clusterBackup:
  enabled: false

  image:
    name: public.ecr.aws/zero-downtime/kubezero-admin
    # tag: v1.22.8

  repository: ""
  password: ""
  extraEnv: []

forseti:
  enabled: false

  image:
    name: public.ecr.aws/zero-downtime/forseti
    tag: v0.1.2

  aws:
    region: ""
    # -- "arn:aws:iam::${AWS::AccountId}:role/${AWS::Region}.${ClusterName}.kubezeroForseti"
    iamRoleArn: ""

aws-node-termination-handler:
  enabled: false

  fullnameOverride: "aws-node-termination-handler"

  #image:
  #  tag: v1.14.1

  # -- "aws-node-termination-handler/${ClusterName}"
  managedAsgTag: "aws-node-termination-handler/managed"

  enableSqsTerminationDraining: true
  enableProbesServer: true
  deleteLocalData: true
  ignoreDaemonSets: true
  taintNode: true
  emitKubernetesEvents: true

  # -- https://sqs.${AWS::Region}.amazonaws.com/${AWS::AccountId}/${ClusterName}_Nth
  queueURL: ""

  metadataTries: 0
  extraEnv:
  # -- "arn:aws:iam::${AWS::AccountId}:role/${AWS::Region}.${ClusterName}.awsNth"
  - name: AWS_ROLE_ARN
    value: ""
  - name: AWS_WEB_IDENTITY_TOKEN_FILE
    value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
  - name: AWS_STS_REGIONAL_ENDPOINTS
    value: "regional"

  enablePrometheusServer: false
  podMonitor:
    create: false

  jsonLogging: true

  tolerations:
  - key: node-role.kubernetes.io/master
    effect: NoSchedule
  nodeSelector:
    node-role.kubernetes.io/control-plane: ""

  rbac:
    pspEnabled: false

fuseDevicePlugin:
  enabled: false

k8sEcrLoginRenew:
  enabled: false

external-dns:
  enabled: false

  interval: 3m
  triggerLoopOnEvent: true

  tolerations:
  - key: node-role.kubernetes.io/master
    effect: NoSchedule
  nodeSelector:
    node-role.kubernetes.io/control-plane: ""

  #logLevel: debug
  sources:
  - service
  #- istio-gateway

  provider: inmemory

  extraVolumes:
  - name: aws-token
    projected:
      sources:
      - serviceAccountToken:
          path: token
          expirationSeconds: 86400
          audience: "sts.amazonaws.com"
  extraVolumeMounts:
  - name: aws-token
    mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
    readOnly: true
  env:
  # -- "arn:aws:iam::${AWS::AccountId}:role/${AWS::Region}.${ClusterName}.externalDNS"
  - name: AWS_ROLE_ARN
    value: ""
  - name: AWS_WEB_IDENTITY_TOKEN_FILE
    value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
  - name: AWS_STS_REGIONAL_ENDPOINTS
    value: "regional"