Add Terraform-based AWS deployment path for Apollo#1032
Draft
cdoten wants to merge 13 commits intonditech:developfrom
Draft
Add Terraform-based AWS deployment path for Apollo#1032cdoten wants to merge 13 commits intonditech:developfrom
cdoten wants to merge 13 commits intonditech:developfrom
Conversation
Set up Terraform under infra/terraform and a bootstrap stack under infra/bootstrap for remote state. Create S3-backed remote state with versioning, encryption, and locking, and add the Apollo attachments bucket with encryption, versioning, and blocked public access. Build the initial AWS network foundation with a VPC, public/private subnets across two AZs, an internet gateway, and public routing. Add security groups for the ALB, web, worker, RDS, and Redis tiers with explicit SG-to-SG traffic rules. Provision a private RDS PostgreSQL instance and DB subnet group, and add an infra README documenting the current architecture and design goal of keeping the stack inexpensive but stable.
…ed the readme to match.
- add ECR repository management to Terraform - add ECS cluster and task/task-execution IAM roles - add Secrets Manager secrets for app runtime - add CloudWatch log groups for migration, web, and worker - add ECS task definitions for migration, web, and worker - add ALB, target group, listeners, and ECS services for web/worker - expand variables and outputs for runtime and public hostname configuration
…plitting deployment and foundational elements from variables and outputs.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds a Terraform-based AWS deployment path for Apollo.
It introduces:
infra/bootstrap/for Terraform remote-state bootstrapinfra/terraform/for the main Apollo infrastructure stackinfra/scripts/for repeatable helper workflowsinfra/The stack provides an end-to-end AWS path for running Apollo in ECS behind an ALB, with PostgreSQL, Redis, and S3-backed attachments.
What this infrastructure provisions
Notes
This is intended as an additional deployment path for Apollo.
The current implementation reflects practical bring-up tradeoffs, including ECS tasks currently running in public subnets and Apollo’s current reliance on explicit AWS credentials for S3 attachment initialization.
Validation completed
ECS migration task ran successfully
web app loaded successfully
login worked
initial admin setup was completed
Adding .claude to .gitignore
Add initial Terraform setup and S3 attachments bucket
Created AWS terraform state bucket and repointed state info there
Add initial Terraform AWS infrastructure for Apollo
Further terraform implementation, including initial Redis work. Updated the readme to match.
Add ECS runtime infrastructure for Apollo deployment
Ongoing major changes to Apollo Terraform scripts. However, this all appears to work
Refactoring Terraform config files to make it more clear, including splitting deployment and foundational elements from variables and outputs.
Updated readme with current status
Creating test setup fixtures to get the system running.
Adding local config file examples
Looks like modern apollo doesn't need settings.ini
Updating terraform.tfvars example with current requirements