diff --git a/modules/schemahero_controller/facets.yaml b/modules/schemahero_controller/facets.yaml
new file mode 100644
index 000000000..5a0e48852
--- /dev/null
+++ b/modules/schemahero_controller/facets.yaml
@@ -0,0 +1,57 @@
+intent: schemahero-controller
+flavor: default
+version: '0.1'
+description: Deploys SchemaHero controller for automated database schema management
+  in Kubernetes environments
+lifecycle: ENVIRONMENT_BOOTSTRAP
+clouds:
+- kubernetes
+input_type: config
+spec:
+  type: object
+  properties:
+    size:
+      type: object
+      title: Resource Configuration
+      description: CPU and memory resource limits for the schemahero controller
+      properties:
+        cpu:
+          type: string
+          title: CPU Limit
+          description: CPU resource limit for the schemahero controller
+          default: 100m
+          pattern: ^[0-9]+[m]?$
+        memory:
+          type: string
+          title: Memory Limit
+          description: Memory resource limit for the schemahero controller
+          default: 150Mi
+          pattern: ^[0-9]+[KMGT]?[i]?[Bb]?$
+      default:
+        cpu: 100m
+        memory: 150Mi
+  required: []
+inputs:
+  kubernetes_details:
+    type: '@outputs/kubernetes-cluster-details'
+    optional: false
+    default:
+      resource_type: kubernetes_cluster
+      resource_name: default
+    displayName: Kubernetes Cluster Details
+    description: Kubernetes cluster configuration and provider access
+    providers:
+    - kubernetes
+    - helm
+outputs:
+  default:
+    type: '@outputs/schemahero-controller'
+    title: SchemaHero Controller Installation
+sample:
+  kind: schemahero-controller
+  flavor: default
+  version: '0.1'
+  spec:
+    size:
+      cpu: 100m
+      memory: 150Mi
diff --git a/modules/schemahero_controller/main.tf b/modules/schemahero_controller/main.tf
new file mode 100644
index 000000000..b5f234146
--- /dev/null
+++ b/modules/schemahero_controller/main.tf
@@ -0,0 +1,29 @@
+locals {
+  spec                      = lookup(var.instance, "spec", {})
+  size                      = lookup(local.spec, "size", {})
+  advanced                  = lookup(var.instance, "advanced", {})
+  user_supplied_helm_values = lookup(lookup(local.advanced, "default", {}), "values", {})
+  constructed_helm_values   = <<VALUES
+resources:
+  limits:
+    cpu: ${lookup(local.size, "cpu", "100m")}
+    memory: ${lookup(local.size, "memory", "150Mi")}
+schemahero:
+  image: facetscloud/schemahero-manager:latest
+VALUES
+}
+
+resource "helm_release" "schemahero" {
+  chart           = "${path.module}/schemahero-helm"
+  name            = "schemahero"
+  atomic          = false
+  cleanup_on_fail = true
+  namespace       = "facets"
+  values = [local.constructed_helm_values, yamlencode(local.user_supplied_helm_values),
+    yamlencode({
+      tolerations  = concat(var.environment.default_tolerations, var.inputs.kubernetes_details.attributes.legacy_outputs.facets_dedicated_tolerations)
+      nodeSelector = var.inputs.kubernetes_details.attributes.legacy_outputs.facets_dedicated_node_selectors
+    })
+  ]
+  recreate_pods = true
+}
\ No newline at end of file
diff --git a/modules/schemahero_controller/outputs.tf b/modules/schemahero_controller/outputs.tf
new file mode 100644
index 000000000..87ad0cd9b
--- /dev/null
+++ b/modules/schemahero_controller/outputs.tf
@@ -0,0 +1,4 @@
+locals {
+  output_interfaces = {}
+  output_attributes = {}
+}
diff --git a/modules/schemahero_controller/schemahero-helm/.commitlintrc.yml b/modules/schemahero_controller/schemahero-helm/.commitlintrc.yml
new file mode 100644
index 000000000..5d18f0b83
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/.commitlintrc.yml
@@ -0,0 +1,11 @@
+extends:
+  - '@commitlint/config-conventional'
+
+rules:
+  type-enum:
+    - 2
+    - always
+    -
+      - chore
+      - feat
+      - fix
diff --git a/modules/schemahero_controller/schemahero-helm/.dockerignore b/modules/schemahero_controller/schemahero-helm/.dockerignore
new file mode 100644
index 000000000..fe0b70a07
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/.dockerignore
@@ -0,0 +1,4 @@
+crds/
+templates/
+.github/
+*.json
diff --git a/modules/schemahero_controller/schemahero-helm/.editorconfig b/modules/schemahero_controller/schemahero-helm/.editorconfig
new file mode 100644
index 000000000..8aa47c134
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/.editorconfig
@@ -0,0 +1,12 @@
+root = true
+
+[*]
+end_of_line = lf
+charset = utf-8
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = space
+indent_size = 2
+
+[README.md]
+max_line_length = 120
diff --git a/modules/schemahero_controller/schemahero-helm/.helmignore b/modules/schemahero_controller/schemahero-helm/.helmignore
new file mode 100644
index 000000000..b09f55256
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/.helmignore
@@ -0,0 +1,32 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+package*.json
+node_modules/
+.github/
+test/
+skaffold.yaml
+.releaserc.yaml
+.editorconfig
+.dockerignore
+
diff --git a/modules/schemahero_controller/schemahero-helm/.releaserc.yaml b/modules/schemahero_controller/schemahero-helm/.releaserc.yaml
new file mode 100644
index 000000000..65868bf84
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/.releaserc.yaml
@@ -0,0 +1,24 @@
+branches:
+  - main
+
+tagFormat: "${version}"
+
+plugins:
+  - '@semantic-release/commit-analyzer'
+  - 'semantic-release-commitlint'
+  -
+    - "@semantic-release/release-notes-generator"
+    - preset: "conventionalcommits"
+  -
+    - "@semantic-release/git"
+    - assets: []
+      messsage: false
+  -
+    - "@semantic-release/github"
+    - successComment: false
+      failComment: false
+  -
+    - '@eshepelyuk/semantic-release-helm-oci'
+    - registry: oci://ghcr.io/schemahero/helm
+      skipAppVersion: true
+
diff --git a/modules/schemahero_controller/schemahero-helm/Chart.yaml b/modules/schemahero_controller/schemahero-helm/Chart.yaml
new file mode 100644
index 000000000..df57de4b9
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/Chart.yaml
@@ -0,0 +1,42 @@
+apiVersion: v2
+name: schemahero
+description: Install and configure SchemaHero in Kubernetes.
+type: application
+version: 0.0.0 # chart version introspected from git release tags
+appVersion: 0.13.1
+icon: https://raw.githubusercontent.com/schemahero/schemahero/main/artwork/color/svg/schemahero-logomark-color.svg
+home: https://github.com/schemahero/schemahero-helm
+maintainers:
+  - name: Ievgenii Shepeliuk
+    email: eshepelyuk@gmail.com
+    url: https://github.com/eshepelyuk
+keywords:
+  - schemahero
+  - database
+  - kubernetes
+  - postgresql
+  - migration
+annotations:
+  artifacthub.io/links: |
+    - name: SchemaHero site
+      url: https://schemahero.io/
+    - name: SchemaHero sources
+      url: https://github.com/schemahero/schemahero
+
+  artifacthub.io/crds: |
+    - kind: Database
+      version: v1alpha4
+      name: database
+      displayName: Database
+      description: Database is the Schema for the databases API
+    - kind: Migration
+      version: v1alpha4
+      name: migration
+      displayName: Migration
+      description: Migration is the Schema for the migrations API
+    - kind: Table
+      version: v1alpha4
+      name: table
+      displayName: Table
+      description: Table is the Schema for the tables API
+
diff --git a/modules/schemahero_controller/schemahero-helm/LICENSE b/modules/schemahero_controller/schemahero-helm/LICENSE
new file mode 100644
index 000000000..393a44bd6
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/LICENSE
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2019 Marc Campbell
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/modules/schemahero_controller/schemahero-helm/README.md b/modules/schemahero_controller/schemahero-helm/README.md
new file mode 100644
index 000000000..a5935355e
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/README.md
@@ -0,0 +1,55 @@
+
+# Helm chart for SchemaHero
+
+![GitHub Workflow Status](https://img.shields.io/github/workflow/status/schemahero/schemahero-helm/CI?label=CI%2FCD&style=for-the-badge)
+[![Current](https://img.shields.io/github/v/tag/schemahero/schemahero-helm?logo=github&sort=semver&style=for-the-badge&label=current)](https://github.com/schemahero/schemahero-helm/releases/latest)
+[![Artifact Hub](https://img.shields.io/endpoint?style=for-the-badge&url=https://artifacthub.io/badge/repository/schemahero)](https://artifacthub.io/packages/helm/schemahero/schemahero)
+[![Apache 2.0](https://img.shields.io/github/license/schemahero/schemahero-helm?style=for-the-badge)](https://opensource.org/licenses/Apache-2.0)
+
+## Installation
+
+The chart is published to
+[GitHub Container Registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry)
+and requires Helm version to be >= 3.7.0.
