Develop

.github/workflows/cd.yml

@@ -31,6 +31,11 @@ jobs:
       id: login-ecr
       uses: aws-actions/amazon-ecr-login@v2
 
+    - name: Create ECR repositories if missing
+      run: |
+        aws ecr describe-repositories --repository-names devops-backend || aws ecr create-repository --repository-name devops-backend
+        aws ecr describe-repositories --repository-names devops-frontend || aws ecr create-repository --repository-name devops-frontend
+
     - name: Build and push Backend to ECR
       if: steps.login-ecr.outcome == 'success'
       uses: docker/build-push-action@v5
@@ -134,11 +139,17 @@ jobs:
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: ${{ env.AWS_REGION }}
 
+      - name: Create AWS State Bucket
+        run: |
+          aws s3api create-bucket --bucket devops-assignment-tf-state-aws --region us-east-2 --create-bucket-configuration LocationConstraint=us-east-2 2>/dev/null || echo "Bucket already exists"
+
+
       - name: Terraform Init AWS
         run: |
           cd terraform/aws
           terraform init
 
+
       - name: Terraform Apply AWS
         run: |
           cd terraform/aws
@@ -149,3 +160,4 @@ jobs:
           TF_VAR_db_password: ${{ secrets.DB_PASSWORD }}
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+

terraform/aws/alb.tf

@@ -1,13 +1,13 @@
 resource "aws_lb" "main" {
-  name               = "devops-alb"
+  name               = "devops-alb-v2"
   internal           = false
   load_balancer_type = "application"
   security_groups    = [aws_security_group.alb_sg.id]
   subnets            = [aws_subnet.public_1.id, aws_subnet.public_2.id]
 }
 
 resource "aws_lb_target_group" "backend" {
-  name        = "devops-backend-tg"
+  name        = "devops-backend-tg-v2"
   port        = 8000
   protocol    = "HTTP"
   vpc_id      = aws_vpc.main.id
@@ -19,7 +19,7 @@ resource "aws_lb_target_group" "backend" {
 }
 
 resource "aws_lb_target_group" "frontend" {
-  name        = "devops-frontend-tg"
+  name        = "devops-frontend-tg-v2"
   port        = 3000
   protocol    = "HTTP"
   vpc_id      = aws_vpc.main.id

terraform/aws/ecs.tf

@@ -24,7 +24,7 @@ resource "aws_ecs_task_definition" "backend" {
       logConfiguration = {
         logDriver = "awslogs"
         options = {
-          "awslogs-group"         = "/ecs/devops-backend"
+          "awslogs-group"         = "/ecs/devops-backend-v2"
           "awslogs-region"        = var.aws_region
           "awslogs-stream-prefix" = "ecs"
         }
@@ -83,7 +83,7 @@ resource "aws_ecs_task_definition" "frontend" {
       logConfiguration = {
         logDriver = "awslogs"
         options = {
-          "awslogs-group"         = "/ecs/devops-frontend"
+          "awslogs-group"         = "/ecs/devops-frontend-v2"
           "awslogs-region"        = var.aws_region
           "awslogs-stream-prefix" = "ecs"
         }
@@ -115,11 +115,11 @@ resource "aws_ecs_service" "frontend" {
 }
 
 resource "aws_cloudwatch_log_group" "backend" {
-  name = "/ecs/devops-backend"
+  name = "/ecs/devops-backend-v2"
   retention_in_days = 7
 }
 
 resource "aws_cloudwatch_log_group" "frontend" {
-  name = "/ecs/devops-frontend"
+  name = "/ecs/devops-frontend-v2"
   retention_in_days = 7
 }

terraform/aws/iam.tf

@@ -1,5 +1,5 @@
 resource "aws_iam_role" "ecs_execution_role" {
-  name = "devops-ecs-execution-role-ohio"
+  name = "devops-ecs-execution-role-v2"
 
   assume_role_policy = jsonencode({
     Version = "2012-10-17"
@@ -21,7 +21,7 @@ resource "aws_iam_role_policy_attachment" "ecs_execution_role_policy" {
 }
 
 resource "aws_iam_role" "ecs_task_role" {
-  name = "devops-ecs-task-role-ohio"
+  name = "devops-ecs-task-role-v2"
 
   assume_role_policy = jsonencode({
     Version = "2012-10-17"

terraform/aws/main.tf

@@ -5,8 +5,10 @@ terraform {
       version = "~> 5.0"
     }
   }
-  backend "local" {
-     path = "terraform.tfstate"
+  backend "s3" {
+    bucket = "devops-assignment-tf-state-aws"
+    key    = "terraform/state/aws.tfstate"
+    region = "us-east-2"
   }
 }
 

terraform/aws/secrets.tf

@@ -1,5 +1,5 @@
 resource "aws_secretsmanager_secret" "app_secret" {
-  name = "devops-app-secret"
+  name = "devops-app-secret-v2"
   description = "Application configuration secrets"
 }
 
@@ -10,7 +10,7 @@ resource "aws_secretsmanager_secret_version" "app_secret_val" {
 
 # Grant ECS execution role access to secrets
 resource "aws_iam_role_policy" "ecs_secrets_access" {
-  name = "devops-ecs-secrets-access"
+  name = "devops-ecs-secrets-access-v2"
   role = aws_iam_role.ecs_execution_role.id
 
   policy = jsonencode({