Configure UXP

UXP enables platform teams to define new custom resources with schemas of your choosing. We call these "composite resources" (XRs). Composite resources compose a provider's managed resources -- high fidelity infrastructure primitives, like an SQL instance or a firewall rule. In this page we'll walk through installing a UXP Configuration.

UXP uses two special Crossplane resources to define and configure XRs:

  • A CompositeResourceDefinition (XRD) defines a new kind of XR , including its schema. An XRD may optionally offer a claim (XRC).
  • A Composition specifies which resources a XR will be composed of, and how they should be configured. You can create multiple Composition options for each composite resource.

XRDs and Compositions may be packaged and installed as a configuration. A configuration is a package of composition configuration that can easily be installed to UXP by creating a declarative Configuration resource, or by using kubectl crossplane install configuration.

In the examples below we will install a configuration that defines a new CompositePostgreSQLInstance XR and PostgreSQLInstance XRC that takes a single storageGB parameter, and creates a connection Secret with keys for username, password, and endpoint. Let's get started!


You'll need kubectl with the Crossplane plugin to setup Universal Crossplane. The Crossplane plugin extends kubectl with functionality to build, push, and install Crossplane packages:

# Install kubectl.
# Other operating systems and architectures are available at the link above.
curl -LO "$(curl -L -s"
# Install the kubectl crossplane plugin.
curl -sL "" | sh

You'll also need an AWS account for this guide, but you can follow similar examples for other major clouds in the upstream Crossplane documentation.

Install a Configuration

First we'll install the configuration for AWS. If you prefer to see how this configuration package is constructed skip ahead to build a configuration.

# For Amazon Web Services, including all the required network plumbing.
kubectl crossplane install configuration ""
# Wait until the configuration and its dependencies are installed.
kubectl get pkg

Add your Credentials

Using an AWS account with permissions to manage RDS databases:

# Write your credentials
AWS_PROFILE=default && echo -e "[default]\naws_access_key_id = $(aws configure get aws_access_key_id --profile $AWS_PROFILE)\naws_secret_access_key = $(aws configure get aws_secret_access_key --profile $AWS_PROFILE)" > creds.conf
# Save your credentials as a secret
kubectl create secret generic aws-creds -n upbound-system --from-file=creds=./creds.conf

We will create the following ProviderConfig object to configure credentials for AWS Provider:

kind: ProviderConfig
name: default
source: Secret
namespace: upbound-system
name: aws-creds
key: creds
kubectl apply -f

Next Steps

You have now configured UXP with support for managing a PostgreSQLInstance! Your app teams can now provision one using kubectl.