CNE: AWS Ready - Bootstrap Configuration Reference

The following configuration defines the cloud infrastructure, GitOps synchronization settings, and bootstrap execution options for Cloud Native Experience (CNE) deployments. Required variables are marked in the Default column. Variables required for multiple phases appear only once for brevity.

EKS Infrastructure Variables

These variables define the core AWS network and Kubernetes cluster environment.

Name	Type	Default	Description
`arn_partition`	String	`"aws"`	AWS ARN partition identifier (e.g., `"aws"`, `"aws-cn"`, or `"aws-us-gov"`).
`deployment_name`	String	(Required)	Unique identifier for the deployment; used for resource naming (lowercase, numbers, hyphens only).
`gateway_namespace`	String	`"envoy-gateway-system"`	Namespace where Envoy API Gateway resources are created.
`max_availability_zones`	Integer	`1`	Number of Availability Zones used in the region.
`private_subnets`	List(String)	`null`	Additional CIDR blocks for private subnets (internal resources).
`public_subnets`	List(String)	`null`	Additional CIDR blocks for public subnets (internet-facing resources).
`region`	String	(Required)	Region where the cluster is deployed.
`vpc_cidr`	String	`"10.0.0.0/16"`	CIDR block for the entire VPC network.

GitOps - Platform Variables

These variables define the namespaces for core GitOps and operator components.

Name	Type	Default	Description
`argo_workflows_namespace`	String	`"argo-workflows-system"`	Namespace where ArgoCD Workflows engine components are installed.
`argocd_namespace`	String	`"argocd-system"`	Namespace where ArgoCD components are installed.
`crossplane_namespace`	String	`"crossplane-system"`	Namespace for Crossplane installation.
`external_secrets_namespace`	String	`"external-secrets-system"`	Namespace for the External Secrets Operator.

GitOps - Resources Variables

These variables configure how Liferay and its infrastructure dependencies are managed via GitOps.

Name	Type	Default	Description
`argocd_domain_config`	Object	`{}`	Domain and TLS external secret configuration for ArgoCD.
`external_secret_store_provider_hcl`	Object	`null`	HashiCorp Configuration Language (HCL) configuration for an external secrets store. If not set, the system uses AWS Secrets Manager by default.
`gateway_class_name`	String	`"liferay-gateway-class"`	GatewayClass name used by the provider.
`infrastructure_git_repo_config`	Object	(See Git Repository Configuration)	Configuration options for the infrastructure Git repository.
`infrastructure_helm_chart_config`	Object	(See Infrastructure Helm Chart Configuration)	Configuration options for the infrastructure Helm chart.
`infrastructure_provider_helm_chart_config`	Object	(See Infrastructure Helm Chart Configuration)	Configuration options for the infrastructure provider Helm chart.
`liferay_git_repo_url`	String	(Required)	Git repository URL for the Liferay configuration repository.
`liferay_helm_chart_name`	String	`"liferay-aws"`	Name of the chart (for example `"liferay-default"`, `"liferay-aws"`, or `"liferay-aws-marketplace"`).
`liferay_helm_chart_version`	String	(Required)	Version of the Liferay Helm chart to deploy.

Git Repository Configuration

The infrastructure_git_repo_config variable defines repository access, source paths, and Argo CD target settings.

Auth Options (`auth`)

Property	Type	Default	Description
`credentials_secret_name`	String	`"liferay/credentials/gitops"`	Secret name in the external vault that stores Git credentials.
`internal_secret_name`	String	`"gitops-credentials"`	Kubernetes secret name used by Argo CD.
`method`	String	`"https"`	Authentication method: `https` or `ssh`.
`ssh_private_key_property`	String	`"git_ssh_private_key"`	Vault property name for the SSH private key.
`token_property`	String	`"git_access_token"`	Vault property name for the Git access token.
`username_property`	String	`"git_machine_user_id"`	Vault property name for the Git user ID.

Revision

Property	Type	Default	Description
`revision`	String	`"HEAD"`	Git revision or branch to track.

