Skip to content

Latest commit

 

History

History
115 lines (96 loc) · 11.9 KB

README.md

File metadata and controls

115 lines (96 loc) · 11.9 KB

Materialize on AWS Cloud Platform

Terraform module for deploying Materialize on AWS Cloud Platform with all required infrastructure components.

Warning This is provided on a best-effort basis and Materialize cannot offer support for this module.

The module has been tested with:

  • PostgreSQL 15
  • Materialize Operator v0.1.0

Requirements

Name Version
terraform >= 1.0
aws ~> 5.0
helm ~> 2.0
kubernetes ~> 2.0

Providers

Name Version
aws 5.76.0

Modules

Name Source Version
database ./modules/database n/a
eks ./modules/eks n/a
networking ./modules/networking n/a
storage ./modules/storage n/a

Resources

Name Type
aws_cloudwatch_log_group.materialize resource
aws_iam_access_key.materialize_user resource
aws_iam_role.materialize_s3 resource
aws_iam_role_policy.materialize_s3 resource
aws_iam_user.materialize resource
aws_iam_user_policy.materialize_s3 resource

Inputs

Name Description Type Default Required
availability_zones List of availability zones list(string)
[
"us-east-1a",
"us-east-1b",
"us-east-1c"
]
no
bucket_force_destroy Enable force destroy for the S3 bucket bool false no
bucket_lifecycle_rules List of lifecycle rules for the S3 bucket
list(object({
id = string
enabled = bool
prefix = string
transition_days = number
transition_storage_class = string
expiration_days = number
noncurrent_version_expiration_days = number
}))
[
{
"enabled": true,
"expiration_days": 365,
"id": "cleanup",
"noncurrent_version_expiration_days": 90,
"prefix": "",
"transition_days": 90,
"transition_storage_class": "STANDARD_IA"
}
]
no
bucket_name Name of the S3 bucket string n/a yes
bucket_prefix Prefix for the S3 bucket string "system" no
cluster_enabled_log_types List of desired control plane logging to enable list(string)
[
"api",
"audit",
"authenticator",
"controllerManager",
"scheduler"
]
no
cluster_name Name of the EKS cluster string "materialize-cluster" no
cluster_version Kubernetes version for the EKS cluster string "1.31" no
database_name Name of the database to create string "materialize" no
database_password Password for the database (should be provided via tfvars or environment variable) string n/a yes
database_username Username for the database string "materialize" no
db_allocated_storage Allocated storage for the RDS instance (in GB) number 20 no
db_identifier Identifier for the RDS instance string "materialize-db" no
db_instance_class Instance class for the RDS instance string "db.t3.large" no
db_max_allocated_storage Maximum storage for autoscaling (in GB) number 100 no
db_multi_az Enable multi-AZ deployment for RDS bool false no
enable_bucket_encryption Enable server-side encryption for the S3 bucket bool true no
enable_bucket_versioning Enable versioning for the S3 bucket bool true no
enable_cluster_creator_admin_permissions To add the current caller identity as an administrator bool true no
enable_monitoring Enable CloudWatch monitoring bool true no
environment Environment name (e.g., prod, staging, dev) string "dev" no
log_group_name_prefix Prefix for the CloudWatch log group name (will be combined with environment name) string "materialize" no
metrics_retention_days Number of days to retain CloudWatch metrics number 7 no
mz_iam_policy_name Name of the IAM policy for Materialize S3 access string "materialize-s3-access" no
mz_iam_role_name Name of the IAM role for Materialize S3 access (will be prefixed with environment name) string "materialize-s3-role" no
mz_iam_service_account_name Name of the IAM user for Materialize service authentication (will be prefixed with environment name) string "materialize-user" no
namespace Namespace for Materialize resources string "materialize-environment" no
node_group_ami_type AMI type for the node group string "AL2023_x86_64_STANDARD" no
node_group_capacity_type Capacity type for worker nodes (ON_DEMAND or SPOT) string "ON_DEMAND" no
node_group_desired_size Desired number of worker nodes number 2 no
node_group_instance_types Instance types for worker nodes.

Recommended Configuration for Running Materialize with disk:
- Tested instance types: m6g, m7g families (ARM-based Graviton instances)
- AMI: AWS Bottlerocket (optimized for container workloads)
- Note: Ensure instance store volumes are available and attached to the nodes for optimal performance with disk-based workloads.
list(string)
[
"m6g.medium"
]
no
node_group_max_size Maximum number of worker nodes number 4 no
node_group_min_size Minimum number of worker nodes number 1 no
postgres_version Version of PostgreSQL to use string "15" no
private_subnet_cidrs CIDR blocks for private subnets list(string)
[
"10.0.1.0/24",
"10.0.2.0/24",
"10.0.3.0/24"
]
no
public_subnet_cidrs CIDR blocks for public subnets list(string)
[
"10.0.101.0/24",
"10.0.102.0/24",
"10.0.103.0/24"
]
no
service_account_name Name of the service account string "12345678-1234-1234-1234-123456789012" no
single_nat_gateway Use a single NAT Gateway for all private subnets bool false no
tags Default tags to apply to all resources map(string)
{
"Environment": "dev",
"Project": "materialize",
"Terraform": "true"
}
no
vpc_cidr CIDR block for VPC string "10.0.0.0/16" no
vpc_name Name of the VPC string "materialize-vpc" no

Outputs

Name Description
database_endpoint RDS instance endpoint
eks_cluster_endpoint EKS cluster endpoint
materialize_s3_role_arn The ARN of the IAM role for Materialize
metadata_backend_url PostgreSQL connection URL in the format required by Materialize
oidc_provider_arn The ARN of the OIDC Provider
persist_backend_url S3 connection URL in the format required by Materialize using IRSA
s3_bucket_name Name of the S3 bucket
vpc_id VPC ID

Post-Deployment Setup

After successfully deploying the infrastructure with this module, you'll need to:

  1. (Optional) Configure storage classes
  2. Install the Materialize Operator
  3. Deploy your first Materialize environment

See our Operator Installation Guide for instructions.