+
+1. Enable [OCI support](https://helm.sh/docs/topics/registries/#enabling-oci-support).
+    ```sh
+    export HELM_EXPERIMENTAL_OCI=1
+    ```
+
+1. Choose appropriate version from the [available releases](https://github.com/schemahero/schemahero-helm/releases).
+
+    It's recommended to install the chart into a dedicated namespace.
+
+    ```sh
+    helm upgrade -i --wait --create-namespace -n schemahero schemahero \
+      oci://ghcr.io/schemahero/helm/schemahero --version ${VERSION}
+    ```
+
+## Configuration
+
+Chart parameters can be configured via [Helm values files](https://helm.sh/docs/chart_template_guide/values_files/).
+
+Check out
+[values schema](https://artifacthub.io/packages/helm/schemahero/schemahero?modal=values-schema)
+for the comprehensive list of available configuration options.
+
+## Create new release
+
+1. Navigate to [Release Workflow](https://github.com/schemahero/schemahero-helm/actions/workflows/release.yaml)
+in `Actions` section.
+1. Click `Run workflow` button.
+1. Wait until job is finished.
+
+Release job performs following actions.
+
+1. Generates changelog from previous release tag.
+1. Calculates a new release version from the changelog.
+1. Creates new GitHub release with git tag containing new release number.
+1. Generates Helm chart with assigned version.
+1. Publishes Helm chart to GitHub Packages repository.
+
+Release pipeline is powered by
+[semantic-release](https://github.com/semantic-release/semantic-release) tool.
+
+
diff --git a/modules/schemahero_controller/schemahero-helm/crds/databases.schemahero.io_databases.yaml b/modules/schemahero_controller/schemahero-helm/crds/databases.schemahero.io_databases.yaml
new file mode 100644
index 000000000..b036460e8
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/crds/databases.schemahero.io_databases.yaml
@@ -0,0 +1,3630 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.7.0
+  creationTimestamp: null
+  name: databases.databases.schemahero.io
+spec:
+  group: databases.schemahero.io
+  names:
+    kind: Database
+    listKind: DatabaseList
+    plural: databases
+    singular: database
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.namespace
+      name: Namespace
+      priority: 1
+      type: string
+    - jsonPath: .spec.immediateDeploy
+      name: Deploy Immediately
+      priority: 1
+      type: boolean
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1alpha4
+    schema:
+      openAPIV3Schema:
+        description: Database is the Schema for the databases API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              connection:
+                description: DatabaseConnection defines connection parameters for
+                  the database driver
+                properties:
+                  cassandra:
+                    properties:
+                      hosts:
+                        items:
+                          type: string
+                        type: array
+                      keyspace:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      password:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      username:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                    required:
+                    - hosts
+                    - keyspace
+                    type: object
+                  cockroachdb:
+                    properties:
+                      dbname:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      host:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      password:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      port:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      schema:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      sslmode:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      uri:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      user:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                    type: object
+                  mysql:
+                    properties:
+                      collation:
+                        type: string
+                      dbname:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      defaultCharset:
+                        type: string
+                      disableTLS:
+                        type: boolean
+                      host:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      password:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      port:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      uri:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      user:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                    type: object
+                  postgres:
+                    properties:
+                      dbname:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      host:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      password:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      port:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      schema:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      sslmode:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      uri:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      user:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                    type: object
+                  rqlite:
+                    properties:
+                      disableTLS:
+                        type: boolean
+                      host:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      password:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      port:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      uri:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      user:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                    type: object
+                  sqlite:
+                    properties:
+                      dsn:
+                        type: string
+                    required:
+                    - dsn
+                    type: object
+                  timescaledb:
+                    properties:
+                      dbname:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      host:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      password:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      port:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      schema:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      sslmode:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      uri:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                      user:
+                        properties:
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                - key
+                                - name
+                                type: object
+                              ssm:
+                                properties:
+                                  accessKeyId:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  name:
+                                    type: string
+                                  region:
+                                    type: string
+                                  secretAccessKey:
+                                    properties:
+                                      value:
+                                        type: string
+                                      valueFrom:
+                                        properties:
+                                          secretKeyRef:
+                                            properties:
+                                              key:
+                                                type: string
+                                              name:
+                                                type: string
+                                            required:
+                                            - key
+                                            - name
+                                            type: object
+                                        type: object
+                                    required:
+                                    - value
+                                    type: object
+                                  withDecryption:
+                                    type: boolean
+                                required:
+                                - name
+                                type: object
+                              vault:
+                                properties:
+                                  agentInject:
+                                    type: boolean
+                                  connectionTemplate:
+                                    type: string
+                                  endpoint:
+                                    type: string
+                                  kubernetesAuthEndpoint:
+                                    type: string
+                                  role:
+                                    type: string
+                                  secret:
+                                    type: string
+                                  serviceAccount:
+                                    type: string
+                                  serviceAccountNamespace:
+                                    type: string
+                                required:
+                                - role
+                                - secret
+                                type: object
+                            type: object
+                        type: object
+                    type: object
+                type: object
+              deploySeedData:
+                type: boolean
+              enableShellCommand:
+                type: boolean
+              immediateDeploy:
+                default: false
+                type: boolean
+              schemahero:
+                properties:
+                  image:
+                    type: string
+                  nodeSelector:
+                    additionalProperties:
+                      type: string
+                    default: {}
+                    type: object
+                  tolerations:
+                    type: array
+                    default: []
+                    items:
+                      type: object
+                      properties:
+                        key:
+                          type: string
+                        operator:
+                          type: string
+                        value:
+                          type: string
+                        effect:
+                          type: string
+                type: object
+              template:
+                properties:
+                  metadata:
+                    properties:
+                      annotations:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      finalizers:
+                        items:
+                          type: string
+                        type: array
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      name:
+                        type: string
+                      namespace:
+                        type: string
+                    type: object
+                type: object
+            type: object
+          status:
+            description: DatabaseStatus defines the observed state of Database
+            properties:
+              isConnected:
+                type: boolean
+              lastPing:
+                type: string
+            required:
+            - isConnected
+            - lastPing
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
diff --git a/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_datatypes.yaml b/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_datatypes.yaml
new file mode 100644
index 000000000..0ade93c57
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_datatypes.yaml
@@ -0,0 +1,78 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.7.0
+  creationTimestamp: null
+  name: datatypes.schemas.schemahero.io
+spec:
+  group: schemas.schemahero.io
+  names:
+    kind: DataType
+    listKind: DataTypeList
+    plural: datatypes
+    singular: datatype
+  scope: Namespaced
+  versions:
+  - name: v1alpha4
+    schema:
+      openAPIV3Schema:
+        description: DataType is the Schema for the datatypes API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: DataTypeSpec defines the desired state of Type
+            properties:
+              database:
+                type: string
+              name:
+                type: string
+              schema:
+                properties:
+                  cassandra:
+                    properties:
+                      fields:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - name
+                          - type
+                          type: object
+                        type: array
+                      isDeleted:
+                        type: boolean
+                    type: object
+                type: object
+            required:
+            - database
+            - name
+            type: object
+          status:
+            description: DataTypeStatus defines the observed state of Type
+            type: object
+        type: object
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
diff --git a/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_migrations.yaml b/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_migrations.yaml
new file mode 100644
index 000000000..cec12bae0
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_migrations.yaml
@@ -0,0 +1,110 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.7.0
+  creationTimestamp: null
+  name: migrations.schemas.schemahero.io
+spec:
+  group: schemas.schemahero.io
+  names:
+    kind: Migration
+    listKind: MigrationList
+    plural: migrations
+    singular: migration
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .spec.databaseName
+      name: Database
+      type: string
+    - jsonPath: .spec.tableName
+      name: Table
+      type: string
+    - jsonPath: .metadata.namespace
+      name: Namespace
+      priority: 1
+      type: string
+    - jsonPath: .status.phase
+      name: Phase
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1alpha4
+    schema:
+      openAPIV3Schema:
+        description: Migration is the Schema for the migrations API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: MigrationSpec defines the desired state of Migration
+            properties:
+              databaseName:
+                type: string
+              editedDDL:
+                type: string
+              generatedDDL:
+                type: string
+              tableName:
+                type: string
+              tableNamespace:
+                type: string
+            required:
+            - tableName
+            - tableNamespace
+            type: object
+          status:
+            description: MigrationStatus defines the observed state of Migration
+            properties:
+              approvedAt:
+                format: int64
+                type: integer
+              executedAt:
+                format: int64
+                type: integer
+              invalidatedAt:
