LogoLogo
Public Knowledge Base
Public Knowledge Base
  • Self-hosted Immuta
    • Official Immuta Self-Managed Deployment Documentation
    • What's new in 2024.2?
    • Deployment Options
      • AWS Immuta Deployment
      • Azure Immuta Deployment
      • K3s Deployment
      • SUSE Rancher Kubernetes Engine (RKE2) Deployment
      • In-cluster PostgreSQL using Crunchydata
      • In-cluster Elasticsearch using Elastic Cloud on Kubernetes (ECK)
      • Production Linkerd with AWS Private CA issuer
      • Deploying Linkerd via Open Source Linkerd
      • Deploying Linkerd Service Mesh via Buoyant Enterprise for Linkerd
      • Uninstalling Linkerd
      • Upgrading to Immuta 2024.2 LTS
      • LTS Upgrade via Legacy Chart
      • Legacy Audit - no Elasticsearch
      • Temporal with RDS
      • Setting Up OpenSearch User Pemissions
    • Air gapped installations
      • Immuta Installation on k3s in Air Gapped environment
      • Air-gapped Installation Artifact Transfer
  • Excessive failed jobs in pgboss impacting system performance
  • Example Trino installation via Open Source Helm Chart
  • Immuta Installation on Self Managed Infrastructure Overview
  • Repeatable k3s stack deployment on AWS EC2
  • Trino OAuth2 and JWT via Okta
  • Copy of Okta Attribute Mapping
Powered by GitBook
On this page
  1. Self-hosted Immuta
  2. Deployment Options

Temporal with RDS

To deploy temporal with Immuta 2024.3.3 against an RDS database you must mout the RDS CA bundle into the pod: 

wget https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
kubectl -n immuta create secret generic secret-with-certs --from-file=global-bundle.pem
temporal:
  enabled: true
  server:
    extraVolumes:
      - name: secret-with-certs
        secret:
          secretName: secret-with-certs
    extraVolumeMounts:
      - name: secret-with-certs
        mountPath: /certs/
    config:
      persistence:
        default:
          sql:
            database: temporal
            tls:
              caFile: /certs/global-bundle.pem
              enabled: true
        visibility:
          sql:
            database: temporal_visibility
            tls:
              caFile: /certs/global-bundle.pem
              enabled: true

Note that there will be some failures/restarts when coming up:

PreviousLegacy Audit - no ElasticsearchNextSetting Up OpenSearch User Pemissions

Last updated 6 months ago