a0799c0647
- Terraform modules: VPC, ECS Fargate, RDS PostgreSQL, ElastiCache Redis, S3, Secrets Manager, CloudWatch - Multi-environment support: staging and production configs - ECS auto-scaling: CPU-based scaling with configurable min/max - CI/CD: pnpm caching, Docker Buildx, Trivy security scanning, Terraform plan on PR - Deploy: ECS service updates with automatic rollback on health check failure - Backup: automated RDS snapshots, S3 versioning, ElastiCache snapshots - Monitoring: CloudWatch dashboards, CPU/memory/5xx alarms - Rollback script for manual service rollback - Infrastructure documentation with architecture overview
58 lines
1.2 KiB
HCL
58 lines
1.2 KiB
HCL
terraform {
|
|
backend "s3" {
|
|
bucket = "shieldai-production-terraform-state"
|
|
key = "production/terraform.tfstate"
|
|
region = "us-east-1"
|
|
encrypt = true
|
|
dynamodb_table = "shieldai-terraform-locks"
|
|
}
|
|
}
|
|
|
|
module "shieldai" {
|
|
source = "../.."
|
|
|
|
environment = "production"
|
|
aws_region = "us-east-1"
|
|
project_name = "shieldai"
|
|
vpc_cidr = "10.1.0.0/16"
|
|
az_count = 3
|
|
|
|
db_instance_class = "db.r6g.large"
|
|
db_multi_az = true
|
|
db_backup_retention = 14
|
|
|
|
elasticache_node_type = "cache.r6g.large"
|
|
elasticache_num_nodes = 3
|
|
|
|
secrets = {
|
|
HIBP_API_KEY = var.hibp_api_key
|
|
RESEND_API_KEY = var.resend_api_key
|
|
SENTRY_DSN = var.sentry_dsn
|
|
DATADOG_API_KEY = var.datadog_api_key
|
|
}
|
|
}
|
|
|
|
variable "hibp_api_key" {
|
|
description = "Have I Been Pwned API key"
|
|
type = string
|
|
sensitive = true
|
|
}
|
|
|
|
variable "resend_api_key" {
|
|
description = "Resend API key"
|
|
type = string
|
|
sensitive = true
|
|
}
|
|
|
|
variable "sentry_dsn" {
|
|
description = "Sentry DSN"
|
|
type = string
|
|
sensitive = true
|
|
}
|
|
|
|
variable "datadog_api_key" {
|
|
description = "Datadog API key"
|
|
type = string
|
|
sensitive = true
|
|
}
|