Infrastructure as Code
This repo is mainly configuring global or shared AWS resources such as the VPC, IAM users/groups/policies
For example it will provision a user/access_key/iam policy for a microservice, then a dev would take that access key, plug it into their terraform templates in the microservice's respective repo.
AN EXAMPLE OF THIS IN ACTION
nhitruong96/real_estate
The main terraform templates will generate the IAM Access Key and Secret Key for the microservice to use and store it in Hashicorp Vault. Then the terraform templates in this app's repo will pull the keys from Vault and use it to authenticate with AWS services and effectively let my partner manage her own AWS resources.
DEPLOYMENT TYPES
Right now, "real-estate" is a static HTML website is hosted on in a docker container on my personal server and the content is served up the Nginx reverse proxy chain.
Now I know what you're about to ask, "Why not just host it on S3?".... Well I did : s3_hosting.tf
And threw a CDN in front of it for the cherry on top
Also for fun I can host the site with Fargate too : fargate.tf
I hosted the site on my server because I wanted to spend as little as I can on AWS resources, especially since I already have a dedicated server under my desk. If you want to see it in action, just uncomment the lines and check it in to master and the CICD should spin it up.
