# All resources will be deployed to the default region specified in the environment or AWS configurations. # Can optional specify a specific AWS Region Name. region: default # One or more tag files containing tags which will be applied to all deployed resources tag_configs: - ./tags.yaml ## Pre-Deployment Instructions # TODO: Set an appropriate, unique organization name # Failure to do so may resulting in global naming conflicts. organization: <unique-org-name> # One or more domains may be specified. Domain name will be incorporated by default naming implementation # to prefix all resource names. domains: # The named of the domain. In this case, we are building a 'shared' domain. shared: # One or more environments may be specified, typically along the lines of 'dev', 'test', and/or 'prod' environments: # The environment name will be incorporated into resource name by the default naming implementation. dev: # The target deployment account can be specified per environment. # If 'default' or not specified, the account configured in the environment will be assumed. account: default # The list of modules which will be deployed. A module points to a specific MDAA CDK App, and # specifies a deployment configuration file if required. modules: # This module will create all of the roles required for the datalake, as well as dataops layers running on top roles: # The module name (ie 'roles') will be incorporated into resource name by the default naming implementation. module_path: "@aws-mdaa/roles" module_configs: - ./roles.yaml # This module will deploy the S3 data lake buckets. # Coarse grained access may be granted directly to S3 for certain roles. datalake: module_path: "@aws-mdaa/datalake" module_configs: - ./datalake/datalake.yaml # This module will ensure the Glue Catalog is KMS encrypted. # Comment this out if there are multiple MDAA deployments into an account. glue-catalog: module_path: "@aws-mdaa/glue-catalog" # This module will ensure that LakeFormation is configured to # automatically generate IAMAllowedPrincipal grants on new databases and tables. # This effectively delegates all Glue resource access controls # to IAM. lakeformation-settings: module_path: "@aws-mdaa/lakeformation-settings" module_configs: - ./datalake/lakeformation-settings.yaml # This module will create an Athena Workgroup which can be used to query # the data lake. athena: module_path: "@aws-mdaa/athena-workgroup" module_configs: - ./datalake/athena.yaml # The named of the domain. In this case, we are building a 'dataops' domain. dataops: # One or more environments may be specified, typically along the lines of 'dev', 'test', and/or 'prod' environments: # The environment name will be incorporated into resource name by the default naming implementation. dev: # The target deployment account can be specified per environment. # If 'default' or not specified, the account configured in the environment will be assumed. account: default # The list of modules which will be deployed. A module points to a specific MDAA CDK App, and # specifies a deployment configuration file if required. modules: # This module will create DataOps Project resources which can be shared # across multiple example-project: module_path: "@aws-mdaa/dataops-project" module_configs: - ./dataops/project.yaml example-crawler: module_path: "@aws-mdaa/dataops-crawler" module_configs: - ./dataops/crawler.yaml