Temporal with RDS

To deploy temporal with Immuta 2024.3.3 against an RDS database you must mout the RDS CA bundle into the pod:

wget https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
kubectl -n immuta create secret generic secret-with-certs --from-file=global-bundle.pem

temporal:
  enabled: true
  server:
    extraVolumes:
      - name: secret-with-certs
        secret:
          secretName: secret-with-certs
    extraVolumeMounts:
      - name: secret-with-certs
        mountPath: /certs/
    config:
      persistence:
        default:
          sql:
            database: temporal
            tls:
              caFile: /certs/global-bundle.pem
              enabled: true
        visibility:
          sql:
            database: temporal_visibility
            tls:
              caFile: /certs/global-bundle.pem
              enabled: true

Note that there will be some failures/restarts when coming up:

PreviousLegacy Audit - no Elasticsearch NextSetting Up OpenSearch User Pemissions

Last updated 1 month ago