# yaml-language-server: $schema=../../../mdaa/schemas/@aws-mdaa/cli.json

# All resources will be deployed to the default region specified in the environment or AWS configurations.
# Can optional specify a specific AWS Region Name.
region: default

# One or more tag tags which will be applied to all deployed resources
tag_configs:
  - ./tags.yaml

## Pre-Deployment Instructions

# TODO: Set an appropriate, unique organization name
# Failure to do so may resulting in global naming conflicts.
organization: <unique-org-name>

# One or more domains may be specified. Domain name will be incorporated by default naming implementation
# to prefix all resource names.
domains:
  # The named of the domain. In this case, we are building a 'shared' domain.
  govern1:
    # One or more environments may be specified, typically along the lines of 'dev', 'test', and/or 'prod'
    environments:
      # The environment name will be incorporated into resource name by the default naming implementation.
      dev:
        # The target deployment account can be specified per environment.
        # If 'default' or not specified, the account configured in the environment will be assumed.
        account: default
        # The list of modules which will be deployed. A module points to a specific MDAA CDK App, and
        # specifies a deployment configuration file if required.
        modules:
          # This module will create all the roles required for the datalake, as well as dataops layers running on top
          roles: # The module name (ie 'roles') will be incorporated into resource name by the default naming implementation.
            module_path: '@aws-mdaa/roles'
            module_configs:
              - ./common/governance/roles.yaml
          # This module will ensure the Glue Catalog is KMS encrypted.
          glue-catalog:
            module_path: '@aws-mdaa/glue-catalog'
          # This module will ensure that LakeFormation is configured to not
          # automatically generate IAMAllowedPrincipal grants on new databases and tables.
          lakeformation-settings:
            module_path: '@aws-mdaa/lakeformation-settings'
            module_configs:
              - ./common/governance/lakeformation-settings.yaml
          # This module will ensure that LakeFormation is configured to not
          # automatically generate IAMAllowedPrincipal grants on new databases and tables.
          datazone:
            module_path: '@aws-mdaa/datazone'
            module_configs:
              - ./domain1/governance/datazone.yaml

  data1:
    # One or more environments may be specified, typically along the lines of 'dev', 'test', and/or 'prod'
    environments:
      # The environment name will be incorporated into resource name by the default naming implementation.
      dev:
        # The target deployment account can be specified per environment.
        # If 'default' or not specified, the account configured in the environment will be assumed.
        account: default
        modules:
          # This module will deploy the S3 data lake buckets.
          # Coarse grained access may be granted directly to S3 for certain roles.
          datalake:
            module_path: '@aws-mdaa/datalake'
            module_configs:
              - ./domain1/data/datalake.yaml

  # The named of the domain. In this case, we are building a 'dataops' domain.
  dataops1:
    # One or more environments may be specified, typically along the lines of 'dev', 'test', and/or 'prod'
    environments:
      # The environment name will be incorporated into resource name by the default naming implementation.
      dev:
        # The target deployment account can be specified per environment.
        # If 'default' or not specified, the account configured in the environment will be assumed.
        account: default
        # The list of modules which will be deployed. A module points to a specific MDAA CDK App, and
        # specifies a deployment configuration file if required.
        modules:
          # This module will create DataOps Project resources which can be shared
          # across multiple
          project1:
            module_path: '@aws-mdaa/dataops-project'
            module_configs:
              - ./domain1/dataops/project1.yaml
          crawler1:
            module_path: '@aws-mdaa/dataops-crawler'
            module_configs:
              - ./domain1/dataops/crawler1.yaml
          # This module will create DataOps Project resources which can be shared
          # across multiple
          project2:
            module_path: '@aws-mdaa/dataops-project'
            module_configs:
              - ./domain1/dataops/project2.yaml
          # This module will create DataOps Project resources which can be shared
          # across multiple
          project3:
            module_path: '@aws-mdaa/dataops-project'
            module_configs:
              - ./domain1/dataops/project3.yaml