Terraform module for deploying Materialize on AWS Cloud Platform with all required infrastructure components.
Warning This is provided on a best-effort basis and Materialize cannot offer support for this module.
The module has been tested with:
- PostgreSQL 15
- Materialize Operator v0.1.0
Name | Version |
---|---|
terraform | >= 1.0 |
aws | ~> 5.0 |
helm | ~> 2.0 |
kubernetes | ~> 2.0 |
Name | Version |
---|---|
aws | 5.76.0 |
Name | Source | Version |
---|---|---|
database | ./modules/database | n/a |
eks | ./modules/eks | n/a |
networking | ./modules/networking | n/a |
storage | ./modules/storage | n/a |
Name | Type |
---|---|
aws_cloudwatch_log_group.materialize | resource |
aws_iam_access_key.materialize_user | resource |
aws_iam_role.materialize_s3 | resource |
aws_iam_role_policy.materialize_s3 | resource |
aws_iam_user.materialize | resource |
aws_iam_user_policy.materialize_s3 | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
availability_zones | List of availability zones | list(string) |
[ |
no |
bucket_force_destroy | Enable force destroy for the S3 bucket | bool |
false |
no |
bucket_lifecycle_rules | List of lifecycle rules for the S3 bucket | list(object({ |
[ |
no |
bucket_name | Name of the S3 bucket | string |
n/a | yes |
bucket_prefix | Prefix for the S3 bucket | string |
"system" |
no |
cluster_enabled_log_types | List of desired control plane logging to enable | list(string) |
[ |
no |
cluster_name | Name of the EKS cluster | string |
"materialize-cluster" |
no |
cluster_version | Kubernetes version for the EKS cluster | string |
"1.31" |
no |
database_name | Name of the database to create | string |
"materialize" |
no |
database_password | Password for the database (should be provided via tfvars or environment variable) | string |
n/a | yes |
database_username | Username for the database | string |
"materialize" |
no |
db_allocated_storage | Allocated storage for the RDS instance (in GB) | number |
20 |
no |
db_identifier | Identifier for the RDS instance | string |
"materialize-db" |
no |
db_instance_class | Instance class for the RDS instance | string |
"db.t3.medium" |
no |
db_max_allocated_storage | Maximum storage for autoscaling (in GB) | number |
100 |
no |
db_multi_az | Enable multi-AZ deployment for RDS | bool |
false |
no |
enable_bucket_encryption | Enable server-side encryption for the S3 bucket | bool |
true |
no |
enable_bucket_versioning | Enable versioning for the S3 bucket | bool |
true |
no |
enable_cluster_creator_admin_permissions | To add the current caller identity as an administrat | bool |
true |
no |
enable_monitoring | Enable CloudWatch monitoring | bool |
true |
no |
environment | Environment name (e.g., prod, staging, dev) | string |
"dev" |
no |
log_group_name_prefix | Prefix for the CloudWatch log group name (will be combined with environment name) | string |
"materialize" |
no |
metrics_retention_days | Number of days to retain CloudWatch metrics | number |
7 |
no |
mz_iam_policy_name | Name of the IAM policy for Materialize S3 access | string |
"materialize-s3-access" |
no |
mz_iam_role_name | Name of the IAM role for Materialize S3 access (will be prefixed with environment name) | string |
"materialize-s3-role" |
no |
mz_iam_service_account_name | Name of the IAM user for Materialize service authentication (will be prefixed with environment name) | string |
"materialize-user" |
no |
namespace | Namespace for Materialize resources | string |
"materialize-environment" |
no |
node_group_ami_type | AMI type for the node group | string |
"AL2023_x86_64_STANDARD" |
no |
node_group_capacity_type | Capacity type for worker nodes (ON_DEMAND or SPOT) | string |
"ON_DEMAND" |
no |
node_group_desired_size | Desired number of worker nodes | number |
2 |
no |
node_group_instance_types | Instance types for worker nodes. Recommended Configuration for Running Materialize with disk: - Tested instance types: m6g , m7g families (ARM-based Graviton instances)- AMI: AWS Bottlerocket (optimized for container workloads) - Note: Ensure instance store volumes are available and attached to the nodes for optimal performance with disk-based workloads. |
list(string) |
[ |
no |
node_group_max_size | Maximum number of worker nodes | number |
4 |
no |
node_group_min_size | Minimum number of worker nodes | number |
1 |
no |
postgres_version | Version of PostgreSQL to use | string |
"15" |
no |
private_subnet_cidrs | CIDR blocks for private subnets | list(string) |
[ |
no |
public_subnet_cidrs | CIDR blocks for public subnets | list(string) |
[ |
no |
service_account_name | Name of the service account | string |
"12345678-1234-1234-1234-123456789012" |
no |
single_nat_gateway | Use a single NAT Gateway for all private subnets | bool |
false |
no |
tags | Default tags to apply to all resources | map(string) |
{ |
no |
vpc_cidr | CIDR block for VPC | string |
"10.0.0.0/16" |
no |
vpc_name | Name of the VPC | string |
"materialize-vpc" |
no |
Name | Description |
---|---|
database_endpoint | RDS instance endpoint |
eks_cluster_endpoint | EKS cluster endpoint |
materialize_s3_role_arn | The ARN of the IAM role for Materialize |
metadata_backend_url | PostgreSQL connection URL in the format required by Materialize |
oidc_provider_arn | The ARN of the OIDC Provider |
persist_backend_url | S3 connection URL in the format required by Materialize using IRSA |
s3_bucket_name | Name of the S3 bucket |
vpc_id | VPC ID |
After successfully deploying the infrastructure with this module, you'll need to:
- (Optional) Configure storage classes
- Install the Materialize Operator
- Deploy your first Materialize environment
See our Operator Installation Guide for instructions.