Scouttlo
ENES
Todas las ideas/devtools/Plataforma SaaS para detección automática de drift en infraestructuras declaradas con Terraform y remediación asistida por IA.
GitHubB2Bdevtools

Plataforma SaaS para detección automática de drift en infraestructuras declaradas con Terraform y remediación asistida por IA.

Detectado hace 6 horas

7.0/ 10
Puntaje general

Convierte esta senal en ventaja

Te ayudamos a construirla, validarla y llegar primero.

Pasamos de la idea al plan: quien compra, que MVP lanzar, como validarlo y que medir antes de invertir meses.

Contexto extra

Ver mas sobre la idea

Te contamos que significa realmente la oportunidad, que problema existe hoy, como esta idea lo resolveria y los conceptos clave detras de ella.

Comparte tu correo para ver este analisis ampliado.

Desglose del puntaje

Urgencia8.0
Tamano de mercado7.0
Viabilidad7.0
Competencia6.0
Dolor

Desviaciones en la infraestructura declarada en Terraform causan inconsistencias y posibles problemas de rendimiento.

Quien pagaria por esto

Equipos de DevOps, ingenieros de infraestructura y empresas que gestionan infraestructuras en la nube con Terraform.

Senal de origen

"Terraform Drift Detected — Risk: MEDIUM"