+                description: InvalidatedAt is the unix nano timestamp when this plan
+                  was determined to be invalid or outdated
+                format: int64
+                type: integer
+              phase:
+                enum:
+                - PLANNED
+                - APPROVED
+                - EXECUTED
+                - INVALID
+                - REJECTED
+                type: string
+              plannedAt:
+                description: PlannedAt is the unix nano timestamp when the plan was
+                  generated
+                format: int64
+                type: integer
+              rejectedAt:
+                format: int64
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
diff --git a/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_tables.yaml b/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_tables.yaml
new file mode 100644
index 000000000..ca6d4f8ff
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_tables.yaml
@@ -0,0 +1,800 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.7.0
+  creationTimestamp: null
+  name: tables.schemas.schemahero.io
+spec:
+  group: schemas.schemahero.io
+  names:
+    kind: Table
+    listKind: TableList
+    plural: tables
+    singular: table
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.namespace
+      name: Namespace
+      priority: 1
+      type: string
+    - jsonPath: .spec.name
+      name: Table
+      type: string
+    - jsonPath: .spec.database
+      name: Database
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1alpha4
+    schema:
+      openAPIV3Schema:
+        description: Table is the Schema for the tables API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: TableSpec defines the desired state of Table
+            properties:
+              database:
+                type: string
+              name:
+                type: string
+              requires:
+                items:
+                  type: string
+                type: array
+              schema:
+                properties:
+                  cassandra:
+                    properties:
+                      clusteringOrder:
+                        properties:
+                          column:
+                            type: string
+                          isDescending:
+                            type: boolean
+                        required:
+                        - column
+                        type: object
+                      columns:
+                        items:
+                          properties:
+                            isStatic:
+                              type: boolean
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - name
+                          - type
+                          type: object
+                        type: array
+                      isDeleted:
+                        type: boolean
+                      primaryKey:
+                        items:
+                          items:
+                            type: string
+                          type: array
+                        type: array
+                      properties:
+                        properties:
+                          bloomFilterFPChance:
+                            type: string
+                          caching:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          comment:
+                            type: string
+                          compaction:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          compression:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          crcCheckChance:
+                            type: string
+                          dcLocalReadRepairChance:
+                            type: string
+                          defaultTTL:
+                            type: integer
+                          gcGraceSeconds:
+                            type: integer
+                          maxIndexInterval:
+                            type: integer
+                          memtableFlushPeriodMs:
+                            type: integer
+                          minIndexInterval:
+                            type: integer
+                          readRepairChance:
+                            type: string
+                          speculativeRetry:
+                            type: string
+                        type: object
+                    type: object
+                  cockroachdb:
+                    properties:
+                      columns:
+                        items:
+                          properties:
+                            attributes:
+                              properties:
+                                autoIncrement:
+                                  type: boolean
+                              type: object
+                            constraints:
+                              properties:
+                                notNull:
+                                  type: boolean
+                              type: object
+                            default:
+                              type: string
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - name
+                          - type
+                          type: object
+                        type: array
+                      foreignKeys:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            name:
+                              type: string
+                            onDelete:
+                              type: string
+                            references:
+                              properties:
+                                columns:
+                                  items:
+                                    type: string
+                                  type: array
+                                table:
+                                  type: string
+                              required:
+                              - columns
+                              - table
+                              type: object
+                          required:
+                          - columns
+                          - references
+                          type: object
+                        type: array
+                      indexes:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            isUnique:
+                              type: boolean
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - columns
+                          type: object
+                        type: array
+                      isDeleted:
+                        type: boolean
+                      json:triggers:
+                        items:
+                          properties:
+                            arguments:
+                              items:
+                                type: string
+                              type: array
+                            condition:
+                              type: string
+                            constraintTrigger:
+                              type: boolean
+                            events:
+                              items:
+                                type: string
+                              type: array
+                            executeProcedure:
+                              type: string
+                            forEachRun:
+                              type: boolean
+                            forEachStatement:
+                              type: boolean
+                            name:
+                              type: string
+                          required:
+                          - events
+                          - executeProcedure
+                          type: object
+                        type: array
+                      primaryKey:
+                        items:
+                          type: string
+                        type: array
+                    type: object
+                  mysql:
+                    properties:
+                      collation:
+                        type: string
+                      columns:
+                        items:
+                          properties:
+                            attributes:
+                              properties:
+                                autoIncrement:
+                                  type: boolean
+                              type: object
+                            charset:
+                              type: string
+                            collation:
+                              type: string
+                            constraints:
+                              properties:
+                                notNull:
+                                  type: boolean
+                              type: object
+                            default:
+                              type: string
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - name
+                          - type
+                          type: object
+                        type: array
+                      defaultCharset:
+                        type: string
+                      foreignKeys:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            name:
+                              type: string
+                            onDelete:
+                              type: string
+                            references:
+                              properties:
+                                columns:
+                                  items:
+                                    type: string
+                                  type: array
+                                table:
+                                  type: string
+                              required:
+                              - columns
+                              - table
+                              type: object
+                          required:
+                          - columns
+                          - references
+                          type: object
+                        type: array
+                      indexes:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            isUnique:
+                              type: boolean
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - columns
+                          type: object
+                        type: array
+                      isDeleted:
+                        type: boolean
+                      primaryKey:
+                        items:
+                          type: string
+                        type: array
+                    type: object
+                  postgres:
+                    properties:
+                      columns:
+                        items:
+                          properties:
+                            attributes:
+                              properties:
+                                autoIncrement:
+                                  type: boolean
+                              type: object
+                            constraints:
+                              properties:
+                                notNull:
+                                  type: boolean
+                              type: object
+                            default:
+                              type: string
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - name
+                          - type
+                          type: object
+                        type: array
+                      foreignKeys:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            name:
+                              type: string
+                            onDelete:
+                              type: string
+                            references:
+                              properties:
+                                columns:
+                                  items:
+                                    type: string
+                                  type: array
+                                table:
+                                  type: string
+                              required:
+                              - columns
+                              - table
+                              type: object
+                          required:
+                          - columns
+                          - references
+                          type: object
+                        type: array
+                      indexes:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            isUnique:
+                              type: boolean
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - columns
+                          type: object
+                        type: array
+                      isDeleted:
+                        type: boolean
+                      json:triggers:
+                        items:
+                          properties:
+                            arguments:
+                              items:
+                                type: string
+                              type: array
+                            condition:
+                              type: string
+                            constraintTrigger:
+                              type: boolean
+                            events:
+                              items:
+                                type: string
+                              type: array
+                            executeProcedure:
+                              type: string
+                            forEachRun:
+                              type: boolean
+                            forEachStatement:
+                              type: boolean
+                            name:
+                              type: string
+                          required:
+                          - events
+                          - executeProcedure
+                          type: object
+                        type: array
+                      primaryKey:
+                        items:
+                          type: string
+                        type: array
+                    type: object
+                  rqlite:
+                    properties:
+                      columns:
+                        items:
+                          properties:
+                            attributes:
+                              properties:
+                                autoIncrement:
+                                  type: boolean
+                              type: object
+                            constraints:
+                              properties:
+                                notNull:
+                                  type: boolean
+                              type: object
+                            default:
+                              type: string
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - name
+                          - type
+                          type: object
+                        type: array
+                      foreignKeys:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            name:
+                              type: string
+                            onDelete:
+                              type: string
