a0799c0647
- Terraform modules: VPC, ECS Fargate, RDS PostgreSQL, ElastiCache Redis, S3, Secrets Manager, CloudWatch - Multi-environment support: staging and production configs - ECS auto-scaling: CPU-based scaling with configurable min/max - CI/CD: pnpm caching, Docker Buildx, Trivy security scanning, Terraform plan on PR - Deploy: ECS service updates with automatic rollback on health check failure - Backup: automated RDS snapshots, S3 versioning, ElastiCache snapshots - Monitoring: CloudWatch dashboards, CPU/memory/5xx alarms - Rollback script for manual service rollback - Infrastructure documentation with architecture overview
117 lines
2.3 KiB
HCL
117 lines
2.3 KiB
HCL
variable "aws_region" {
|
|
description = "AWS region"
|
|
type = string
|
|
default = "us-east-1"
|
|
}
|
|
|
|
variable "environment" {
|
|
description = "Deployment environment"
|
|
type = string
|
|
validation {
|
|
condition = contains(["dev", "staging", "production"], var.environment)
|
|
error_message = "Environment must be one of: dev, staging, production."
|
|
}
|
|
}
|
|
|
|
variable "project_name" {
|
|
description = "Project name for resource naming"
|
|
type = string
|
|
default = "shieldai"
|
|
}
|
|
|
|
variable "vpc_cidr" {
|
|
description = "CIDR block for VPC"
|
|
type = string
|
|
default = "10.0.0.0/16"
|
|
}
|
|
|
|
variable "az_count" {
|
|
description = "Number of availability zones"
|
|
type = number
|
|
default = 2
|
|
}
|
|
|
|
variable "db_name" {
|
|
description = "RDS database name"
|
|
type = string
|
|
default = "shieldai"
|
|
}
|
|
|
|
variable "db_instance_class" {
|
|
description = "RDS instance class"
|
|
type = string
|
|
default = "db.t3.medium"
|
|
}
|
|
|
|
variable "db_multi_az" {
|
|
description = "Enable Multi-AZ deployment"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "db_backup_retention" {
|
|
description = "RDS backup retention period in days"
|
|
type = number
|
|
default = 7
|
|
}
|
|
|
|
variable "elasticache_node_type" {
|
|
description = "ElastiCache node type"
|
|
type = string
|
|
default = "cache.t3.medium"
|
|
}
|
|
|
|
variable "elasticache_num_nodes" {
|
|
description = "Number of ElastiCache nodes"
|
|
type = number
|
|
default = 2
|
|
}
|
|
|
|
variable "services" {
|
|
description = "ECS services to deploy"
|
|
type = map(object({
|
|
cpu = number
|
|
memory = number
|
|
port = number
|
|
}))
|
|
default = {
|
|
api = {
|
|
cpu = 512
|
|
memory = 1024
|
|
port = 3000
|
|
}
|
|
darkwatch = {
|
|
cpu = 256
|
|
memory = 512
|
|
port = 3001
|
|
}
|
|
spamshield = {
|
|
cpu = 256
|
|
memory = 512
|
|
port = 3002
|
|
}
|
|
voiceprint = {
|
|
cpu = 512
|
|
memory = 1024
|
|
port = 3003
|
|
}
|
|
}
|
|
}
|
|
|
|
variable "container_images" {
|
|
description = "Container image tags per service"
|
|
type = map(string)
|
|
default = {
|
|
api = "latest"
|
|
darkwatch = "latest"
|
|
spamshield = "latest"
|
|
voiceprint = "latest"
|
|
}
|
|
}
|
|
|
|
variable "secrets" {
|
|
description = "Secrets to store in AWS Secrets Manager"
|
|
type = map(string)
|
|
default = {}
|
|
}
|