IaaC roadmap to create:

• VPC (Internet gateway, subnets, route table, security groups);
• Domain + Certificates (ACM);
• ECR + Docker (repository, Docker build) - FastAPI image;
• ECS (cluster, service, task definition) - FastAPI service;
• SSM (parameters with path);
• SES (domain identity, email identity, register Route53 records);
• SNS (topic);
• CloudWatch (log group, alarm);
• SQS (queue);
• Lambda Layer (with .zip creation);
• Lambda Function (with layer(s), from source code);
• API Gateway (API, mapping, cognito, lambda, domain);
• API Gateway (Websocket + lambda);
• Amplify (Vue.js example app);
• Cognito (user pool, domain, JWT authorizer);
• Cognito oAuth2 (GitHub, Google, etc...);
• RDS (PostgreSQL);
• RDS (Aurora);
• ElastiCache (cluster, DB, connection via VPN endpoint);
• API Gateway (file upload to S3);
• API Gateway (Websocket $connect/$disconnect/$default + Request Authorizer);
• IoT Core (certificates, rule, thing, thing group);
• S3 with CloudFront (distribute mkdocs-material build, add Basic Auth);
• VPC (NAT Gateway, VPN Endpoint, Elastic IP);
• DynamoDB;
• CodeCommit (repository, approval templates, trigger);
• CodePipeline;
• CodeBuild;
• CodeDeploy;

Terraform format

terraform fmt -recursive

Terraform validate

terraform validate

Terraform plan

terraform plan

1. Create Layer

terraform apply -var-file=".dev.tfvars" -auto-approve -target="module.MyLayers"

2. Create SSM parameters

terraform apply -var-file=".dev.tfvars" -auto-approve -target="module.MySSM"

3. Create SESv2

terraform apply -var-file=".dev.tfvars" -auto-approve -target="module.MySES"

For SES it requires extra step (download .csv with extra TXT records to verify domain).

4. Run terraform apply with -var-file and auto approve.

terraform apply -var-file=".dev.tfvars" -auto-approve