Skip to main content
Each Midaz service can be independently exposed via ingress. The ingress block is identical across services (Ledger, Onboarding, Transaction, CRM, Grafana) — configure it under each service’s .ingress section in values.yaml. To use ingress, you need an ingress controller running in your cluster (e.g., NGINX, AWS ALB, or Traefik) and DNS entries pointing to it.
You can enable ingress per service in your values.yaml file and configure hostnames, TLS secrets, and any controller-specific annotations.
cert-manager integration: If you use cert-manager for automatic TLS, add the annotation cert-manager.io/cluster-issuer: <issuer-name> and set tls.secretName — cert-manager will provision the certificate automatically.
The following sections provide configuration examples for the most common ingress controllers.

NGINX ingress controller


To use the NGINX Ingress Controller, configure the values.yaml as follows:
Check the ingress-nginx official documentation for a full reference on Nginx annotations.

AWS ALB (Application load balancer)


For AWS ALB Ingress Controller, configure the values.yaml as follows:

Traefik Ingress controller


For Traefik, configure the values.yaml as follows:

Multiple services example


To expose both the Ledger API and Grafana with different hostnames: