global.tf
: top-level networking configuration for a cluster that Validators can run in.main.tf
: configures Validators for deployment.iam_kms
module creates an IAM user and a KMS key for secure signing operations. It also sets up IAM policies and attachments to grant the necessary permissions for using the KMS key and other AWS services, such as S3, EFS and ECS later on.
s3
module creates an S3 bucket for storing Validator-related data, such as signatures. It also sets bucket policies to manage access and permissions, including public access restrictions and versioning.
efs
module defines an EFS file system and access point, allowing the Validator application to store and access data on EFS. It also sets up a mount target for connecting the EFS file system to the network.
validator
module.validator
module uses all of the above to integrate the EFS, IAM/KMS, and S3 configurations.
In addition to:
validator
module.
outputs.tf
passes forward all outputs from the Validators configured in main.tf
. You will have to update this as you add, modify or remove Validators.
DefaultLogGroup
. To separate them per agent, you may have to adjust the log group name and update the agent’s log policy with the new group name.