# base/aws/

## Overview

This Terraform module provisions the core AWS infrastructure needed for a data platform, including:

* VPC with subnets
* ECS cluster for containerized workloads
* Secrets Manager for sensitive values
* SSM Parameters for configuration

## Quick Start

```hcl
module "aws" {
  source      = "git::https://github.com/boringdata/boringdata-template-aws-iceberg.git//base/aws"
  environment = "dev"
  secrets     = {
    "api_key" = "your-secret-value"
  }
}
```

## Key Features

* **Environment-based naming**: All resources are prefixed with your environment name
* **Secure networking**: Properly configured VPC with public and private subnets
* **Containerization**: Ready-to-use ECS cluster for your workloads
* **Configuration management**: Built-in secrets and parameters management

## Module Structure

```
aws/
├── data.tf           # AWS region and availability zones
├── ecs_cluster.tf    # ECS cluster configuration
├── vpc.tf            # VPC and networking resources
├── secrets.tf        # AWS Secrets Manager resources
├── ssm_parameters.tf # SSM Parameter Store resources
├── variables.tf      # Input variables
├── outputs.tf        # Output values
├── locals.tf         # Local variables
└── versions.tf       # Version constraints
```

## Architecture

{% @mermaid/diagram content="%%{init: {'theme':'neutral'}}%%
graph TD
env(\[Environment])
vpc\[VPC]
ecs\[ECS Cluster]
secrets\[Secrets Manager]
ssm\[SSM Parameters]

```
env --> vpc & ecs & secrets & ssm
vpc --> subnets[Public & Private Subnets]" %}
```

## Requirements

| Name                                | Version  |
| ----------------------------------- | -------- |
| [terraform](#requirement_terraform) | >=1.5.7  |
| [aws](#requirement_aws)             | >=5.63.1 |

## Providers

| Name                 | Version |
| -------------------- | ------- |
| [aws](#provider_aws) | 5.92.0  |

## Modules

| Name                                | Source                                         | Version |
| ----------------------------------- | ---------------------------------------------- | ------- |
| [ecs\_cluster](#module_ecs_cluster) | terraform-aws-modules/ecs/aws//modules/cluster | 5.11.2  |
| [parameters](#module_parameters)    | terraform-aws-modules/ssm-parameter/aws        | 1.1.1   |
| [secrets](#module_secrets)          | terraform-aws-modules/secrets-manager/aws      | 1.1.2   |
| [vpc](#module_vpc)                  | terraform-aws-modules/vpc/aws                  | \~> 5.0 |

## Resources

| Name                                                                                                                                    | Type        |
| --------------------------------------------------------------------------------------------------------------------------------------- | ----------- |
| [aws\_availability\_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source |
| [aws\_region.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region)                               | data source |

## Inputs

| Name                                     | Description                                                          | Type          | Default | Required |
| ---------------------------------------- | -------------------------------------------------------------------- | ------------- | ------- | :------: |
| [environment](#input_environment)        | The environment to deploy to - will prefix the name of all resources | `string`      | n/a     |    yes   |
| [secrets](#input_secrets)                | A map of secrets to create                                           | `map(string)` | `{}`    |    no    |
| [ssm\_parameters](#input_ssm_parameters) | A map of SSM parameters to create                                    | `map(string)` | `{}`    |    no    |

## Outputs

No outputs.