Michael Freno
7b925c89bd
- P2: Replace wget with curl for ECS health check (Alpine lacks wget) - P2: Add AWS credentials step to CI terraform-plan job for S3 backend auth - P3: Remove unused GitHub provider from infra/main.tf Co-Authored-By: Paperclip <noreply@paperclip.ing>
123 lines
2.4 KiB
HCL
123 lines
2.4 KiB
HCL
variable "aws_region" {
|
|
description = "AWS region"
|
|
type = string
|
|
default = "us-east-1"
|
|
}
|
|
|
|
variable "environment" {
|
|
description = "Deployment environment"
|
|
type = string
|
|
validation {
|
|
condition = contains(["dev", "staging", "production"], var.environment)
|
|
error_message = "Environment must be one of: dev, staging, production."
|
|
}
|
|
}
|
|
|
|
variable "project_name" {
|
|
description = "Project name for resource naming"
|
|
type = string
|
|
default = "shieldai"
|
|
}
|
|
|
|
variable "vpc_cidr" {
|
|
description = "CIDR block for VPC"
|
|
type = string
|
|
default = "10.0.0.0/16"
|
|
}
|
|
|
|
variable "az_count" {
|
|
description = "Number of availability zones"
|
|
type = number
|
|
default = 2
|
|
}
|
|
|
|
variable "db_name" {
|
|
description = "RDS database name"
|
|
type = string
|
|
default = "shieldai"
|
|
}
|
|
|
|
variable "db_instance_class" {
|
|
description = "RDS instance class"
|
|
type = string
|
|
default = "db.t3.medium"
|
|
}
|
|
|
|
variable "db_multi_az" {
|
|
description = "Enable Multi-AZ deployment"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "db_backup_retention" {
|
|
description = "RDS backup retention period in days"
|
|
type = number
|
|
default = 7
|
|
}
|
|
|
|
variable "elasticache_node_type" {
|
|
description = "ElastiCache node type"
|
|
type = string
|
|
default = "cache.t3.medium"
|
|
}
|
|
|
|
variable "elasticache_num_nodes" {
|
|
description = "Number of ElastiCache nodes"
|
|
type = number
|
|
default = 2
|
|
}
|
|
|
|
variable "services" {
|
|
description = "ECS services to deploy"
|
|
type = map(object({
|
|
cpu = number
|
|
memory = number
|
|
port = number
|
|
}))
|
|
default = {
|
|
api = {
|
|
cpu = 512
|
|
memory = 1024
|
|
port = 3000
|
|
}
|
|
darkwatch = {
|
|
cpu = 256
|
|
memory = 512
|
|
port = 3001
|
|
}
|
|
spamshield = {
|
|
cpu = 256
|
|
memory = 512
|
|
port = 3002
|
|
}
|
|
voiceprint = {
|
|
cpu = 512
|
|
memory = 1024
|
|
port = 3003
|
|
}
|
|
}
|
|
}
|
|
|
|
variable "container_images" {
|
|
description = "Container image tags per service"
|
|
type = map(string)
|
|
default = {
|
|
api = "latest"
|
|
darkwatch = "latest"
|
|
spamshield = "latest"
|
|
voiceprint = "latest"
|
|
}
|
|
}
|
|
|
|
variable "secrets" {
|
|
description = "Secrets to store in AWS Secrets Manager"
|
|
type = map(string)
|
|
default = {}
|
|
}
|
|
|
|
variable "domain_name" {
|
|
description = "Route53 hosted zone domain for ACM cert validation"
|
|
type = string
|
|
default = "shieldai.app"
|
|
}
|