+                            references:
+                              properties:
+                                columns:
+                                  items:
+                                    type: string
+                                  type: array
+                                table:
+                                  type: string
+                              required:
+                              - columns
+                              - table
+                              type: object
+                          required:
+                          - columns
+                          - references
+                          type: object
+                        type: array
+                      indexes:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            isUnique:
+                              type: boolean
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - columns
+                          type: object
+                        type: array
+                      isDeleted:
+                        type: boolean
+                      primaryKey:
+                        items:
+                          type: string
+                        type: array
+                      strict:
+                        type: boolean
+                    type: object
+                  sqlite:
+                    properties:
+                      columns:
+                        items:
+                          properties:
+                            attributes:
+                              properties:
+                                autoIncrement:
+                                  type: boolean
+                              type: object
+                            constraints:
+                              properties:
+                                notNull:
+                                  type: boolean
+                              type: object
+                            default:
+                              type: string
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - name
+                          - type
+                          type: object
+                        type: array
+                      foreignKeys:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            name:
+                              type: string
+                            onDelete:
+                              type: string
+                            references:
+                              properties:
+                                columns:
+                                  items:
+                                    type: string
+                                  type: array
+                                table:
+                                  type: string
+                              required:
+                              - columns
+                              - table
+                              type: object
+                          required:
+                          - columns
+                          - references
+                          type: object
+                        type: array
+                      indexes:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            isUnique:
+                              type: boolean
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - columns
+                          type: object
+                        type: array
+                      isDeleted:
+                        type: boolean
+                      primaryKey:
+                        items:
+                          type: string
+                        type: array
+                      strict:
+                        type: boolean
+                    type: object
+                  timescaledb:
+                    properties:
+                      columns:
+                        items:
+                          properties:
+                            attributes:
+                              properties:
+                                autoIncrement:
+                                  type: boolean
+                              type: object
+                            constraints:
+                              properties:
+                                notNull:
+                                  type: boolean
+                              type: object
+                            default:
+                              type: string
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - name
+                          - type
+                          type: object
+                        type: array
+                      foreignKeys:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            name:
+                              type: string
+                            onDelete:
+                              type: string
+                            references:
+                              properties:
+                                columns:
+                                  items:
+                                    type: string
+                                  type: array
+                                table:
+                                  type: string
+                              required:
+                              - columns
+                              - table
+                              type: object
+                          required:
+                          - columns
+                          - references
+                          type: object
+                        type: array
+                      hypertable:
+                        properties:
+                          associatedSchemaName:
+                            type: string
+                          associatedTablePrefix:
+                            type: string
+                          chunkTimeInterval:
+                            type: string
+                          compression:
+                            properties:
+                              interval:
+                                type: string
+                              segmentBy:
+                                type: string
+                            required:
+                            - interval
+                            - segmentBy
+                            type: object
+                          createDefaultIndexes:
+                            type: boolean
+                          dataNodes:
+                            items:
+                              type: string
+                            type: array
+                          ifNotExists:
+                            type: boolean
+                          migrateData:
+                            type: boolean
+                          numberPartitions:
+                            type: integer
+                          partitioningColumn:
+                            type: string
+                          partitioningFunc:
+                            type: string
+                          replicationFactor:
+                            type: integer
+                          retention:
+                            properties:
+                              interval:
+                                type: string
+                            required:
+                            - interval
+                            type: object
+                          timeColumnName:
+                            type: string
+                          timePartitioningFunc:
+                            type: string
+                        type: object
+                      indexes:
+                        items:
+                          properties:
+                            columns:
+                              items:
+                                type: string
+                              type: array
+                            isUnique:
+                              type: boolean
+                            name:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - columns
+                          type: object
+                        type: array
+                      isDeleted:
+                        type: boolean
+                      primaryKey:
+                        items:
+                          type: string
+                        type: array
+                      triggers:
+                        items:
+                          properties:
+                            arguments:
+                              items:
+                                type: string
+                              type: array
+                            condition:
+                              type: string
+                            constraintTrigger:
+                              type: boolean
+                            events:
+                              items:
+                                type: string
+                              type: array
+                            executeProcedure:
+                              type: string
+                            forEachRun:
+                              type: boolean
+                            forEachStatement:
+                              type: boolean
+                            name:
+                              type: string
+                          required:
+                          - events
+                          - executeProcedure
+                          type: object
+                        type: array
+                    type: object
+                type: object
+              seedData:
+                properties:
+                  rows:
+                    items:
+                      properties:
+                        columns:
+                          items:
+                            properties:
+                              column:
+                                type: string
+                              value:
+                                properties:
+                                  int:
+                                    type: integer
+                                  str:
+                                    type: string
+                                type: object
+                            required:
+                            - column
+                            - value
+                            type: object
+                          type: array
+                      required:
+                      - columns
+                      type: object
+                    type: array
+                required:
+                - rows
+                type: object
+            required:
+            - database
+            - name
+            type: object
+          status:
+            description: TableStatus defines the observed state of Table
+            properties:
+              lastPlannedTableSpecSHA:
+                description: We store the SHA of the table spec from the last time
+                  we executed a plan to make startup less noisy by skipping re-planning
+                  objects that have been planned we cannot use the resourceVersion
+                  or generation fields because updating them would cause the object
+                  to be modified again
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
diff --git a/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_views.yaml b/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_views.yaml
new file mode 100644
index 000000000..19aee101b
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/crds/schemas.schemahero.io_views.yaml
@@ -0,0 +1,111 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.7.0
+  creationTimestamp: null
+  name: views.schemas.schemahero.io
+spec:
+  group: schemas.schemahero.io
+  names:
+    kind: View
+    listKind: ViewList
+    plural: views
+    singular: view
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .metadata.namespace
+      name: Namespace
+      priority: 1
+      type: string
+    - jsonPath: .spec.name
+      name: View
+      type: string
+    - jsonPath: .spec.database
+      name: Database
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1alpha4
+    schema:
+      openAPIV3Schema:
+        description: View is the Schema for the view API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: ViewSpec defines the desired state of View
+            properties:
+              database:
+                type: string
+              name:
+                type: string
+              requires:
+                items:
+                  type: string
+                type: array
+              schema:
+                properties:
+                  cassandra:
+                    type: object
+                  cockroachdb:
+                    type: object
+                  mysql:
+                    type: object
+                  postgres:
+                    type: object
+                  rqlite:
+                    type: object
+                  sqlite:
+                    type: object
+                  timescaledb:
+                    properties:
+                      isContinuousAggregate:
+                        type: boolean
+                      isDeleted:
+                        type: boolean
+                      query:
+                        type: string
+                      withNoData:
+                        type: boolean
+                    type: object
+                type: object
+            required:
+            - database
+            - name
+            type: object
+          status:
+            description: ViewStatus defines the observed state of View
+            properties:
+              lastPlannedViewSpecSHA:
+                description: We store the SHA of the view spec from the last time
+                  we executed a plan to make startup less noisy by skipping re-planning
+                  objects that have been planned we cannot use the resourceVersion
+                  or generation fields because updating them would cause the object
+                  to be modified again
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
diff --git a/modules/schemahero_controller/schemahero-helm/package.json b/modules/schemahero_controller/schemahero-helm/package.json
new file mode 100644
index 000000000..275133849
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/package.json
@@ -0,0 +1,10 @@
+{
+  "devDependencies": {
+    "@eshepelyuk/semantic-release-helm-oci": "^1.4.0",
+    "@semantic-release/exec": "^5.0.0",
+    "@semantic-release/git": "^9.0.0",
+    "conventional-changelog-conventionalcommits": "^4.6.0",
+    "semantic-release": "^17.4.4",
+    "semantic-release-commitlint": "^1.2.2"
+  }
+}
diff --git a/modules/schemahero_controller/schemahero-helm/skaffold.yaml b/modules/schemahero_controller/schemahero-helm/skaffold.yaml
new file mode 100644
index 000000000..9d2e2d5ad
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/skaffold.yaml
@@ -0,0 +1,21 @@
+apiVersion: skaffold/v2beta19
+kind: Config
+metadata:
+  name: schemahero-e2e
+build:
+  artifacts:
+    - image: schemahero/schemahero-e2e
+      context: ./test/e2e
+  local:
+    push: true
+deploy:
+  helm:
+    releases:
+      - name: sch
+        chartPath: .
