Secure β’ Auto-Scaling β’ Well-Architected β’ Infrastructure as Code
Technology Stack
- π Overview
- β¨ Features
- π Project Architecture
- π Getting Started
- π Prerequisites
- β License
This project demonstrates key AWS Well-Architected Framework principles, built with Terraform, showcasing modern cloud practices including auto-scaling, security best practices, and automated deployments. The infrastructure follows AWS Well-Architected Framework principles with a focus on security, reliability, and cost optimization.
Network Security: Multi-tier VPC with DMZ and secure zones, custom Network ACLs, and zero internet exposure for application instances.
Scalability: Auto Scaling Groups with Application Load Balancer, dynamic scaling policies, and multi-AZ deployment.
Security: AWS Secrets Manager integration, IAM roles with least privilege, VPC Flow Logs with security analytics.
Monitoring: CloudWatch dashboards with VPC Flow Log analytics and basic alerting.
Cost Management: Resource tagging and Auto Scaling Groups for cost optimization.
| Feature | Description | |
|---|---|---|
| ποΈ | Multi-Tier Architecture | AWS VPC with public/private subnets, NAT Gateway, and Application Load Balancer. Auto Scaling Groups provide high availability and automatic scaling. Instance Connect Endpoints enable secure access without SSH key management. |
| π | Security | Private subnets for application instances, VPC Flow Logs for network monitoring, Network ACLs for additional security, AWS Secrets Manager for credentials, and IAM roles with appropriate permissions. |
| π | Monitoring & Analytics | CloudWatch dashboards with VPC Flow Log analytics, security event visualization, and basic alerting. Deployment logs stored in S3 for audit trails. |
| π | CI/CD Automation | GitHub Actions workflow with selective deployment to Auto Scaling instances, automated testing, and deployment validation. Infrastructure managed with Terraform modules. |
| π° | Cost Management | Auto Scaling adjusts capacity based on demand, resource tagging for cost tracking, and right-sized instances for the workload. |
| π | Automated Operations | GitHub Actions handles deployments, health checks via load balancer, and infrastructure as code with Terraform for consistency. |
.
βββ Terraform/ # Infrastructure as Code
β βββ Setup_Scripts/ # Automated setup and configuration
β βββ modules/ # Reusable Terraform modules
β β βββ VPC/ # Virtual Private Cloud & Networking
β β β βββ vpc.tf # VPC, Subnets, Route Tables
β β β βββ network_acls.tf # Network Access Control Lists
β β β βββ flow_logs.tf # VPC Flow Logs for security
β β β βββ vpc_endpoints.tf # Instance Connect Endpoints
β β βββ EC2/ # Compute instances
β β βββ AutoScaling/ # Auto Scaling Groups & Load Balancer
β β βββ RDS/ # Managed PostgreSQL database
β β βββ S3/ # File storage & logging
β β βββ SecretsManager/ # Secure credential management
β β βββ Monitoring/ # CloudWatch dashboards & alerts
β β βββ ResourceGroup/ # Resource organization & tagging
β βββ main.tf # Main infrastructure orchestration
β βββ variables.tf # Configurable parameters
β βββ outputs.tf # Infrastructure outputs
β βββ terraform.tfvars # Environment configuration
βββ .github/workflows/ # CI/CD automation
β βββ deploy.yml # Automated deployment pipeline
βββ Application Files/ # Python application
β βββ backend.py # FastAPI backend service
β βββ chatbot.py # AI-powered application logic
β βββ requirements.txt # Python dependencies
βββ selective-update.sh # Selective deployment script
βββ Documentation/ # Comprehensive guides
β βββ GitHub-OIDC-Setup.md # Security authentication setup
βββ Monitoring & Security/ # Operational excellence
βββ Security dashboards # Real-time security monitoring
βββ Performance metrics # Application performance tracking
βββ Cost optimization reports # Resource utilization analyticsπ AWS CLI Installation
π Terraform Installation
π GitHub OIDC Setup Guide
- AWS Account with proper access
- AWS CLI configured (
aws configure) - Terraform >= 1.0 installed
- Git for version control
- Clone the repository:
git clone https://github.com/username/ChatBotApp-AWS-Infra
cd ChatBotApp-AWS-InfraSet up Terraform backend (recommended if working in a team):
# Create S3 bucket for state management
aws s3 mb s3://your-terraform-state-bucket
# Configure backend in provider.tfCustom Configuration:
# Copy and modify terraform.tfvars
cp terraform.tfvars.example terraform.tfvars
# Edit with your specific requirements- Deploy infrastructure:
cd Terraform
terraform init
terraform plan
terraform applyNote
For detailed setup instructions, prerequisites, and configuration guides, see the π Wiki.
π€ Contributions are welcome!
This project is licensed under the MIT License.
For more details, see the LICENSE file.
Built with β€οΈ