Deploy Control Plane on Azure

RequirementsDescriptionReason for Requirement
Kubernetes ClusterAny Kubernetes cluster will work here - we can also choose the compute-plane cluster itself to install Truefoundry helm chart. The Truefoundry helm chart will be installed here.
Azure Flexible Server for PostgreSQLPostgres >= 13The database is used by Truefoundry control plane to store all its metadata.
Container in Azure Storage AccountAny container bucket reachable from control-plane.This is used by control-plane to store the intermediate code while building the docker image.
Egress Access for TruefoundryAuthEgress access to https://auth.truefoundry.comThis is needed to validate the users logging into Truefoundry so that licensing can be maintained.
Egress access For Docker Registry1
This is to download docker images for Truefoundry, ArgoCD, NATS, ArgoRollouts, ArgoWorkflows, Istio.
DNS with TLS/SSLOne endpoint to point to the control plane service (something like where is your domain. There should also be a certificate with the domain so that the domains can be accessed over TLS.

The control-plane url should be reachable from the compute-plane so that compute-plane cluster can connect to the control-plane
The developers will need to access the Truefoundry UI at domain that is provided here.
User/ServiceAccount to provision the infrastructure- azure subscription with billing enabled
- Contributor Role to the above Subscription.
- Role Based Access Administrator to the above subscription
These are the permissions required by the IAM user in GCP to create the entire control plane components.