Michael Freno
4ddd24fd72
- ALB: deploy to public subnets instead of private (adds public_subnet_ids var) - ECS: fix launch_desired_count → launch_type = FARGATE - Secrets: accept actual RDS/ElastiCache endpoints from parent module - Deploy: fix circular dependency (needs.detect → steps.detect) - Health check: dynamic ALB DNS lookup via aws elbv2 CLI - Health check: exit 1 on failure so rollback triggers Co-Authored-By: Paperclip <noreply@paperclip.ing>
58 lines
1.4 KiB
HCL
58 lines
1.4 KiB
HCL
variable "environment" {
|
|
description = "Deployment environment"
|
|
type = string
|
|
}
|
|
|
|
variable "project_name" {
|
|
description = "Project name"
|
|
type = string
|
|
}
|
|
|
|
variable "rds_endpoint" {
|
|
description = "RDS instance endpoint"
|
|
type = string
|
|
}
|
|
|
|
variable "elasticache_endpoint" {
|
|
description = "ElastiCache primary endpoint"
|
|
type = string
|
|
}
|
|
|
|
variable "secrets" {
|
|
description = "Secrets to store"
|
|
type = map(string)
|
|
default = {}
|
|
}
|
|
|
|
resource "aws_secretsmanager_secret" "main" {
|
|
name = "${var.project_name}-${var.environment}-app-secrets"
|
|
|
|
description = "Application secrets for ${var.project_name} (${var.environment})"
|
|
|
|
tags = {
|
|
Name = "${var.project_name}-${var.environment}-app-secrets"
|
|
Environment = var.environment
|
|
}
|
|
}
|
|
|
|
resource "aws_secretsmanager_secret_version" "main" {
|
|
secret_id = aws_secretsmanager_secret.main.id
|
|
|
|
secret_string = jsonencode(merge({
|
|
DATABASE_URL = "postgresql://shieldai:${var.project_name}@${var.rds_endpoint}:5432/shieldai"
|
|
REDIS_URL = "redis://${var.elasticache_endpoint}:6379"
|
|
NODE_ENV = var.environment
|
|
LOG_LEVEL = var.environment == "production" ? "info" : "debug"
|
|
}, var.secrets))
|
|
}
|
|
|
|
output "secrets_manager_arn" {
|
|
description = "Secrets Manager ARN"
|
|
value = aws_secretsmanager_secret.main.arn
|
|
}
|
|
|
|
output "secrets_manager_name" {
|
|
description = "Secrets Manager secret name"
|
|
value = aws_secretsmanager_secret.main.name
|
|
}
|