From c9951a7ccff44f73ad35409ad5a38f04278a4158 Mon Sep 17 00:00:00 2001 From: Darwin Rinderer Date: Wed, 1 Oct 2025 11:20:29 -0400 Subject: [PATCH 1/4] docs: update mpc-party readme --- modules/mpc-party/README.md | 86 ++++++++++++++++++++----------------- 1 file changed, 46 insertions(+), 40 deletions(-) diff --git a/modules/mpc-party/README.md b/modules/mpc-party/README.md index 022f131..aa5edb2 100644 --- a/modules/mpc-party/README.md +++ b/modules/mpc-party/README.md @@ -65,6 +65,12 @@ graph TB ## Usage +> **ℹ️ Info** +> +> The `Complete` and `Database-Only` examples provided below are to simply show the full set of variables that can be configured for the `mpc-party` module. +> The examples are **not intended for usage as-is** in a deployment context for Zama testnet or mainnet! +> Please refer to the [terraform.tfvars.example](../../examples/mpc-party/terraform.tfvars.example) file in `examples/mpc-party` for a functional example usable in deployment contexts + ### Complete Example with All Options ```terraform @@ -72,10 +78,10 @@ module "mpc_party" { source = "./modules/mpc-party" # Core Configuration - party_name = "mpc-party-production" + party_name = "mpc-party-production" vault_private_bucket_name = "prod-mpc-private-${random_id.suffix.hex}" vault_public_bucket_name = "prod-mpc-public-${random_id.suffix.hex}" - cluster_name = "production-eks-cluster" + cluster_name = "production-eks-cluster" # Network Environment & Region Validation network_environment = "mainnet" # or "testnet" @@ -88,7 +94,7 @@ module "mpc_party" { k8s_service_account_name = "mpc-party-sa" create_namespace = true create_service_account = true - create_irsa = true + create_irsa = true # Namespace Customization namespace_labels = { @@ -101,27 +107,27 @@ module "mpc_party" { } # ConfigMap Configuration - create_config_map = true - config_map_name = "mpc-party-config" + create_config_map = true + config_map_name = "mpc-party-config" additional_config_data = { "LOG_LEVEL" = "info" "ENVIRONMENT" = "production" } # RDS Database Configuration - enable_rds = true - rds_prefix = "zama" - rds_db_name = "mpc_production" - rds_username = "mpc_user" - rds_engine = "postgres" - rds_engine_version = "17.2" - rds_instance_class = "db.t4g.large" - rds_allocated_storage = 100 - rds_max_allocated_storage = 500 - rds_multi_az = true - rds_backup_retention_period = 14 - rds_deletion_protection = false - rds_storage_encrypted = true + enable_rds = true + rds_prefix = "zama" + rds_db_name = "mpc_production" + rds_username = "mpc_user" + rds_engine = "postgres" + rds_engine_version = "17.2" + rds_instance_class = "db.t4g.large" + rds_allocated_storage = 100 + rds_max_allocated_storage = 500 + rds_multi_az = true + rds_backup_retention_period = 14 + rds_deletion_protection = false + rds_storage_encrypted = true rds_manage_master_user_password = true # RDS Network Configuration @@ -141,23 +147,23 @@ module "mpc_party" { ] # RDS Kubernetes Integration - rds_create_externalname_service = true - rds_externalname_service_name = "mpc-db-external" + rds_create_externalname_service = true + rds_externalname_service_name = "mpc-db-external" rds_externalname_service_namespace = "mpc-production" # Node Group Configuration - create_nodegroup = true - nodegroup_name = "mpc-production-ng" - nodegroup_instance_types = ["m5.4xlarge"] - nodegroup_min_size = 1 - nodegroup_max_size = 3 - nodegroup_desired_size = 2 - nodegroup_disk_size = 100 - nodegroup_capacity_type = "ON_DEMAND" - nodegroup_ami_type = "AL2023_x86_64_STANDARD" + create_nodegroup = true + nodegroup_name = "mpc-production-ng" + nodegroup_instance_types = ["m5.4xlarge"] + nodegroup_min_size = 1 + nodegroup_max_size = 3 + nodegroup_desired_size = 2 + nodegroup_disk_size = 100 + nodegroup_capacity_type = "ON_DEMAND" + nodegroup_ami_type = "AL2023_x86_64_STANDARD" # Node Group Security - nodegroup_enable_remote_access = false + nodegroup_enable_remote_access = false nodegroup_additional_security_group_ids = ["sg-12345678"] # Node Group Labels and Taints @@ -173,8 +179,8 @@ module "mpc_party" { kms_deletion_window_in_days = 30 # Resource Overrides for Nitro Enclaves - nitro_enclaves_override_cpu_count = 6 - nitro_enclaves_override_memory_mib = 12288 + nitro_enclaves_override_cpu_count = 6 + nitro_enclaves_override_memory_mib = 12288 # Tagging common_tags = { @@ -200,24 +206,24 @@ module "mpc_party" { source = "./modules/mpc-party" # Core Configuration - party_name = "mpc-party-db" + party_name = "mpc-party-db" vault_private_bucket_name = "mpc-private-${random_id.suffix.hex}" vault_public_bucket_name = "mpc-public-${random_id.suffix.hex}" - cluster_name = "existing-eks-cluster" + cluster_name = "existing-eks-cluster" # Kubernetes Configuration k8s_namespace = "mpc-db" k8s_service_account_name = "mpc-db-sa" create_namespace = true create_service_account = true - create_irsa = true + create_irsa = true # RDS Configuration - enable_rds = true - rds_db_name = "mpc_database" - rds_username = "mpc_admin" - rds_instance_class = "db.t4g.medium" - rds_allocated_storage = 50 + enable_rds = true + rds_db_name = "mpc_database" + rds_username = "mpc_admin" + rds_instance_class = "db.t4g.medium" + rds_allocated_storage = 50 rds_manage_master_user_password = true rds_create_externalname_service = true From e27a536807414427cfa9e041355e7d5e1c9b2ca8 Mon Sep 17 00:00:00 2001 From: Darwin Rinderer Date: Wed, 1 Oct 2025 11:25:06 -0400 Subject: [PATCH 2/4] docs: pre-pr review --- examples/mpc-party/terraform.tfvars.example | 11 ++++++----- modules/mpc-party/README.md | 3 ++- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/examples/mpc-party/terraform.tfvars.example b/examples/mpc-party/terraform.tfvars.example index 08726e5..759d1bf 100644 --- a/examples/mpc-party/terraform.tfvars.example +++ b/examples/mpc-party/terraform.tfvars.example @@ -1,11 +1,11 @@ # Network Environment Configuration -network_environment = "testnet" +network_environment = "testnet" # or mainnet # AWS Configuration aws_region = "eu-west-1" # MPC Party Configuration -party_id = 1 +party_id = 1 party_name = "mpc-party-2" environment = "dev" @@ -27,7 +27,7 @@ kubeconfig_path = "~/.kube/config" kubeconfig_context = "tailscale-operator-zws-dev.diplodocus-boa.ts.net" # Tagging -owner = "mpc-team" +owner = "mpc-team" additional_tags = { "Project" = "mpc-infrastructure" "Team" = "security" @@ -58,8 +58,9 @@ nodegroup_labels = { nodegroup_additional_security_group_ids = ["sg-04e41735e6bdc6007"] nodegroup_enable_nitro_enclaves = true nodegroup_enable_ssm_managed_instance = true + # Nitro Enclaves Configuration for MPC Party -kms_enabled_nitro_enclaves = true +kms_enabled_nitro_enclaves = true # This image attestation SHA must be updated for each KMS enclave release image. kms_image_attestation_sha = "5292569b5945693afcde78e5a0045f4bf8c0a594d174baf1e6bccdf0e6338ebe46e89207054e0c48d0ec6deef80284ac" -kms_deletion_window_in_days = 7 +kms_deletion_window_in_days = 7 \ No newline at end of file diff --git a/modules/mpc-party/README.md