Create infrastructure as code for bank application that consists of the frontend, backend, Vault, DB.
To create an infrastructure with Terraform I decided to use a Terraform modules structure.
Infrastructure consists of this modules:
- Networking;
- RDS;
- Vault;
- ECS;
- CodePipeline;
The first step is to create VPC.
Inside VPC I created subnetwork with route table and internet gateway.
Next, in VPC I created separate RDS instances for API and Vault services.
I created Vault instance with EC2 and in user data places script for installing and running Vault server with Supervisor process control system.
For ECS I defined:
- Container Instance IAM resources;
- ECS Service IAM permissions;
- Security group resources;
- AutoScaling resources;
- Cloudwatch Log Group;
- ECR repository to store Docker images;
- ECS cluster;
- ECS task definitions;
- App Load Balancer;
- IAM service roles;
- ECS service;
- Auto Scaling for ECS;
Security groups regulate access rights between resources.
The load balancer has several listeners and routes to manage traffic between services.
For Pipeline as code source decided to use S3 bucket, but it can be Git repository. The first step is to create the S3 bucket with proper policies. Then creating CodeBuild and CodePipeline projects for frontend and backend services. For triggering pipeline build, you must push zip file