mirror of
https://github.com/karpathy/nanochat.git
synced 2026-05-09 17:30:14 +00:00
b381933c3b
Add reusable Terraform modules and per-environment configs (dev/uat/prod) in us-west-2 covering: VPC (3 AZ public/private), EKS 1.29 with IRSA and ALB/EBS/EFS CSI add-ons, RDS PostgreSQL 15, four ECR repos, IAM roles (EKS node, ALB controller IRSA, GitHub Actions OIDC), Route53 + ACM for samosachaat.art, and EFS for model weights. State backend on S3 (samosachaat-terraform-state) with DynamoDB lock table. terraform validate passes for dev, uat, and prod. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
35 lines
967 B
HCL
35 lines
967 B
HCL
variable "name_prefix" {
|
|
description = "Prefix for IAM resource names (e.g. samosachaat-dev)."
|
|
type = string
|
|
}
|
|
|
|
variable "oidc_provider_arn" {
|
|
description = "EKS OIDC provider ARN. Pass empty string to skip ALB controller role creation."
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "oidc_provider_url" {
|
|
description = "EKS OIDC issuer hostname (no scheme, e.g. oidc.eks.us-west-2.amazonaws.com/id/XXX)."
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "create_github_oidc" {
|
|
description = "Create the GitHub Actions OIDC provider + CI role. Set to true exactly once per AWS account."
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "github_repositories" {
|
|
description = "GitHub repositories allowed to assume the CI role (e.g. [\"manmohan659/nanochat\"])."
|
|
type = list(string)
|
|
default = []
|
|
}
|
|
|
|
variable "tags" {
|
|
description = "Tags applied to every resource."
|
|
type = map(string)
|
|
default = {}
|
|
}
|