+        wait: true
+        artifactOverrides:
+          image: schemahero/schemahero-e2e
+        imageStrategy:
+          helm: {}
+
diff --git a/modules/schemahero_controller/schemahero-helm/templates/_helpers.tpl b/modules/schemahero_controller/schemahero-helm/templates/_helpers.tpl
new file mode 100644
index 000000000..4b987e4c7
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/templates/_helpers.tpl
@@ -0,0 +1,20 @@
+{{- define "schemahero.fullname" -}}
+{{ .Release.Name }}
+{{- end -}}
+
+{{- define "schemahero.labels" -}}
+helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version }}
+{{ include "schemahero.selectorLabels" . }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{- define "schemahero.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "schemahero.fullname" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+control-plane: schemahero
+{{- end -}}
+
+{{- define "schemahero.webhookSecret" -}}
+{{ include "schemahero.fullname" . }}-webhook
+{{- end -}}
diff --git a/modules/schemahero_controller/schemahero-helm/templates/cluster-role-binding.yaml b/modules/schemahero_controller/schemahero-helm/templates/cluster-role-binding.yaml
new file mode 100644
index 000000000..fddc2a747
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/templates/cluster-role-binding.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "schemahero.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "schemahero.fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "schemahero.fullname" . }}
+  namespace: {{ .Release.Namespace }}
diff --git a/modules/schemahero_controller/schemahero-helm/templates/cluster-role.yaml b/modules/schemahero_controller/schemahero-helm/templates/cluster-role.yaml
new file mode 100644
index 000000000..c8d3aafd4
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/templates/cluster-role.yaml
@@ -0,0 +1,173 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "schemahero.fullname" . }}
+rules:
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  - statefulsets
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - apps
+  resources:
+  - deployments/status
+  - statefulset/status
+  verbs:
+  - get
+  - update
+  - patch
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - pods/log
+  verbs:
+  - get
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  verbs:
+  - get
+  - list
+  - create
+  - update
+  - delete
+  - watch
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - roles
+  - rolebindings
+  verbs:
+  - get
+  - list
+  - create
+  - update
+  - delete
+  - watch
+- apiGroups:
+  - admissionregistration.k8s.io
+  resources:
+  - mutatingwebhookconfigurations
+  - validatingwebhookconfigurations
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - databases.schemahero.io
+  resources:
+  - databases
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - databases.schemahero.io
+  resources:
+  - databases/status
+  verbs:
+  - get
+  - update
+  - patch
+- apiGroups:
+  - schemas.schemahero.io
+  resources:
+  - migrations
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - schemas.schemahero.io
+  resources:
+  - migrations/status
+  verbs:
+  - get
+  - update
+  - patch
+- apiGroups:
+  - schemas.schemahero.io
+  resources:
+  - tables
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - schemas.schemahero.io
+  resources:
+  - tables/status
+  verbs:
+  - get
+  - update
+  - patch
+- apiGroups:
+    - schemas.schemahero.io
+  resources:
+    - views
+  verbs:
+    - get
+    - list
+    - watch
+    - create
+    - update
+    - patch
+    - delete
+- apiGroups:
+    - schemas.schemahero.io
+  resources:
+    - views/status
+  verbs:
+    - get
+    - update
+    - patch
diff --git a/modules/schemahero_controller/schemahero-helm/templates/manager.yaml b/modules/schemahero_controller/schemahero-helm/templates/manager.yaml
new file mode 100644
index 000000000..a5be912ee
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/templates/manager.yaml
@@ -0,0 +1,66 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: {{ include "schemahero.fullname" . }}
+  labels:
+    {{- include "schemahero.labels" . | nindent 4 }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "schemahero.selectorLabels" . | nindent 6 }}
+  serviceName: ""
+  template:
+    metadata:
+      labels:
+        {{- include "schemahero.selectorLabels" . | nindent 8 }}
+    spec:
+      serviceAccountName: {{ include "schemahero.fullname" . }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{ . | toYaml | nindent 10 }}
+      {{- end }}
+      containers:
+        - name: main
+          image: {{ .Values.schemahero.image }}
+          imagePullPolicy: IfNotPresent
+          command:
+            - /manager
+            - run
+            - --enable-database-controller
+            {{- range .Values.extraArgs }}
+            {{ . }}
+            {{- end }}
+          ports:
+            - name: webhook
+              containerPort: 9876
+              protocol: TCP
+          volumeMounts:
+            - name: cert
+              mountPath: /tmp/cert
+              readOnly: true
+          env:
+            - name: POD_NAMESPACE
+              value: {{ .Release.Namespace }}
+            - name: SECRET_NAME
+              value: {{ include "schemahero.webhookSecret" . }}
+            {{- with .Values.extraEnv }}
+            {{ . | toYaml | nindent 14 }}
+            {{- end }}
+          {{- with .Values.resources }}
+          resources:
+            {{ . | toYaml | nindent 12 }}
+          {{- end }}
+      volumes:
+        - name: cert
+          secret:
+            defaultMode: 420
+            secretName: {{ include "schemahero.webhookSecret" . }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{ . | toYaml | nindent 10 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{ . | toYaml | nindent 10 }}
+      {{- end }}
diff --git a/modules/schemahero_controller/schemahero-helm/templates/secret.yaml b/modules/schemahero_controller/schemahero-helm/templates/secret.yaml
new file mode 100644
index 000000000..c81bba5b0
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/templates/secret.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "schemahero.webhookSecret" . }}
+  namespace: {{ .Release.Namespace }}
diff --git a/modules/schemahero_controller/schemahero-helm/templates/service-account.yaml b/modules/schemahero_controller/schemahero-helm/templates/service-account.yaml
new file mode 100644
index 000000000..61b0fc39e
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/templates/service-account.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "schemahero.fullname" . }}
+  labels:
+    {{- include "schemahero.labels" . | nindent 4 }}
+  namespace: {{ .Release.Namespace }}
diff --git a/modules/schemahero_controller/schemahero-helm/templates/service.yaml b/modules/schemahero_controller/schemahero-helm/templates/service.yaml
new file mode 100644
index 000000000..3411b663b
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "schemahero.fullname" . }}-controller-manager
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "schemahero.labels" . | nindent 4 }}
+spec:
+  type: ClusterIP
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: webhook
+      protocol: TCP
+  selector:
+    {{- include "schemahero.selectorLabels" . | nindent 4 }}
diff --git a/modules/schemahero_controller/schemahero-helm/templates/tests/testdb.yaml b/modules/schemahero_controller/schemahero-helm/templates/tests/testdb.yaml
new file mode 100644
index 000000000..25d3747fe
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/templates/tests/testdb.yaml
@@ -0,0 +1,17 @@
+
+{{- $dict := .Values.image | default (dict "tag" .Chart.Version "repository" "schemahero-testdb") -}}
+{{- $image := printf "%s:%s" $dict.repository $dict.tag -}}
+apiVersion: v1
+kind: Pod
+metadata:
+  name: {{ include "schemahero.fullname" . }}-testdb
+  annotations:
+    "helm.sh/hook": test
+    "helm.sh/hook-delete-policy": before-hook-creation
+spec:
+  restartPolicy: Never
+  containers:
+    - name: testdb
+      image: {{ $image }}
+      args:
+        - 'pgsql-postgresql'
diff --git a/modules/schemahero_controller/schemahero-helm/values.schema.json b/modules/schemahero_controller/schemahero-helm/values.schema.json
new file mode 100644
index 000000000..919af824e
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/values.schema.json
@@ -0,0 +1,58 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "$id": "https://github.com/schemahero/schemahero",
+  "title": "SchemaHero Helm chart values",
+
+  "definitions": {
+    "service": {
+      "type": "object", "title": "service settings",
+      "additionalProperties": false, "required": ["port"],
+      "properties": {
+        "port": {"type": "integer", "default": 443}
+      }
+    },
+    "podResources": {
+      "type": "object", "title": "pod resources",
+      "description": "See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
+      "additionalProperties": false,
+      "properties": {
+        "limits": {
+          "type": "object"
