terraform {
  required_version = ">= 1.5.0"

  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.30"
    }
 
  }

  backend "s3" {
    bucket         = "shieldai-terraform-state"
    key            = "global/terraform.tfstate"
    region         = "us-east-1"
    encrypt        = true
    dynamodb_table = "shieldai-terraform-locks"
  }
}

provider "aws" {
  region = var.aws_region

  default_tags {
    tags = {
      Project    = "ShieldAI"
      ManagedBy  = "terraform"
      Environment = var.environment
    }
  }
}

module "vpc" {
  source = "./modules/vpc"

  environment  = var.environment
  vpc_cidr     = var.vpc_cidr
  az_count     = var.az_count
  project_name = var.project_name
  kms_key_arn  = module.ecs.kms_key_arn
}

module "ecs" {
  source = "./modules/ecs"

  environment           = var.environment
  cluster_name          = "${var.project_name}-${var.environment}"
  vpc_id                = module.vpc.vpc_id
  subnet_ids            = module.vpc.private_subnet_ids
  public_subnet_ids     = module.vpc.public_subnet_ids
  security_group_ids    = [module.vpc.ecs_security_group_id]
  alb_security_group_id = module.vpc.alb_security_group_id
  services              = var.services
  container_images      = var.container_images
  secrets_arn           = module.secrets.secrets_manager_arn
  cache_cluster_arn     = module.elasticache.replication_group_arn
  domain_name           = var.domain_name
}

module "rds" {
  source = "./modules/rds"

  environment      = var.environment
  vpc_id           = module.vpc.vpc_id
  subnet_ids       = module.vpc.private_subnet_ids
  security_group_id = module.vpc.rds_security_group_id
  db_name          = var.db_name
  db_instance_class = var.db_instance_class
  multi_az         = var.db_multi_az
  backup_retention  = var.db_backup_retention
  project_name     = var.project_name
}

module "elasticache" {
  source = "./modules/elasticache"

  environment       = var.environment
  vpc_id            = module.vpc.vpc_id
  subnet_ids        = module.vpc.private_subnet_ids
  security_group_id = module.vpc.elasticache_security_group_id
  node_type         = var.elasticache_node_type
  num_nodes         = var.elasticache_num_nodes
  project_name      = var.project_name
}

module "s3" {
  source = "./modules/s3"

  environment  = var.environment
  project_name = var.project_name
}

module "secrets" {
  source = "./modules/secrets"

  environment          = var.environment
  project_name         = var.project_name
  rds_endpoint         = module.rds.db_endpoint
  db_password          = module.rds.db_password
  elasticache_endpoint = module.elasticache.cache_endpoint
  redis_auth_token     = module.elasticache.auth_token
  secrets              = var.secrets
}

module "cloudwatch" {
  source = "./modules/cloudwatch"

  environment    = var.environment
  cluster_name   = "${var.project_name}-${var.environment}"
  project_name   = var.project_name
  rds_identifier = module.rds.db_instance_identifier
  cache_endpoint = module.elasticache.cache_endpoint
}