diff --git a/.gitignore b/.gitignore
new file mode 100644
index 000000000..8ce0778a0
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,5 @@
+# Terraform
+terraform.tfstate
+terraform.tfstate.*
+.terraform/
+
diff --git a/terraform/aws/alb.tf b/terraform/aws/alb.tf
new file mode 100644
index 000000000..f3473f6c1
--- /dev/null
+++ b/terraform/aws/alb.tf
@@ -0,0 +1,88 @@
+# -----------------------
+# Application Load Balancer
+# -----------------------
+resource "aws_lb" "this" {
+  name               = "devops-alb"
+  internal           = false
+  load_balancer_type = "application"
+  security_groups    = [aws_security_group.alb_sg.id]
+  subnets            = [
+    aws_subnet.public_1.id,
+    aws_subnet.public_2.id
+  ]
+
+  tags = {
+    Name = "devops-alb"
+  }
+}
+
+# -----------------------
+# Target Group
+# -----------------------
+resource "aws_lb_target_group" "this" {
+  name        = "devops-backend-tg"
+  port        = var.container_port
+  protocol    = "HTTP"
+  vpc_id      = aws_vpc.main.id
+  target_type = "ip"
+
+  health_check {
+    path                = "/api/health"
+    interval            = 30
+    timeout             = 5
+    healthy_threshold   = 2
+    unhealthy_threshold = 2
+    matcher             = "200"
+  }
+
+  tags = {
+    Name = "devops-backend-tg"
+  }
+}
+
+# -----------------------
+# Listener
+# -----------------------
+resource "aws_lb_listener" "http" {
+  load_balancer_arn = aws_lb.this.arn
+  port              = 80
+  protocol          = "HTTP"
+
+  default_action {
+    type             = "forward"
+    target_group_arn = aws_lb_target_group.this.arn
+  }
+}
+
+# -----------------------
+# ECS Service
+# -----------------------
+resource "aws_ecs_service" "this" {
+  name            = "${var.app_name}-service"
+  cluster         = aws_ecs_cluster.this.id
+  task_definition = aws_ecs_task_definition.this.arn
+  desired_count   = 2
+  launch_type     = "FARGATE"
+
+  network_configuration {
+    subnets         = [
+      aws_subnet.public_1.id,
+      aws_subnet.public_2.id
+    ]
+    security_groups = [aws_security_group.ecs_sg.id]
+    assign_public_ip = true
+  }
+
+  load_balancer {
+    target_group_arn = aws_lb_target_group.this.arn
+    container_name   = var.app_name
+    container_port   = var.container_port
+  }
+
+  depends_on = [aws_lb_listener.http]
+
+  tags = {
+    Name = "devops-ecs-service"
+  }
+}
+
diff --git a/terraform/aws/outputs.tf b/terraform/aws/outputs.tf
new file mode 100644
index 000000000..af7f0f6dc
--- /dev/null
+++ b/terraform/aws/outputs.tf
@@ -0,0 +1,28 @@
+output "vpc_id" {
+  value = aws_vpc.main.id
+}
+
+output "public_subnet_1_id" {
+  value = aws_subnet.public_1.id
+}
+
+output "public_subnet_2_id" {
+  value = aws_subnet.public_2.id
+}
+
+output "backend_ecr_repository_url" {
+  value = aws_ecr_repository.backend_repo.repository_url
+}
+
+output "ecs_cluster_name" {
+  value = aws_ecs_cluster.this.name
+}
+
+output "ecs_task_definition_arn" {
+  value = aws_ecs_task_definition.this.arn
+}
+
+output "alb_dns_name" {
+  value = aws_lb.this.dns_name
+}
+