# Storage Classes for EKS
# RFC 0039: ADR-Compliant Foundation Infrastructure
#
# Provides:
# - gp3-encrypted: Default encrypted EBS storage
# - gp3-fast: High-performance encrypted EBS storage
# - efs: Shared EFS storage for multi-pod access
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: gp3-encrypted
  annotations:
    storageclass.kubernetes.io/is-default-class: "true"
provisioner: ebs.csi.aws.com
parameters:
  type: gp3
  encrypted: "true"
  fsType: ext4
  # Default IOPS and throughput for gp3
  iops: "3000"
  throughput: "125"
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
reclaimPolicy: Delete
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: gp3-fast
  annotations:
    description: "High-performance encrypted EBS storage for databases"
provisioner: ebs.csi.aws.com
parameters:
  type: gp3
  encrypted: "true"
  fsType: ext4
  # Higher IOPS and throughput for database workloads
  iops: "16000"
  throughput: "1000"
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
reclaimPolicy: Retain  # Retain for databases
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: efs
  annotations:
    description: "Shared EFS storage for multi-pod access"
provisioner: efs.csi.aws.com
parameters:
  provisioningMode: efs-ap
  fileSystemId: "${EFS_ID}"
  directoryPerms: "700"
  gidRangeStart: "1000"
  gidRangeEnd: "2000"
  basePath: "/dynamic"
mountOptions:
  - tls
  - iam
volumeBindingMode: Immediate
allowVolumeExpansion: true
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: efs-static
  annotations:
    description: "Static EFS storage using access points"
provisioner: efs.csi.aws.com
parameters:
  provisioningMode: efs-ap
  fileSystemId: "${EFS_ID}"
  directoryPerms: "755"
mountOptions:
  - tls
  - iam
volumeBindingMode: Immediate