Helm Chart Configuration Options
Last updated
Last updated
The Helm Chart includes components that make up your Immuta infrastructure, and you can change these values to tailor your Immuta infrastructure to suit your needs. The tables below include parameter descriptions and default values for all components in the Helm Chart.
When installing Immuta, download immuta-values.yaml
and update the values to your preferred settings.
See the for guidance and best practices.
Parameter | Description | Default |
---|
These values are used when backup.type=s3
.
These values are used when backup.type=azblob
.
These values are used when backup.type=gs
.
tls.manageGeneratedSecret
may cause issues with helm install
.
In most cases, tls.manageGeneratedSecret
should only be set to true when Helm is not being used to install the release (i.e., Argo CD).
If tls.manageGeneratedSecret
is set to true when used with the default TLS generation hook configuration, you will encounter an error similar to the following.
Error: secrets "immuta-tls" already exists
You can work around this error by configuring the TLS generation hook to run as a post-install
hook.
However, this configuration is not compatible with helm install --wait
. If the --wait
flag is used, the command will timeout and fail.
The Metadata Database component can be configured to use either the built-in Kubernetes deployment or an external PostgreSQL database.
The following Helm values are shared between both built-in and external databases.
These values are used when database.enabled=true
.
These values are used when database.enabled=false
.
If you will only use integrations, port 5432 is optional. Using the built-in Ingress Nginx Controller, you can disable it by setting the value to false
.
The Cleanup hook is a Helm post-delete hook that is responsible for cleaning up some resources that are not deleted by Helm.
The database initialize hook is used to initialize the external database when database.enabled=false
.
The TLS generation hook is a Helm pre-install hook that is responsible for generating TLS certificates used for connections between the Immuta pods.
Deprecation Warning
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
Parameter | Description | Default |
---|
The following values are deprecated. Values should be migrated to cache
and cache.memcached
. See for replacement values.
Parameter | Description | Default |
---|