diff --git a/main.tf b/main.tf
@@ -14,18 +14,19 @@ module "networking" {
 module "eks" {
   source = "./modules/eks"
 
-  cluster_name              = var.cluster_name
-  cluster_version           = var.cluster_version
-  vpc_id                    = module.networking.vpc_id
-  private_subnet_ids        = module.networking.private_subnet_ids
-  environment               = var.environment
-  node_group_desired_size   = var.node_group_desired_size
-  node_group_min_size       = var.node_group_min_size
-  node_group_max_size       = var.node_group_max_size
-  node_group_instance_types = var.node_group_instance_types
-  tags                      = var.tags
-  cluster_enabled_log_types = var.cluster_enabled_log_types
-  node_group_capacity_type  = var.node_group_capacity_type
+  cluster_name                             = var.cluster_name
+  cluster_version                          = var.cluster_version
+  vpc_id                                   = module.networking.vpc_id
+  private_subnet_ids                       = module.networking.private_subnet_ids
+  environment                              = var.environment
+  node_group_desired_size                  = var.node_group_desired_size
+  node_group_min_size                      = var.node_group_min_size
+  node_group_max_size                      = var.node_group_max_size
+  node_group_instance_types                = var.node_group_instance_types
+  tags                                     = var.tags
+  cluster_enabled_log_types                = var.cluster_enabled_log_types
+  node_group_capacity_type                 = var.node_group_capacity_type
+  enable_cluster_creator_admin_permissions = var.enable_cluster_creator_admin_permissions
 }
 
 module "storage" {

diff --git a/modules/eks/main.tf b/modules/eks/main.tf
@@ -33,5 +33,9 @@ module "eks" {
     }
   }
 
+  # Cluster access entry
+  # To add the current caller identity as an administrat
+  enable_cluster_creator_admin_permissions = var.enable_cluster_creator_admin_permissions
+
   tags = var.tags
 }
diff --git a/modules/eks/variables.tf b/modules/eks/variables.tf
@@ -60,3 +60,9 @@ variable "node_group_capacity_type" {
   type        = string
   default     = "ON_DEMAND"
 }
+
+variable "enable_cluster_creator_admin_permissions" {
+  description = "To add the current caller identity as an administrat"
+  type        = bool
+  default     = true
+}
diff --git a/terraform.tfvars.example b/terraform.tfvars.example
@@ -18,3 +18,5 @@ node_group_max_size       = 5
 db_instance_class    = "db.t3.micro"
 db_allocated_storage = 20
 db_multi_az          = false
+
+enable_cluster_creator_admin_permissions = true
diff --git a/variables.tf b/variables.tf
@@ -108,6 +108,12 @@ variable "cluster_enabled_log_types" {
   default     = ["api", "audit", "authenticator", "controllerManager", "scheduler"]
 }
 
+variable "enable_cluster_creator_admin_permissions" {
+  description = "To add the current caller identity as an administrat"
+  type        = bool
+  default     = true
+}
+
 # RDS Variables
 variable "db_identifier" {
   description = "Identifier for the RDS instance"