Source Paths (`source_paths`)

Property	Type	Default	Description
`base`	String	`"liferay/projects/{{path[2]}}/base"`	Base path pattern for project configurations.
`environment`	String	`"liferay/projects//environments/"`	Glob pattern for environment directories.
`infrastructure_provider_values_filename`	String	`"infrastructure-provider.yaml"`	Filename for infrastructure provider values.
`system`	String	`"liferay/system"`	Path for system-level configurations.
`values_filename`	String	`"infrastructure.yaml"`	Filename for infrastructure Helm values.

Target Options (`target`)

Property	Type	Default	Description
`name`	String	`"{{path[2]}}-{{path[4]}}-infra"`	Argo CD application naming pattern.
`namespaceSuffix`	String	`"{{path[2]}}-{{path[4]}}"`	Namespace suffix pattern.
`slugEnvironmentId`	String	`"{{path[4]}}"`	Environment identifier from the path.
`slugProjectId`	String	`"{{path[2]}}"`	Project identifier from the path.

URL Override

Property	Type	Default	Description
`url`	String	`null`	Optional Git repository URL override. Applies only to `infrastructure_git_repo_config`.

Example

Default structure for infrastructure_git_repo_config:

{
   "infrastructure_git_repo_config": {
      "auth": {
         "credentials_secret_name": "liferay/credentials/gitops",
         "internal_secret_name": "gitops-credentials",
         "method": "https",
         "ssh_private_key_property": "git_ssh_private_key",
         "token_property": "git_access_token",
         "username_property": "git_machine_user_id"
      },
      "revision": "HEAD",
      "source_paths": {
         "base": "liferay/projects/{{path[2]}}/base",
         "environment": "liferay/projects/*/environments/*",
         "infrastructure_provider_values_filename": "infrastructure-provider.yaml",
         "system": "liferay/system",
         "values_filename": "infrastructure.yaml"
      },
      "target": {
         "name": "{{path[2]}}-{{path[4]}}-infra",
         "namespaceSuffix": "{{path[2]}}-{{path[4]}}",
         "slugEnvironmentId": "{{path[4]}}",
         "slugProjectId": "{{path[2]}}"
      },
      "url": null
   }
}

Bootstrap Options

The bootstrap script supports additional options that control how Terraform runs during the bootstrap process. Define these options in a root-level options object in config.json.

Name	Type	Default	Description
`auto_approve`	Boolean	`false`	Runs `terraform apply` without prompting for confirmation.
`parallelism`	Integer	`10`	Maximum number of resources Terraform creates or updates concurrently. Reduce this value if Kubernetes API calls become overloaded.

Example

{
   "options": {
      "auto_approve": true,
      "parallelism": 5
   },
   "provider": "aws",
   "variables": {...}
}

Infrastructure Helm Chart Configuration

`infrastructure_helm_chart_config`

Property	Type	Default	Description
`chart_name`	String	`"liferay-aws-infrastructure"`	Infrastructure Helm chart name.
`chart_url`	String	`"oci://us-central1-docker.pkg.dev/external-assets-prd/liferay-helm-chart/liferay-aws-infrastructure"`	OCI registry URL for the chart.
`path`	String	`null`	Local path to the chart (if not using OCI).
`version`	String	`"0.3.1"`	Helm chart version.

`infrastructure_provider_helm_chart_config`

Property	Type	Default	Description
`chart_name`	String	`"liferay-aws-infrastructure-provider"`	Infrastructure provider Helm chart name.
`chart_url`	String	`"oci://us-central1-docker.pkg.dev/external-assets-prd/liferay-helm-chart/liferay-aws-infrastructure-provider"`	OCI registry URL for the chart.
`path`	String	`null`	Local path to the chart (if not using OCI).
`version`	String	`"0.2.2"`	Helm chart version.

Capability:

Cloud

DXP Self-Hosted Installation, Maintenance, and Administration

Resource Type:

Official Documentation

Deployment Approach:

Liferay PaaS

Liferay Self-Hosted