+        },
+        "requests": {
+          "type": "object"
+        }
+      }
+    },
+    "podAffinity": {
+      "type": "object", "title": "pod affinity", "default": {},
+      "description": "See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity"
+    },
+    "keyValue": {
+      "type": "object",
+      "additionalProperties": false, "required": ["name", "value"],
+      "properties": {
+        "name": { "type": "string"},
+        "value": {"type": "string"}
+      }
+    }
+  },
+
+  "type": "object", "additionalProperties": true,
+  "required": ["service", "resources"],
+  "properties": {
+    "service": {"$ref": "#/definitions/service"},
+    "extraArgs": {
+      "type": "array",  "title": "extra pod CLI arguments", "default": [],
+      "items": {"type": "string"},
+      "examples": "- --log-level\n- debug", "comment": "some comment"
+    },
+    "extraEnv": {
+      "type": "array", "title": "extra pod env variables", "default": [],
+      "items": {"$ref": "#/definitions/keyValue"},
+      "example": "- name: SOME_ENV\n  value: SOME_ENV_VAL"
+    },
+    "resources": {"$ref": "#/definitions/podResources"},
+    "affinity": {"$ref": "#/definitions/podAffinity"}
+  }
+}
diff --git a/modules/schemahero_controller/schemahero-helm/values.yaml b/modules/schemahero_controller/schemahero-helm/values.yaml
new file mode 100644
index 000000000..6466d10ae
--- /dev/null
+++ b/modules/schemahero_controller/schemahero-helm/values.yaml
@@ -0,0 +1,35 @@
+service:
+  port: 443
+
+extraArgs: []
+
+# name-value pairs, see https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/
+extraEnv: []
+
+# See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers
+resources:
+  limits:
+    cpu: "1"
+    memory: 150Mi
+  requests:
+    cpu: 100m
+    memory: 50Mi
+
+# See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
+affinity: {}
+  # nodeAffinity:
+  #   requiredDuringSchedulingIgnoredDuringExecution:
+  #     nodeSelectorTerms:
+  #       - matchExpressions:
+  #           - key: kubernetes.io/os
+  #             operator: In
+  #             values:
+  #               - linux
+  #           - key: kubernetes.io/arch
+  #             operator: In
+  #             values:
+  #               - amd64
+schemahero:
+  image: facetscloud/schemahero-manager:latest
+tolerations: []
+nodeSelector: {}
diff --git a/modules/schemahero_controller/variables.tf b/modules/schemahero_controller/variables.tf
new file mode 100644
index 000000000..45958757d
--- /dev/null
+++ b/modules/schemahero_controller/variables.tf
@@ -0,0 +1,22 @@
+
+
+variable "instance" {
+  type = any
+}
+
+
+variable "instance_name" {
+  type    = string
+  default = "test_instance"
+}
+
+variable "environment" {
+  type = any
+  default = {
+    namespace = "default"
+  }
+}
+
+variable "inputs" {
+  type = any
+}
\ No newline at end of file
diff --git a/modules/schemahero_database/k8s/0.1/facets.yaml b/modules/schemahero_database/k8s/0.1/facets.yaml
index 3230380dc..dd340ca0a 100644
--- a/modules/schemahero_database/k8s/0.1/facets.yaml
+++ b/modules/schemahero_database/k8s/0.1/facets.yaml
@@ -1,19 +1,76 @@
-intent: schemahero_database
-flavor: k8s
-version: '0.1'
-description: Adds schemahero_database - k8s flavor
+intent: schemahero-controller
+flavor: default
+version: "0.1"
+description: "Deploys SchemaHero controller for automated database schema management in Kubernetes environments"
+lifecycle: ENVIRONMENT_BOOTSTRAP
 clouds:
-- aws
-- gcp
-- azure
-- kubernetes
+  - kubernetes
+conditional_on_intent: schemahero_database
+input_type: config
+
+spec:
+  type: object
+  properties:
+    size:
+      type: object
+      title: Resource Configuration
+      description: CPU and memory resource limits for the schemahero controller
+      properties:
+        cpu:
+          type: string
+          title: CPU Limit
+          description: CPU resource limit for the schemahero controller
+          default: "100m"
+          pattern: "^[0-9]+[m]?$"
+        memory:
+          type: string
+          title: Memory Limit
+          description: Memory resource limit for the schemahero controller
+          default: "150Mi"
+          pattern: "^[0-9]+[KMGT]?[i]?[Bb]?$"
+      default:
+        cpu: "100m"
+        memory: "150Mi"
+    advanced:
+      type: object
+      title: Advanced Configuration
+      description: Advanced Helm values and configuration options
+      x-ui-toggle: true
+      properties:
+        default:
+          type: object
+          title: Custom Helm Values
+          description: Additional Helm values to override defaults
+          properties:
+            values:
+              type: object
+              title: Helm Values
+              description: Custom Helm values in YAML format
+              x-ui-yaml-editor: true
+              default: {}
+          default:
+            values: {}
+      default:
+        default:
+          values: {}
+  required: []
+
+inputs:
+  kubernetes_details:
+    type: "@outputs/kubernetes-cluster-details"
+    optional: false
+    displayName: "Kubernetes Cluster Details"
+    description: "Kubernetes cluster configuration and provider access"
+    providers:
+      - kubernetes
+      - helm
+
+outputs:
+  default:
+    type: "@outputs/schemahero-controller"
+    title: "SchemaHero Controller Installation"
+
 sample:
-  $schema: https://facets-cloud.github.io/facets-schemas/schemas/schemahero_database/schemahero_database.schema.json
-  flavor: k8s
-  kind: schemahero_database
-  metadata: {}
-  spec:
-    connection: postgres
-    uri: postgresql://postgres:test12345@schemahero-postgres-postgresql.default.svc.cluster.local:5432/schemahero
-  version: '0.1'
-  disabled: true
+  size:
+    cpu: "100m"
+    memory: "150Mi"
\ No newline at end of file
diff --git a/modules/schemahero_database/k8s/0.1/main.tf b/modules/schemahero_database/k8s/0.1/main.tf
new file mode 100644
index 000000000..9e25a5732
--- /dev/null
+++ b/modules/schemahero_database/k8s/0.1/main.tf
@@ -0,0 +1,49 @@
+locals {
+  advanced           = lookup(var.instance, "advanced", {})
+  schemaHeroDatabase = lookup(local.advanced, "default", {})
+  spec               = lookup(var.instance, "spec", {})
+  manifest = {
+    apiVersion = "databases.schemahero.io/v1alpha4"
+    kind       = "Database"
+    metadata = {
+      name      = var.instance_name
+      namespace = "facets"
+    }
+    spec = merge({
+      schemahero = {
+        tolerations  = concat(var.environment.default_tolerations, var.inputs.kubernetes_details.attributes.legacy_outputs.facets_dedicated_tolerations)
+        nodeSelector = var.inputs.kubernetes_details.attributes.legacy_outputs.facets_dedicated_node_selectors
+        image        = "facetscloud/schemahero-manager:latest"
+      }
+      connection = {
+        "${local.spec.connection}" = {
+          uri = {
+            value = local.spec.uri
+          }
+        }
+      }
+      template = {
+        metadata = {
+          namespace = "facets"
+          labels = {
+            "meta.helm.sh/release-name"      = "${var.instance_name}-schemahero-database"
+            "meta.helm.sh/release-namespace" = "facets"
+          }
+        }
+      }
+    }, local.schemaHeroDatabase)
+  }
+}
+
+resource "helm_release" "schemahero-database" {
+  repository = "https://kiwigrid.github.io"
+  chart      = "any-resource"
+  name       = "schemahero-database-${var.instance_name}"
+  namespace  = "facets"
+  version    = "0.1.0"
+  set {
+    name  = "anyResources.schemaheroDatabase"
+    value = yamlencode(local.manifest)
+  }
+  recreate_pods = true
+}
\ No newline at end of file
diff --git a/modules/schemahero_database/k8s/0.1/module.json b/modules/schemahero_database/k8s/0.1/module.json
new file mode 100644
index 000000000..921862b00
--- /dev/null
+++ b/modules/schemahero_database/k8s/0.1/module.json
@@ -0,0 +1,21 @@
+{
+    "provides": "schemahero_database",
+    "flavors": [
+        "default",
+        "k8s"
+    ],
+    "supported_clouds": [
+        "aws",
+        "gcp",
+        "azure",
+        "kubernetes"
+    ],
+    "inputs": {},
+    "lifecycle": "ENVIRONMENT",
+    "version": "0.1",
+    "depends_on": [
+        "module.schemahero"
+    ],
+    "input_type": "instance",
+    "composition": {}
+}
\ No newline at end of file
diff --git a/modules/schemahero_database/k8s/0.1/outputs.tf b/modules/schemahero_database/k8s/0.1/outputs.tf
new file mode 100644
index 000000000..400f82900
--- /dev/null
+++ b/modules/schemahero_database/k8s/0.1/outputs.tf
@@ -0,0 +1,8 @@
+locals {
+  output_attributes = {}
+  output_interfaces = {}
+}
+
+output "name" {
+  value = var.instance_name
+}
diff --git a/modules/schemahero_database/k8s/0.1/variables.tf b/modules/schemahero_database/k8s/0.1/variables.tf
new file mode 100644
index 000000000..45958757d
--- /dev/null
+++ b/modules/schemahero_database/k8s/0.1/variables.tf
@@ -0,0 +1,22 @@
+
+
+variable "instance" {
+  type = any
+}
+
+
+variable "instance_name" {
+  type    = string
+  default = "test_instance"
+}
+