b/modules/mpc-party/README.md index aa5edb2..349e22d 100644 --- a/modules/mpc-party/README.md +++ b/modules/mpc-party/README.md @@ -69,7 +69,8 @@ graph TB > > The `Complete` and `Database-Only` examples provided below are to simply show the full set of variables that can be configured for the `mpc-party` module. > The examples are **not intended for usage as-is** in a deployment context for Zama testnet or mainnet! -> Please refer to the [terraform.tfvars.example](../../examples/mpc-party/terraform.tfvars.example) file in `examples/mpc-party` for a functional example usable in deployment contexts +> +> Please refer to the [terraform.tfvars.example](../../examples/mpc-party/terraform.tfvars.example) file in `examples/mpc-party` for a closer repesentation of configuration usable in deployment contexts. But as always, ensure conformance with broader infrastructre base layer before deploying. ### Complete Example with All Options From 2e77b4ee0bc1c56280096498bdf8668feb533860 Mon Sep 17 00:00:00 2001 From: Darwin Rinderer Date: Wed, 1 Oct 2025 11:25:49 -0400 Subject: [PATCH 3/4] docs: pre-pr review --- modules/mpc-party/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/mpc-party/README.md b/modules/mpc-party/README.md index 349e22d..3c08e19 100644 --- a/modules/mpc-party/README.md +++ b/modules/mpc-party/README.md @@ -68,6 +68,7 @@ graph TB > **ℹ️ Info** > > The `Complete` and `Database-Only` examples provided below are to simply show the full set of variables that can be configured for the `mpc-party` module. +> > The examples are **not intended for usage as-is** in a deployment context for Zama testnet or mainnet! > > Please refer to the [terraform.tfvars.example](../../examples/mpc-party/terraform.tfvars.example) file in `examples/mpc-party` for a closer repesentation of configuration usable in deployment contexts. But as always, ensure conformance with broader infrastructre base layer before deploying. From 6af4ea0deeeed8a5dbb70f7daece11a0113b5d54 Mon Sep 17 00:00:00 2001 From: Darwin Rinderer Date: Wed, 1 Oct 2025 11:48:30 -0400 Subject: [PATCH 4/4] docs: address ci errors --- examples/mpc-party/terraform.tfvars.example | 2 +- modules/mpc-party/README.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/mpc-party/terraform.tfvars.example b/examples/mpc-party/terraform.tfvars.example index 759d1bf..2fe90d3 100644 --- a/examples/mpc-party/terraform.tfvars.example +++ b/examples/mpc-party/terraform.tfvars.example @@ -63,4 +63,4 @@ nodegroup_enable_ssm_managed_instance = true kms_enabled_nitro_enclaves = true # This image attestation SHA must be updated for each KMS enclave release image. kms_image_attestation_sha = "5292569b5945693afcde78e5a0045f4bf8c0a594d174baf1e6bccdf0e6338ebe46e89207054e0c48d0ec6deef80284ac" -kms_deletion_window_in_days = 7 \ No newline at end of file +kms_deletion_window_in_days = 7 diff --git a/modules/mpc-party/README.md b/modules/mpc-party/README.md index 3c08e19..15c9741 100644 --- a/modules/mpc-party/README.md +++ b/modules/mpc-party/README.md @@ -66,8 +66,8 @@ graph TB ## Usage > **ℹ️ Info** -> -> The `Complete` and `Database-Only` examples provided below are to simply show the full set of variables that can be configured for the `mpc-party` module. +> +> The `Complete` and `Database-Only` examples provided below are to simply show the full set of variables that can be configured for the `mpc-party` module. > > The examples are **not intended for usage as-is** in a deployment context for Zama testnet or mainnet! >