# ============================================================================= # SACC v4 - Entorno TEST en Cuenta 668889063715 # ============================================================================= # DUPLICA la infraestructura de produccion usando los modulos PRODUCCION # probados de terraform-sacc4/ # # IMPORTANTE: Este archivo usa los modulos de produccion para garantizar # que el entorno de test sea IDENTICO al de produccion. # # Uso: # 1. cp terraform.tfvars.example terraform.tfvars # 2. Editar terraform.tfvars con valores reales # 3. terraform init # 4. terraform plan # 5. terraform apply # ============================================================================= terraform { required_version = ">= 1.5.0" required_providers { aws = { source = "hashicorp/aws" version = "~> 5.0" } random = { source = "hashicorp/random" version = "~> 3.0" } } # Backend S3 para estado (bucket creado por bootstrap) backend "s3" { bucket = "sacc4-terraform-state-test-668889063715" key = "sacc4-test/infrastructure/terraform.tfstate" region = "mx-central-1" encrypt = true dynamodb_table = "sacc4-terraform-locks-test-668889063715" } } # Provider AWS - RegiĆ³n Mexico (mx-central-1) provider "aws" { region = var.aws_region default_tags { tags = { Project = "sacc4" Environment = "test" ManagedBy = "terraform" Owner = "infra-team" AccountId = "668889063715" CostCenter = "test-environment" } } } # Provider AWS para ACM (us-east-1 requerido por CloudFront) provider "aws" { alias = "us_east_1" region = "us-east-1" default_tags { tags = { Project = "sacc4" Environment = "test" ManagedBy = "terraform" } } } # ============================================================================= # DATOS # ============================================================================= data "aws_caller_identity" "current" {} data "aws_region" "current" {} # ============================================================================= # LOCALES # ============================================================================= locals { name_prefix = "${var.project_name}-test" common_tags = { Project = var.project_name Environment = "test" ManagedBy = "terraform" } } # ============================================================================= # MODULOS DE INFRAESTRUCTURA (usando modulos de produccion) # ============================================================================= module "vpc" { source = "../../../../terraform-sacc4/modules/vpc" name_prefix = local.name_prefix vpc_cidr = var.vpc_cidr availability_zones = var.availability_zones public_subnet_cidrs = var.public_subnet_cidrs private_subnet_cidrs = var.private_subnet_cidrs tags = local.common_tags } module "security_groups" { source = "../../../../terraform-sacc4/modules/security-groups" name_prefix = local.name_prefix vpc_id = module.vpc.vpc_id vpc_cidr = module.vpc.vpc_cidr ssh_allowed_cidrs = var.ssh_allowed_cidrs tags = local.common_tags } module "iam" { source = "../../../../terraform-sacc4/modules/iam" name_prefix = local.name_prefix tags = local.common_tags } module "ec2" { source = "../../../../terraform-sacc4/modules/ec2" name_prefix = local.name_prefix instance_type = var.ec2_instance_type ami = var.ec2_ami subnet_id = module.vpc.public_subnet_ids[0] security_group_ids = [module.security_groups.ec2_security_group_id] root_volume_size = var.ec2_root_volume_size root_volume_type = var.ec2_root_volume_type root_volume_encrypted = var.ec2_root_volume_encrypted thoth_public_key = var.thoth_public_key osiris_public_key = var.osiris_public_key rds_endpoint = module.rds.rds_endpoint rds_db_name = var.rds_db_name rds_app_username = "sacc_app_user" rds_app_password = var.rds_master_password tags = local.common_tags } module "rds" { source = "../../../../terraform-sacc4/modules/rds" name_prefix = local.name_prefix instance_class = var.rds_instance_class engine = var.rds_engine engine_version = var.rds_engine_version allocated_storage = var.rds_allocated_storage max_allocated_storage = var.rds_max_allocated_storage db_name = var.rds_db_name master_username = var.rds_master_username master_password = var.rds_master_password backup_retention_period = var.rds_backup_retention_period backup_window = var.rds_backup_window maintenance_window = var.rds_maintenance_window subnet_ids = module.vpc.private_subnet_ids security_group_ids = [module.security_groups.rds_security_group_id] enable_replica = false tags = local.common_tags } module "lambda_scheduler" { source = "../../../../terraform-sacc4/modules/lambda-scheduler" count = var.enable_scheduling ? 