iac-duplicate/terraform/environments/test/terraform.tfvars

# =============================================================================
# VARIABLES DE ENTORNO TEST - SACC v4
# Cuenta AWS: 668889063715
# =============================================================================

# =============================================================================
# GENERALES
# =============================================================================

aws_region   = "mx-central-1"
environment  = "test"
project_name = "sacc4"

# =============================================================================
# DOMINIO Y DNS
# =============================================================================

# Dominio principal para el entorno de test
# NOTA: Asegurate de que este dominio exista en Route53 de la cuenta 668889063715
domain_name   = "test-sacc.ccsoft.mx"
api_subdomain = "api.test-sacc.ccsoft.mx"

# =============================================================================
# NETWORKING
# =============================================================================

# CIDR que NO choque con produccion (10.2.0.0/16) ni otros entornos
vpc_cidr             = "10.3.0.0/16"
availability_zones   = ["mx-central-1a", "mx-central-1b"]
public_subnet_cidrs  = ["10.3.1.0/24", "10.3.2.0/24"]
private_subnet_cidrs = ["10.3.10.0/24", "10.3.11.0/24"]

# =============================================================================
# EC2 CONFIGURATION
# =============================================================================

ec2_instance_type         = "t3.small"
ec2_ami                   = "ami-0f553e2869648134e"
ec2_root_volume_size      = 8
ec2_root_volume_type      = "gp2"
ec2_root_volume_encrypted = true

# SSH - RESTRINGIR a tu IP publica o rangos de oficina/VPN
# Ejemplo: ["203.0.113.0/24"] para oficina, ["10.8.0.0/24"] para VPN
# WARNING: [] vacio usa solo VPC CIDR (mas seguro)
ssh_allowed_cidrs = []

# Llaves SSH publicas para acceso
# Generar par de llaves: ssh-keygen -t ed25519 -f sacc4-test-key -C "sacc4-test"
thoth_public_key  = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/RcJmEYOBpfq1tSLltV1pyNB55l1jA2zYr5ZNJ0f41 thoth@ccsoft"
osiris_public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFo6CycfgIuCCSVZbhuPwqlAVDxY8YWb1xpvpqxSzMjR osiris@ccsoft"

# =============================================================================
# RDS CONFIGURATION
# =============================================================================

rds_instance_class        = "db.t3.micro"
rds_engine                = "mariadb"
rds_engine_version        = "10.11.16"
rds_allocated_storage     = 20
rds_max_allocated_storage = 100
rds_db_name               = "ccsoft_sacc4_test"
rds_master_username       = "sacc_admin_test"
rds_master_password       = "CambiarEstaPassword123!Segura"

rds_backup_retention_period = 7
rds_backup_window           = "03:00-04:00"
rds_maintenance_window      = "Mon:04:00-Mon:05:00"

# =============================================================================
# SCHEDULING (apagado automatico para ahorrar costos en test)
# =============================================================================

enable_scheduling   = true
schedule_timezone   = "America/Mexico_City"
schedule_start_cron = "cron(0 13 ? * MON-FRI *)"
schedule_stop_cron  = "cron(0 0 ? * TUE-SAT *)"

# =============================================================================
# FRONTEND (S3 + CloudFront)
# =============================================================================

# Nombre unico global del bucket S3
frontend_bucket_name = "sacc4-frontend-test-668889063715"

cloudfront_price_class    = "PriceClass_100"
enable_cloudfront_logging = false

# =============================================================================
# TAGS COMUNES
# =============================================================================

common_tags = {
  Project   = "proyectosacc"
  ManagedBy = "terraform"
  Team      = "infra"
  Purpose   = "test-environment"
}