+variable "environment" {
+  type = any
+  default = {
+    namespace = "default"
+  }
+}
+
+variable "inputs" {
+  type = any
+}
\ No newline at end of file
diff --git a/modules/schemahero_table/k8s/0.1/facets.yaml b/modules/schemahero_table/k8s/0.1/facets.yaml
index 04c4c5e86..e896d73b7 100644
--- a/modules/schemahero_table/k8s/0.1/facets.yaml
+++ b/modules/schemahero_table/k8s/0.1/facets.yaml
@@ -1,15 +1,101 @@
 intent: schemahero_table
-flavor: k8s
+flavor: test-schema
 version: '0.1'
-description: Adds schemahero_table - k8s flavor
+description: Creates a SchemaHero Table resource to manage database table schemas
+  in Kubernetes using the SchemaHero operator
 clouds:
 - aws
 - gcp
 - azure
 - kubernetes
+inputs:
+  kubernetes_details:
+    optional: false
+    type: '@outputs/kubernetes'
+    default:
+      resource_type: kubernetes_cluster
+      resource_name: default
+spec:
+  type: object
+  properties:
+    database:
+      type: string
+      title: Database Name
+      description: The name of the database where the table will be created
+      default: schemahero
+    connection:
+      type: string
+      title: Database Connection Type
+      description: The type of database connection
+      enum:
+      - mysql
+      - postgres
+      - postgresql
+      default: mysql
+    primary_key:
+      type: object
+      title: Primary Key Columns
+      description: Definition of primary key columns
+      x-ui-yaml-editor: true
+    columns:
+      type: object
+      title: Table Columns
+      description: Definition of table columns with their properties
+      patternProperties:
+        ^[0-9]+$:
+          type: object
+          properties:
+            name:
+              type: string
+              title: Column Name
+              description: The name of the column
+            type:
+              type: string
+              title: Column Type
+              description: The data type of the column (e.g., varchar(100), int, char(4))
+            default:
+              type: string
+              title: Default Value
+              description: Default value for the column
+            constraints:
+              type: object
+              title: Column Constraints
+              description: Constraints for the column (e.g., NOT NULL, UNIQUE)
+              x-ui-yaml-editor: true
+            attributes:
+              type: object
+              title: Column Attributes
+              description: Additional attributes for the column (MySQL specific)
+              x-ui-yaml-editor: true
+          required:
+          - name
+          - type
+    indexes:
+      type: object
+      title: Table Indexes
+      description: Index definitions for the table
+      x-ui-yaml-editor: true
+    foreign_keys:
+      type: object
+      title: Foreign Key Constraints
+      description: Foreign key constraint definitions
+      x-ui-yaml-editor: true
+  required:
+  - database
+  - connection
+  - primary_key
+  - columns
+advanced:
+  type: object
+  properties:
+    default:
+      type: object
+      title: Additional SchemaHero Table Configuration
+      description: Additional configuration options for the SchemaHero Table resource
+      x-ui-yaml-editor: true
 sample:
   $schema: https://facets-cloud.github.io/facets-schemas/schemas/schemahero_table/schemahero_table.schema.json
-  flavor: k8s
+  flavor: test-schema
   kind: schemahero_table
   version: '0.1'
   disabled: true
diff --git a/modules/schemahero_table/k8s/0.1/main.tf b/modules/schemahero_table/k8s/0.1/main.tf
new file mode 100644
index 000000000..737d65ac0
--- /dev/null
+++ b/modules/schemahero_table/k8s/0.1/main.tf
@@ -0,0 +1,67 @@
+locals {
+  spec          = lookup(var.instance, "spec", {})
+  advanced      = lookup(var.instance, "advanced", {})
+  instance_name = lookup(lookup(var.instance, "metadata", {}), "name", null) == null ? var.instance_name : lookup(lookup(var.instance, "metadata", {}), "name", null)
+  columns = local.spec.connection == "mysql" ? jsonencode([for v in local.spec.columns :
+    merge({
+      name        = v.name
+      type        = v.type
+      constraints = lookup(v, "constraints", {})
+      attributes  = lookup(v, "attributes", {})
+    }, lookup(v, "default", "") != "" ? { default = v.default } : {})
+    ]) : jsonencode([for v in local.spec.columns :
+    merge({
+      name        = v.name
+      type        = v.type
+      constraints = lookup(v, "constraints", {})
+    }, lookup(v, "default", "") != "" ? { default = v.default } : {})
+  ])
+  index = [for v in lookup(local.spec, "indexes", {}) :
+    {
+      columns  = v.columns
+      name     = v.name
+      isUnique = v.is_unique
+    }
+  ]
+  foreign_keys = [for k, v in lookup(local.spec, "foreign_keys", {}) :
+    {
+      columns    = v.columns
+      references = v.references
+      name       = k
+      onDelete   = v.onDelete
+    }
+  ]
+  schemaHeroTable = lookup(local.advanced, "default", {})
+  manifest = {
+    apiVersion = "schemas.schemahero.io/v1alpha4"
+    kind       = "Table"
+    metadata = {
+      name      = local.instance_name
+      namespace = "facets"
+    }
+    spec = merge({
+      database = local.spec.database
+      name     = local.instance_name
+      schema = {
+        "${local.spec.connection}" = {
+          primaryKey  = local.spec.primary_key
+          columns     = jsondecode(local.columns)
+          foreignKeys = local.foreign_keys
+          indexes     = local.index
+        }
+      }
+    }, local.schemaHeroTable)
+  }
+}
+
+resource "helm_release" "schemahero-table" {
+  repository = "https://kiwigrid.github.io"
+  chart      = "any-resource"
+  name       = "schemahero-table-${local.instance_name}"
+  namespace  = "facets"
+  version    = "0.1.0"
+  set {
+    name  = "anyResources.schemaheroTable"
+    value = yamlencode(local.manifest)
+  }
+}
\ No newline at end of file
diff --git a/modules/schemahero_table/k8s/0.1/outputs.tf b/modules/schemahero_table/k8s/0.1/outputs.tf
new file mode 100644
index 000000000..ba26978a3
--- /dev/null
+++ b/modules/schemahero_table/k8s/0.1/outputs.tf
@@ -0,0 +1,4 @@
+locals {
+  output_attributes = {}
+  output_interfaces = {}
+}
diff --git a/modules/schemahero_table/k8s/0.1/variables.tf b/modules/schemahero_table/k8s/0.1/variables.tf
new file mode 100644
index 000000000..a583a47d2
--- /dev/null
+++ b/modules/schemahero_table/k8s/0.1/variables.tf
@@ -0,0 +1,20 @@
+variable "instance" {
+  type = any
+}
+
+
+variable "instance_name" {
+  type    = string
+  default = "test_instance"
+}
+
+variable "environment" {
+  type = any
+  default = {
+    namespace = "default"
+  }
+}
+
+variable "inputs" {
+  type = any
+}
\ No newline at end of file
diff --git a/modules/status_check/default/0.1/facets.yaml b/modules/status_check/default/0.1/facets.yaml
index 2a94f47e3..fa85dfe8d 100644
--- a/modules/status_check/default/0.1/facets.yaml
+++ b/modules/status_check/default/0.1/facets.yaml
@@ -7,32 +7,155 @@ clouds:
 - gcp
 - azure
 - kubernetes
+spec:
+  type: object
+  properties:
+    http:
+      type: object
+      title: HTTP Health Checks
+      description: Configure HTTP endpoint health checks
+      x-ui-toggle: true
+      patternProperties:
+        ^[a-zA-Z0-9_-]+$:
+          type: object
+          properties:
+            url:
+              type: string
+              title: URL
+              description: The HTTP endpoint URL to check
+              pattern: ^https?://.+
+            method:
+              type: string
+              title: HTTP Method
+              description: The HTTP method to use
+              enum:
+              - GET
+              - POST
+              - PUT
+              - DELETE
+              - HEAD
+              default: GET
+            expected_status_code:
+              type: string
+              title: Expected Status Code
+              description: Expected HTTP status code or range (e.g., 200, 200-299)
+              default: 200-299
+            count:
+              type: string
+              title: Check Count
+              description: Number of checks to perform
+              default: '10'
+            seconds:
+              type: string
+              title: Check Interval
+              description: Interval between checks in seconds
+              default: '1'
+            passing_percent:
+              type: string
+              title: Passing Percentage
+              description: Percentage of checks that must pass
+              default: '100'
+            body:
+              type: string
+              title: Request Body
+              description: Optional request body for POST/PUT requests
+            expected_response:
+              type: string
+              title: Expected Response
+              description: Expected response content
+            disabled:
+              type: boolean
+              title: Disabled
+              description: Disable this health check
+              default: false
+          required:
+          - url