1 : 0 name_prefix = local.name_prefix ec2_instance_id = module.ec2.instance_id rds_instance_id = module.rds.db_instance_identifier schedule_timezone = var.schedule_timezone schedule_start_cron = var.schedule_start_cron schedule_stop_cron = var.schedule_stop_cron lambda_role_arn = module.iam.lambda_scheduler_role_arn scheduler_role_arn = module.iam.eventbridge_scheduler_role_arn tags = local.common_tags } module "s3_cloudfront" { source = "../../../../terraform-sacc4/modules/s3-cloudfront" name_prefix = local.name_prefix bucket_name = var.frontend_bucket_name cloudfront_price_class = var.cloudfront_price_class enable_logging = var.enable_cloudfront_logging domain_name = var.domain_name tags = local.common_tags } module "route53" { source = "../../../../terraform-sacc4/modules/route53" name_prefix = local.name_prefix domain_name = var.domain_name api_subdomain = var.api_subdomain api_public_ip = module.ec2.public_ip cloudfront_domain = module.s3_cloudfront.cloudfront_domain_name cloudfront_zone_id = module.s3_cloudfront.cloudfront_hosted_zone_id tags = local.common_tags } # ============================================================================= # OUTPUTS # ============================================================================= output "vpc_id" { description = "ID de la VPC creada" value = module.vpc.vpc_id } output "public_subnet_ids" { description = "IDs de subnets publicas" value = module.vpc.public_subnet_ids } output "private_subnet_ids" { description = "IDs de subnets privadas" value = module.vpc.private_subnet_ids } output "ec2_instance_id" { description = "ID de la instancia EC2" value = module.ec2.instance_id } output "ec2_public_ip" { description = "IP publica de la instancia EC2" value = module.ec2.public_ip } output "ec2_private_ip" { description = "IP privada de la instancia EC2" value = module.ec2.private_ip } output "rds_endpoint" { description = "Endpoint de la base de datos RDS" value = module.rds.rds_endpoint sensitive = true } output "rds_port" { description = "Puerto de la base de datos RDS" value = module.rds.rds_port } output "rds_db_name" { description = "Nombre de la base de datos" value = module.rds.db_name } output "frontend_bucket_name" { description = "Nombre del bucket S3 del frontend" value = module.s3_cloudfront.bucket_name } output "cloudfront_domain_name" { description = "Dominio de CloudFront" value = module.s3_cloudfront.cloudfront_domain_name } output "cloudfront_distribution_id" { description = "ID de la distribucion CloudFront" value = module.s3_cloudfront.distribution_id } output "api_gateway_url" { description = "URL del API Gateway" value = "https://${var.api_subdomain}" } output "frontend_url" { description = "URL del frontend" value = "https://${var.domain_name}" } output "lambda_start_function_name" { description = "Nombre de la funcion Lambda de inicio" value = var.enable_scheduling ? module.lambda_scheduler[0].start_function_name : null } output "lambda_stop_function_name" { description = "Nombre de la funcion Lambda de apagado" value = var.enable_scheduling ? module.lambda_scheduler[0].stop_function_name : null } output "route53_api_record" { description = "Nombre del registro DNS para API" value = module.route53.api_record_name } output "route53_frontend_record" { description = "Nombre del registro DNS para frontend" value = module.route53.frontend_record_name } output "route53_zone_id" { description = "ID de la zona Route53" value = module.route53.hosted_zone_id } output "ansible_inventory" { description = "Inventario Ansible generado dinamicamente" value = <<-EOT [sacc4-test] ${module.ec2.public_ip} ansible_user=ubuntu ansible_ssh_private_key_file=~/.ssh/sacc4-test-key.pem [sacc4-test:vars] ansible_python_interpreter=/usr/bin/python3 environment=test db_endpoint=${module.rds.rds_endpoint} s3_bucket=${module.s3_cloudfront.bucket_name} cloudfront_domain=${module.s3_cloudfront.cloudfront_domain_name} EOT sensitive = false } output "deployment_commands" { description = "Comandos para desplegar la aplicacion" value = <<-EOT # ============================================================================= # COMANDOS POST-DESPLIEGUE - SACC v4 TEST # ============================================================================= # Conectar a la instancia ssh -i ~/.ssh/sacc4-test-key.pem ubuntu@${module.ec2.public_ip} # Verificar servicios ssh -i ~/.ssh/sacc4-test-key.pem ubuntu@${module.ec2.public_ip} "sudo systemctl status nginx" ssh -i ~/.ssh/sacc4-test-key.pem ubuntu@${module.ec2.public_ip} "sudo systemctl status api-sacc4-*" # Verificar health checks ssh -i ~/.ssh/sacc4-test-key.pem ubuntu@${module.ec2.public_ip} "curl -s http://localhost:8080/actuator/health" ssh -i ~/.ssh/sacc4-test-key.pem ubuntu@${module.ec2.public_ip} "curl -s http://localhost:8081/actuator/health" # Base de datos mysql -h ${module.rds.rds_endpoint} -u sacc_app_user -p -e "SELECT 1;" EOT }