Cluster Advanced Settings

To further fine-tune your Qovery infrastructure, you can set advanced settings through the Qovery API endpoint.

All clusters have access to advanced settings, you can find where they are available in the documentation below with those badges mentioning for which Cloud provider they are available:

You will also find badges mentioning for which components it will be applied:

Below is the list of advanced settings currently available for clusters.

Logs

aws.cloudwatch.eks_logs_retention_days

TypeDescriptionDefault Value
integerMaximum retention days in Cloudwatch for EKS logs.
(possible values: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 2192, 2557, 2922, 3288, 3653)
90

aws.vpc.enable_s3_flow_logs

TypeDescriptionDefault Value
booleanEnable flow logs on the cluster VPC and store them in an s3 bucket.false

aws.vpc.flow_logs_retention_days

TypeDescriptionDefault Value
integerSet the number of retention days for flow logs. Unlimited retention with value 0365

loki.log_retention_in_week

TypeDescriptionDefault Value
integerMaximum Kubernetes pods (containers/application/jobs/cronjob) retention logs in weeks.12 (84 days)

Image registry

registry.image_retention_time

TypeDescriptionDefault Value
integerAllows you to specify an amount in seconds after which images in the default registry are deleted.31536000 (1 year)

cloud_provider.container_registry.tags

TypeDescriptionDefault Value
Map<String, String>Add additional tags on the cluster dedicated registry

Network

load_balancer.size

TypeDescriptionDefault Value
stringAllows you to specify the load balancer size in front of your cluster.lb-s

database.postgresql.deny_public_access

TypeDescriptionDefault Value
booleanDeny public access to all PostgreSQL databases. When true, configure the CIDR range you want to allow within the associated allowed_cidrs parameter (default is "any IP").
⚠️ Public access to managed databases will instantly be removed
⚠️ Public access to container databases will be removed only after a database redeployment
false

database.postgresql.allowed_cidrs

TypeDescriptionDefault Value
booleanList of allowed CIDRS. Valid only when database.postgresql.deny_public_access is set to true["0.0.0.0/0"]

database.mysql.deny_public_access

TypeDescriptionDefault Value
booleanDeny public access to all MySQL databases. When true, configure the CIDR range you want to allow within the associated allowed_cidrs parameter (default is "any IP").
⚠️ Public access to managed databases will instantly be removed
⚠️ Public access to container databases will be removed only after a database redeployment
false

database.mysql.allowed_cidrs

TypeDescriptionDefault Value
booleanList of allowed CIDRS. Valid only when database.mysql.deny_public_access is set to true["0.0.0.0/0"]

database.mongodb.deny_public_access

TypeDescriptionDefault Value
booleanDeny public access to all MongoDB databases. When true, configure the CIDR range you want to allow within the associated allowed_cidrs parameter (default is "any IP").
⚠️ Public access to managed databases will instantly be removed
⚠️ Public access to container databases will be removed only after a database redeployment
false

database.mongodb.allowed_cidrs

TypeDescriptionDefault Value
booleanList of allowed CIDRS. Valid only when database.mongodb.deny_public_access is set to true["0.0.0.0/0"]

database.redis.deny_public_access

TypeDescriptionDefault Value
booleanDeny public access to all Redis databases. When true, configure the CIDR range you want to allow within the associated allowed_cidrs parameter (default is "anyone").
⚠️ Public access to managed databases will instantly be removed
⚠️ Public access to container databases will be removed only after a database redeployment
false

database.redis.allowed_cidrs

TypeDescriptionDefault Value
booleanList of allowed CIDRS. Valid only when database.redis.deny_public_access is set to true["0.0.0.0/0"]

IAM

aws.iam.admin_group

TypeDescriptionDefault Value
stringAllows you to specify the IAM group name associated with the Qovery user in the AWS console during the IAM permissions setup to be able to connect to the Kubernetes clusterAdmins

Miscellaneous

aws.eks.ec2.metadata_imds

TypeDescriptionDefault Value
stringSpecify the IMDS version you want to use. Possible values are Required (IMDS v2 only) and Optional (IMDS v1 and V2)Optional