mirror of
https://github.com/cdr/code-server.git
synced 2025-12-30 04:14:38 +01:00
b8094ac6a0
This commit adds complete Terraform infrastructure as code for deploying code-server on both EC2 and EKS platforms with enterprise-grade security and SAML/OIDC authentication. Features: - EC2 deployment with Auto Scaling Groups and Application Load Balancer - EKS deployment with managed node groups and AWS Load Balancer Controller - Private network setup with VPC, private subnets, and NAT gateways - SAML/OIDC authentication using OAuth2 Proxy - Security hardening: - KMS encryption for data at rest - TLS encryption in transit - IAM roles with least privilege - Security groups with minimal access - VPC Flow Logs - IMDSv2 enforcement - Auto-scaling capabilities for both EC2 and EKS - CloudWatch logging and monitoring - Automated deployment scripts Terraform Modules: - modules/vpc: VPC with public/private subnets, NAT, and VPC endpoints - modules/security: Security groups, IAM roles, and KMS keys - modules/ec2: EC2 Auto Scaling deployment with ALB - modules/eks: EKS cluster with managed node groups and addons Deployments: - deployments/ec2: EC2 deployment configuration - deployments/eks: EKS deployment configuration with Kubernetes manifests Documentation: - README.md: Comprehensive deployment and operations guide - QUICK-START.md: Quick reference for fast deployment - SAML-SETUP-GUIDE.md: Step-by-step IdP configuration guide Scripts: - scripts/deploy-ec2.sh: Automated EC2 deployment - scripts/deploy-eks.sh: Automated EKS deployment - scripts/destroy-ec2.sh: EC2 cleanup - scripts/destroy-eks.sh: EKS cleanup
41 lines
1.1 KiB
HCL
41 lines
1.1 KiB
HCL
# EC2 Module Outputs
|
|
|
|
output "alb_dns_name" {
|
|
description = "DNS name of the Application Load Balancer"
|
|
value = aws_lb.code_server.dns_name
|
|
}
|
|
|
|
output "alb_arn" {
|
|
description = "ARN of the Application Load Balancer"
|
|
value = aws_lb.code_server.arn
|
|
}
|
|
|
|
output "alb_zone_id" {
|
|
description = "Zone ID of the Application Load Balancer"
|
|
value = aws_lb.code_server.zone_id
|
|
}
|
|
|
|
output "autoscaling_group_name" {
|
|
description = "Name of the Auto Scaling Group"
|
|
value = aws_autoscaling_group.code_server.name
|
|
}
|
|
|
|
output "autoscaling_group_arn" {
|
|
description = "ARN of the Auto Scaling Group"
|
|
value = aws_autoscaling_group.code_server.arn
|
|
}
|
|
|
|
output "launch_template_id" {
|
|
description = "ID of the Launch Template"
|
|
value = aws_launch_template.code_server.id
|
|
}
|
|
|
|
output "code_server_password_secret_arn" {
|
|
description = "ARN of the Secrets Manager secret containing code-server password"
|
|
value = aws_secretsmanager_secret.code_server_password.arn
|
|
}
|
|
|
|
output "cloudwatch_log_group_name" {
|
|
description = "Name of the CloudWatch Log Group"
|
|
value = aws_cloudwatch_log_group.code_server.name
|
|
}
|