feat: add production environment terraform scripts

terraform/environments/prod/backend.tf

@@ -0,0 +1,9 @@
+terraform {
+    cloud {
+        organization = "cholog"
+
+        workspaces {
+            name = "cholog-prod"
+        }
+    }
+}

terraform/environments/prod/main.tf

@@ -0,0 +1,87 @@
+module "tags" {
+    source = "../../modules/tags"
+
+    project_name = var.project_name
+    environment  = var.environment
+}
+
+module "compute" {
+    source = "../../modules/compute"
+
+    project_name = var.project_name
+}
+
+
+module "network" {
+    source = "../../modules/network"
+
+    region       = var.region
+    project_name = var.project_name
+    server_tags  = module.tags.server_tags
+    gateway_tags = module.tags.gateway_tags
+}
+
+module "storage" {
+    source = "../../modules/storage"
+
+    bucket_name  = var.bucket_name
+    project_name = var.project_name
+    storage_tags = module.tags.storage_tags
+}
+
+module "iam" {
+    source = "../../modules/iam"
+
+    project_name = var.project_name
+    bucket_arns = [
+        module.storage.bucket_arn,
+        "${module.storage.bucket_arn}/*"
+    ]
+}
+
+module "bastion" {
+    source = "../../modules/bastion"
+
+    vpc_id            = module.network.vpc_id
+    project_name      = var.project_name
+    ami_id            = module.compute.ami_id
+    key_pair_name     = module.compute.key_pair_name
+    public_subnet_ids = module.network.public_subnet_ids
+    server_tags       = module.tags.server_tags
+
+}
+
+module "application" {
+    source = "../../modules/application"
+
+    vpc_id               = module.network.vpc_id
+    project_name         = var.project_name
+    environment          = var.environment
+    ec2_role_name        = module.iam.ec2_role_name
+    bucket_name          = module.storage.bucket_name
+    region               = var.region
+    code_deploy_role_arn = module.iam.code_deploy_role_arn
+    ami_id               = module.compute.ami_id
+    key_pair_name        = module.compute.key_pair_name
+    bastion_sg_id        = module.bastion.bastion_sg_id
+    private_subnet_ids   = module.network.private_subnet_ids
+    public_subnet_ids    = module.network.public_subnet_ids
+    service_worker_tags  = module.tags.service_worker_tags
+    server_tags          = module.tags.server_tags
+}
+
+module "database" {
+    source = "../../modules/database"
+
+    vpc_id       = module.network.vpc_id
+    project_name = var.project_name
+    db_name      = var.db_name
+    secret_name  = var.db_secret_name
+    ingress_security_group_ids = [module.application.application_sg_id, module.bastion.bastion_sg_id]
+
+    private_subnet_ids = module.network.private_subnet_ids
+    server_tags        = module.tags.server_tags
+    database_tags      = module.tags.database_tags
+}
+
+

terraform/environments/prod/outputs.tf

@@ -0,0 +1,80 @@
+# Network
+output "vpc_id" {
+  description = "VPC ID created by the network module"
+  value       = module.network.vpc_id
+}
+
+output "public_subnet_ids" {
+  description = "Public subnet IDs created by the network module"
+  value       = module.network.public_subnet_ids
+}
+
+output "private_subnet_ids" {
+  description = "Private subnet IDs created by the network module"
+  value       = module.network.private_subnet_ids
+}
+
+# Storage
+output "bucket_arn" {
+  description = "Bucket ARN created by the storage module"
+  value       = module.storage.bucket_arn
+}
+
+output "bucket_name" {
+  description = "Bucket name created by the storage module"
+  value       = module.storage.bucket_name
+}
+
+# IAM
+output "ec2_role_name" {
+  description = "EC2 IAM role name created by the IAM module"
+  value       = module.iam.ec2_role_name
+}
+
+output "s3_policy_arn" {
+  description = "S3 access policy ARN created by the IAM module"
+  value       = module.iam.s3_access_policy_arn
+}
+
+# Bastion
+output "bastion_sg_id" {
+  description = "Security Group ID for the Bastion host"
+  value       = module.bastion.bastion_sg_id
+}
+
+output "bastion_eip" {
+  description = "Elastic IP address for the Bastion host"
+  value       = module.bastion.bastion_eip_allocation_id
+}
+
+# Application
+output "application_sg_id" {
+  description = "Security Group ID for the application instances"
+  value       = module.application.application_sg_id
+}
+
+output "application_asg_name" {
+  description = "Name of the Auto Scaling Group for application instances"
+  value       = module.application.asg_name
+}
+
+output "application_launch_template_id" {
+  description = "Launch Template ID for application instances"
+  value       = module.application.launch_template_id
+}
+
+# Database
+output "database_endpoint" {
+  description = "Endpoint of the RDS database"
+  value       = module.database.db_instance_endpoint
+}
+
+output "database_id" {
+  description = "ID of the RDS database instance"
+  value       = module.database.db_instance_id
+}
+
+output "database_sg_id" {
+  description = "Security Group ID for the database"
+  value       = module.database.database_sg_id
+}

terraform/environments/prod/provider.tf

@@ -0,0 +1,22 @@
+terraform {
+    required_providers {
+        aws = {
+            source  = "hashicorp/aws"
+            version = "5.54.1"
+        }
+    }
+}
+
+provider "aws" {
+    region = var.region
+
+    /** Note:
+    AWS_ACCESS_KEY_ID와 AWS_SECRET_ACCESS_KEY는 환경변수를 통해 설정해야 합니다.
+    아래와 같이 환경 변수를 설정하세요:
+
+    export AWS_ACCESS_KEY_ID="your-access-key"
+    export AWS_SECRET_ACCESS_KEY="your-secret-key"
+
+    GitHub Actions에서는 환경 변수를 Secrets에 저장하여 사용해야 합니다.
+    */
+}

terraform/environments/prod/variables.tf

@@ -0,0 +1,21 @@
+variable "region" {
+    default = "ap-northeast-2"
+}
+variable "project_name" {
+    default = "prolog-prod"
+}
+variable "environment" {
+    default = "prod"
+}
+variable "bucket_name" {
+    default = "prolog-prod-bucket"
+}
+variable "key_pair_name" {
+    default = "prolog-prod"
+}
+variable "db_name" {
+    default = "prolog"
+}
+variable "db_secret_name" {
+    default = "secrets/prolog_prod"
+}