+    mongo:
+      type: object
+      title: MongoDB Health Checks
+      description: Configure MongoDB connection health checks
+      x-ui-toggle: true
+      patternProperties:
+        ^[a-zA-Z0-9_-]+$:
+          type: object
+          properties:
+            url:
+              type: string
+              title: MongoDB URL
+              description: MongoDB connection URL
+              pattern: ^mongodb://.+
+            disabled:
+              type: boolean
+              title: Disabled
+              description: Disable this health check
+              default: false
+          required:
+          - url
+    redis:
+      type: object
+      title: Redis Health Checks
+      description: Configure Redis connection health checks
+      x-ui-toggle: true
+      patternProperties:
+        ^[a-zA-Z0-9_-]+$:
+          type: object
+          properties:
+            url:
+              type: string
+              title: Redis URL
+              description: Redis connection URL
+              pattern: ^redis://.+
+            disabled:
+              type: boolean
+              title: Disabled
+              description: Disable this health check
+              default: false
+          required:
+          - url
+    tcp:
+      type: object
+      title: TCP Health Checks
+      description: Configure TCP connection health checks
+      x-ui-toggle: true
+      patternProperties:
+        ^[a-zA-Z0-9_-]+$:
+          type: object
+          properties:
+            url:
+              type: string
+              title: TCP Endpoint
+              description: TCP endpoint to check (host:port)
+              pattern: ^[^:]+:[0-9]+$
+            disabled:
+              type: boolean
+              title: Disabled
+              description: Disable this health check
+              default: false
+          required:
+          - url
 sample:
   $schema: https://facets-cloud.github.io/facets-schemas/schemas/status_check/status_check.schema.json
   kind: status_check
   flavor: default
   version: '0.1'
-  disabled: true
+  disabled: false
   metadata: {}
   spec:
     http:
-      http-check:
-        url: https://www.google.com
+      example-api:
+        url: https://api.example.com/health
         method: GET
         expected_status_code: '200'
         disabled: false
     mongo:
-      mongo-check:
-        disabled: false
+      database-check:
         url: mongodb://localhost:27017
-      mongo-check2:
         disabled: false
-        url: mongodb://localhost:27017
     redis:
-      redis-check:
-        disabled: false
+      cache-check:
         url: redis://localhost:6379
+        disabled: false
     tcp:
-      tcp-check:
+      service-check:
+        url: example.com:443
         disabled: false
-        url: google.com:443
diff --git a/modules/status_check/default/0.1/locals.tf b/modules/status_check/default/0.1/locals.tf
new file mode 100644
index 000000000..a35acd728
--- /dev/null
+++ b/modules/status_check/default/0.1/locals.tf
@@ -0,0 +1,14 @@
+# Define your locals here
+locals {
+  advanced_config = lookup(lookup(var.instance, "advanced", {}), "status_check", {})
+  metadata        = lookup(var.instance, "metadata", {})
+  namespace       = lookup(local.metadata, "namespace", var.environment.namespace)
+  spec            = lookup(var.instance, "spec", {})
+  resource_name   = lookup(local.metadata, "name", lower(var.instance_name))
+  processed_names = {
+    for key, value in local.spec : key => {
+      for k, v in value : lower("${var.instance_name}-${key}-${k}") => merge({ check_type = key }, v) if !lookup(v, "disabled", false)
+    } if !lookup(value, "disabled", false)
+  }
+  # checks = merge(values(local.processed_names)...)
+}
diff --git a/modules/status_check/default/0.1/main.tf b/modules/status_check/default/0.1/main.tf
new file mode 100644
index 000000000..73c8f7bfd
--- /dev/null
+++ b/modules/status_check/default/0.1/main.tf
@@ -0,0 +1,114 @@
+# Define your terraform resources here
+
+module "uptime_http_checks" {
+  for_each        = lookup(local.processed_names, "http", {})
+  source          = "github.com/Facets-cloud/facets-utility-modules//any-k8s-resource"
+  name            = lower("${each.key}")
+  namespace       = local.namespace
+  advanced_config = lookup(local.advanced_config, "values", {})
+  data = {
+
+    apiVersion = "uptime.facets.cloud/v1alpha1"
+    kind       = "HttpCheck"
+    metadata = {
+      name      = lower("${each.key}")
+      namespace = local.namespace
+      labels = merge(lookup(local.metadata, "labels", {}), {
+        resourceType = "status_check"
+      })
+      annotations = lookup(local.metadata, "annotations", {})
+    }
+    spec = {
+      runInterval        = lookup(local.advanced_config, "run_interval", "5m")
+      timeout            = lookup(local.advanced_config, "timeout", "10m")
+      count              = lookup(each.value, "count", "10")
+      seconds            = lookup(each.value, "seconds", "1")
+      passingPercent     = lookup(each.value, "passing_percent", "100")
+      requestBody        = lookup(each.value, "body", "100")
+      expectedResponse   = lookup(each.value, "expected_response", null)
+      url                = lookup(each.value, "url", "")
+      expectedStatusCode = lookup(each.value, "expected_status_code", "200-299")
+      requestType        = upper(lookup(each.value, "method", "GET"))
+    }
+  }
+}
+
+module "uptime_mongo_checks" {
+  for_each        = lookup(local.processed_names, "mongo", {})
+  source          = "github.com/Facets-cloud/facets-utility-modules//any-k8s-resource"
+  name            = lower("${each.key}")
+  namespace       = local.namespace
+  advanced_config = lookup(local.advanced_config, "values", {})
+  data = {
+
+    apiVersion = "uptime.facets.cloud/v1alpha1"
+    kind       = "MongoCheck"
+    metadata = {
+      name      = lower("${each.key}")
+      namespace = local.namespace
+      labels = merge(lookup(local.metadata, "labels", {}), {
+        resourceType = "status_check"
+      })
+      annotations = lookup(local.metadata, "annotations", {})
+    }
+    spec = {
+      runInterval = lookup(local.advanced_config, "run_interval", "5m")
+      timeout     = lookup(local.advanced_config, "timeout", "10m")
+      url         = lookup(each.value, "url", "")
+    }
+  }
+}
+
+module "uptime_redis_checks" {
+  for_each        = lookup(local.processed_names, "redis", {})
+  source          = "github.com/Facets-cloud/facets-utility-modules//any-k8s-resource"
+  name            = lower("${each.key}")
+  namespace       = local.namespace
+  advanced_config = lookup(local.advanced_config, "values", {})
+  data = {
+
+    apiVersion = "uptime.facets.cloud/v1alpha1"
+    kind       = "RedisCheck"
+    metadata = {
+      name      = lower("${each.key}")
+      namespace = local.namespace
+      labels = merge(lookup(local.metadata, "labels", {}), {
+        resourceType = "status_check"
+      })
+      annotations = lookup(local.metadata, "annotations", {})
+    }
+    spec = {
+      runInterval = lookup(local.advanced_config, "run_interval", "5m")
+      timeout     = lookup(local.advanced_config, "timeout", "10m")
+      url         = lookup(each.value, "url", "")
+    }
+  }
+}
+
+module "uptime_tcp_checks" {
+  for_each        = lookup(local.processed_names, "tcp", {})
+  source          = "github.com/Facets-cloud/facets-utility-modules//any-k8s-resource"
+  name            = lower("${each.key}")
+  namespace       = local.namespace
+  advanced_config = lookup(local.advanced_config, "values", {})
+  data = {
+
+    apiVersion = "uptime.facets.cloud/v1alpha1"
+    kind       = "TcpCheck"
+    metadata = {
+      name      = lower("${each.key}")
+      namespace = local.namespace
+      labels = merge(lookup(local.metadata, "labels", {}), {
+        resourceType = "status_check"
+      })
+      annotations = lookup(local.metadata, "annotations", {})
+    }
+    spec = {
+      runInterval = lookup(local.advanced_config, "run_interval", "5m")
+      timeout     = lookup(local.advanced_config, "timeout", "10m")
+      url         = lookup(each.value, "url", "")
+    }
+  }
+}
+
+
diff --git a/modules/status_check/default/0.1/outputs.tf b/modules/status_check/default/0.1/outputs.tf
new file mode 100644
index 000000000..9bad0685c
--- /dev/null
+++ b/modules/status_check/default/0.1/outputs.tf
@@ -0,0 +1,5 @@
+# Define your outputs here
+locals {
+  output_interfaces = {}
+  output_attributes = {}
+}
diff --git a/modules/status_check/default/0.1/variables.tf b/modules/status_check/default/0.1/variables.tf
new file mode 100644
index 000000000..18e7b65e8
--- /dev/null
+++ b/modules/status_check/default/0.1/variables.tf
@@ -0,0 +1,23 @@
+
+
+variable "instance" {
+  type    = any
+  default = {}
+}
+
+variable "instance_name" {
+  type    = string
+  default = "test_instance"
+}
+
+
+variable "environment" {
+  type = any
+  default = {
+    namespace = "default"
+  }
+}
+
+variable "inputs" {
+  type = any
+}
\ No newline at end of file