a0799c0647
- Terraform modules: VPC, ECS Fargate, RDS PostgreSQL, ElastiCache Redis, S3, Secrets Manager, CloudWatch - Multi-environment support: staging and production configs - ECS auto-scaling: CPU-based scaling with configurable min/max - CI/CD: pnpm caching, Docker Buildx, Trivy security scanning, Terraform plan on PR - Deploy: ECS service updates with automatic rollback on health check failure - Backup: automated RDS snapshots, S3 versioning, ElastiCache snapshots - Monitoring: CloudWatch dashboards, CPU/memory/5xx alarms - Rollback script for manual service rollback - Infrastructure documentation with architecture overview
81 lines
1.9 KiB
HCL
81 lines
1.9 KiB
HCL
variable "environment" {
|
|
description = "Deployment environment"
|
|
type = string
|
|
}
|
|
|
|
variable "vpc_id" {
|
|
description = "VPC ID"
|
|
type = string
|
|
}
|
|
|
|
variable "subnet_ids" {
|
|
description = "Private subnet IDs"
|
|
type = list(string)
|
|
}
|
|
|
|
variable "security_group_id" {
|
|
description = "ElastiCache security group ID"
|
|
type = string
|
|
}
|
|
|
|
variable "node_type" {
|
|
description = "Cache node type"
|
|
type = string
|
|
}
|
|
|
|
variable "num_nodes" {
|
|
description = "Number of cache nodes"
|
|
type = number
|
|
}
|
|
|
|
variable "project_name" {
|
|
description = "Project name"
|
|
type = string
|
|
}
|
|
|
|
resource "aws_elasticache_subnet_group" "main" {
|
|
name = "${var.project_name}-${var.environment}-redis-subnet"
|
|
subnet_ids = var.subnet_ids
|
|
|
|
tags = {
|
|
Name = "${var.project_name}-${var.environment}-redis-subnet"
|
|
}
|
|
}
|
|
|
|
resource "aws_elasticache_replication_group" "main" {
|
|
replication_group_id = "${var.project_name}-${var.environment}-redis"
|
|
description = "${var.project_name} Redis cluster (${var.environment})"
|
|
|
|
node_type = var.node_type
|
|
num_cache_clusters = var.num_nodes
|
|
engine = "redis"
|
|
engine_version = "7.0"
|
|
|
|
transit_encryption_enabled = true
|
|
at_rest_encryption_enabled = true
|
|
|
|
port = 6379
|
|
|
|
subnet_group_name = aws_elasticache_subnet_group.main.name
|
|
security_group_ids = [var.security_group_id]
|
|
|
|
automatic_failover_enabled = var.environment == "production"
|
|
|
|
snapshot_retention_limit = var.environment == "production" ? 7 : 1
|
|
snapshot_window = "03:00-04:00"
|
|
|
|
tags = {
|
|
Name = "${var.project_name}-${var.environment}-redis"
|
|
}
|
|
}
|
|
|
|
output "cache_endpoint" {
|
|
description = "ElastiCache primary endpoint"
|
|
value = aws_elasticache_replication_group.main.primary_endpoint_address
|
|
}
|
|
|
|
output "reader_endpoint" {
|
|
description = "ElastiCache reader endpoint"
|
|
value = aws_elasticache_replication_group.main.reader_endpoint_address
|
|
}
|