Publicacion original

🚨 Terraform Drift Detected [prod] — MEDIUM Risk

Publicado: hace 6 horas

Repository: tahamehdidev/Autonomous-Infrastructure-Drift-Detection-and-AI-Assisted-Remediation Author: github-actions[bot] ## 🟡 Terraform Drift Detected — Risk: MEDIUM **Environment:** prod **Run:** [23226748247](https://github.com/tahamehdidev/Autonomous-Infrastructure-Drift-Detection-and-AI-Assisted-Remediation/actions/runs/23226748247) ### AI Analysis The Terraform plan indicates that an Auto Scaling Group and associated policies, CloudWatch alarms, and an Elastic IP are being re-created. This drift might have been caused by manual changes in the AWS management console or misconfigurations in another part of the infrastructure. It is important to correct this to maintain consistency with the declared configuration in code and prevent potential scaling and monitoring issues. **Risk Reasoning:** Creating new resources like Auto Scaling Groups and alarms can impact application performance and behavior, but they pose no immediate security threat. <details> <summary>Show Terraform Plan</summary> ``` data.aws_ami.ubuntu: Reading... data.aws_ami.ubuntu: Read complete after 0s [id=ami-04680790a315cd58d] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # aws_autoscaling_group.app_asg will be created + resource "aws_autoscaling_group" "app_asg" { + arn = (known after apply) + availability_zones = (known after apply) + default_cooldown = (known after apply) + desired_capacity = 2 + force_delete = false + force_delete_warm_pool = false + health_check_grace_period = 300 + health_check_type = "ELB" + id = (known after apply) + ignore_failed_scaling_activities = false + load_balancers = (known after apply) + max_size = 5 + metrics_granularity = "1Minute" + min_size = 2 + name = "app-asg" + name_prefix = (known after apply) + predicted_capacity = (known after apply) + protect_from_scale_in = false + region = "us-east-1" + service_linked_role_arn = (known after apply) + target_group_arns = (known after apply) + vpc_zone_identifier = (known after apply) + wait_for_capacity_timeout = "10m" + warm_pool_size = (known after apply) + availability_zone_distribution (known after apply) + capacity_reservation_specification (known after apply) + launch_template { + id = (known after apply) + name = (known after apply) + version = "$Latest" } + mixed_instances_policy (known after apply) + tag { + key = "Name" + propagate_at_launch = true + value = "app-instance" } + traffic_source (known after apply) } # aws_autoscaling_policy.scale_in will be created + resource "aws_autoscaling_policy" "scale_in" { + adjustment_type = "ChangeInCapacity" + arn = (known after apply) + autoscaling_group_name = "app-asg" + cooldown = 300 + enabled = true + id = (known after apply) + metric_aggregation_type = (known after apply) + name = "scale-in" + policy_type = "SimpleScaling" + region = "us-east-1" + scaling_adjustment = -1 } # aws_autoscaling_policy.scale_out will be created + resource "aws_autoscaling_policy" "scale_out" { + adjustment_type = "ChangeInCapacity" + arn = (known after apply) + autoscaling_group_name = "app-asg" + cooldown = 300 + enabled = true + id = (known after apply) + metric_aggregation_type = (known after apply) + name = "scale-out" + policy_type = "SimpleScaling" + region = "us-east-1" + scaling_adjustment = 1 } # aws_autoscaling_policy.target_tracking will be created + resource "aws_autoscaling_policy" "target_tracking" { + arn = (known after apply) + autoscaling_group_name = "app-asg" + enabled = true + id = (known after apply) + metric_aggregation_type = (known after apply) + name = "target-tracking-policy" + policy_type = "TargetTrackingScaling" + region = "us-east-1" + target_tracking_configuration { + disable_scale_in = false + target_value = 70 + predefined_metric_specification { + predefined_metric_type = "ASGAverageCPUUtilization" } } } # aws_cloudwatch_metric_alarm.high_cpu will be created + resource "aws_cloudwatch_metric_alarm" "high_cpu" { + actions_enabled = true + alarm_actions = (known after apply) + alarm_description = "This metric monitors ec2 cpu utilization" + alarm_name = "high-cpu-utilization" + arn = (known after apply) + comparison_operator = "GreaterThanThreshold" + dimensions = { + "AutoScalingGroupName" = "app-asg" } + evaluate_low_sample_count_percentiles = (known after apply) + evaluation_periods = 2 + id = (known after apply) + metric_name = "CPUUtilization" + namespace = "AWS/EC2" + period = 120 + region = "us-east-1" + statistic = "Average" + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Project" = "TerraWatch" } + threshold = 80 + treat_missing_data = "missing" } # aws_cloudwatch_metric_alarm.low_cpu will be created + resource "aws_cloudwatch_metric_alarm" "low_cpu" { + actions_enabled = true + alarm_actions = (known after apply) + alarm_description = "This metric monitors ec2 cpu utilization" + alarm_name = "low-cpu-utilization" + arn = (known after apply) + comparison_operator = "LessThanThreshold" + dimensions = { + "AutoScalingGroupName" = "app-asg" } + evaluate_low_sample_count_percentiles = (known after apply) + evaluation_periods = 2 + id = (known after apply) + metric_name = "CPUUtilization" + namespace = "AWS/EC2" + period = 120 + region = "us-east-1" + statistic = "Average" + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Project" = "TerraWatch" } + threshold = 20 + treat_missing_data = "missing" } # aws_eip.main[0] will be created + resource "aws_eip" "main" { + allocation_id = (known after apply) + arn = (known after apply) + association_id = (known after apply) + carrier_ip = (known after apply) + customer_owned_ip = (known after apply) + domain = "vpc" + id = (known after apply) + instance = (known after apply) + ipam_pool_id = (known after apply) + network_border_group = (known after apply) + network_interface = (known after apply) + private_dns = (known after apply) + private_ip = (known after apply) + ptr_record = (known after apply) + public_dns = (known after apply) + public_ip = (known after apply) + public_ipv4_pool = (known after apply) + region = "us-east-1" + tags = { + "Name" = "nat-eip-az-1" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "nat-eip-az-1" + "Project" = "TerraWatch" } } # aws_eip.main[1] will be created + resource "aws_eip" "main" { + allocation_id = (known after apply) + arn = (known after apply) + association_id = (known after apply) + carrier_ip = (known after apply) + customer_owned_ip = (known after apply) + domain = "vpc" + id = (known after apply) + instance = (known after apply) + ipam_pool_id = (known after apply) + network_border_group = (known after apply) + network_interface = (known after apply) + private_dns = (known after apply) + private_ip = (known after apply) + ptr_record = (known after apply) + public_dns = (known after apply) + public_ip = (known after apply) + public_ipv4_pool = (known after apply) + region = "us-east-1" + tags = { + "Name" = "nat-eip-az-2" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "nat-eip-az-2" + "Project" = "TerraWatch" } } # aws_iam_instance_profile.ec2_profile will be created + resource "aws_iam_instance_profile" "ec2_profile" { + arn = (known after apply) + create_date = (known after apply) + id = (known after apply) + name = "ec2-app-profile-prod" + name_prefix = (known after apply) + path = "/" + role = "ec2-app-role-prod" + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Project" = "TerraWatch" } + unique_id = (known after apply) } # aws_iam_role.ec2_role will be created + resource "aws_iam_role" "ec2_role" { + arn = (known after apply) + assume_role_policy = jsonencode( { + Statement = [ + { + Action = "sts:AssumeRole" + Effect = "Allow" + Principal = { + Service = "ec2.amazonaws.com" } }, ] + Version = "2012-10-17" } ) + create_date = (known after apply) + force_detach_policies = false + id = (known after apply) + managed_policy_arns = (known after apply) + max_session_duration = 3600 + name = "ec2-app-role-prod" + name_prefix = (known after apply) + path = "/" + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Project" = "TerraWatch" } + unique_id = (known after apply) + inline_policy (known after apply) } # aws_iam_role_policy_attachment.cloudwatch will be created + resource "aws_iam_role_policy_attachment" "cloudwatch" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy" + role = "ec2-app-role-prod" } # aws_iam_role_policy_attachment.ssm will be created + resource "aws_iam_role_policy_attachment" "ssm" { + id = (known after apply) + policy_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" + role = "ec2-app-role-prod" } # aws_internet_gateway.main will be created + resource "aws_internet_gateway" "main" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + region = "us-east-1" + tags = { + "Name" = "main-internet-gateway" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "main-internet-gateway" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_launch_template.app will be created + resource "aws_launch_template" "app" { + arn = (known after apply) + default_version = (known after apply) + id = (known after apply) + image_id = "ami-04680790a315cd58d" + instance_type = "t3.small" + latest_version = (known after apply) + name = (known after apply) + name_prefix = "app-launch-template-" + region = "us-east-1" + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Project" = "TerraWatch" } + user_data = "IyEvYmluL2Jhc2gKCiMgVXBkYXRlIHRoZSBwYWNrYWdlIHJlcG9zaXRvcnkKYXB0LWdldCB1cGRhdGUgLXkKCiMgSW5zdGFsbCBEb2NrZXIKYXB0LWdldCBpbnN0YWxsIC15IGRvY2tlci5pbwoKIyBTdGFydCBhbmQgZW5hYmxlIERvY2tlciBzZXJ2aWNlCnN5c3RlbWN0bCBzdGFydCBkb2NrZXIKc3lzdGVtY3RsIGVuYWJsZSBkb2NrZXIKCiMgQWRkIHVidW50dSB1c2VyIHRvIGRvY2tlciBncm91cCAob3B0aW9uYWwsIGJ1dCBnb29kIHByYWN0aWNlKQp1c2VybW9kIC1hRyBkb2NrZXIgdWJ1bnR1CgojIFB1bGwgYW5kIHJ1biB0aGUgRGphbmdvIGFwcGxpY2F0aW9uIGNvbnRhaW5lcgojIE1hcHBpbmcgSG9zdCBQb3J0IDgwIChBTEIgdHJhZmZpYykgdG8gQ29udGFpbmVyIFBvcnQgODAwMCAoRGphbmdvIGRlZmF1bHQpCmRvY2tlciBydW4gLWQgXAogIC0tbmFtZSBkamFuZ28tYXBwIFwKICAtLXJlc3RhcnQgYWx3YXlzIFwKICAtcCA4MDo4MDAwIFwKICBpdHNiYWl2YWIvZGphbmdvLWFwcA==" + vpc_security_group_ids = (known after apply) + iam_instance_profile { + arn = (known after apply) } + metadata_options { + http_endpoint = "enabled" + http_protocol_ipv6 = (known after apply) + http_put_response_hop_limit = 1 + http_tokens = "required" + instance_metadata_tags = (known after apply) } + monitoring { + enabled = true } + tag_specifications { + resource_type = "instance" + tags = { + "Name" = "app-instance" } } } # aws_lb.app_lb will be created + resource "aws_lb" "app_lb" { + arn = (known after apply) + arn_suffix = (known after apply) + client_keep_alive = 3600 + desync_mitigation_mode = "defensive" + dns_name = (known after apply) + drop_invalid_header_fields = false + enable_deletion_protection = true + enable_http2 = true + enable_tls_version_and_cipher_suite_headers = false + enable_waf_fail_open = false + enable_xff_client_port = false + enable_zonal_shift = false + enforce_security_group_inbound_rules_on_private_link_traffic = (known after apply) + id = (known after apply) + idle_timeout = 60 + internal = false + ip_address_type = (known after apply) + load_balancer_type = "application" + name = "app-load-balancer" + name_prefix = (known after apply) + preserve_host_header = false + region = "us-east-1" + secondary_ips_auto_assigned_per_subnet = (known after apply) + security_groups = (known after apply) + subnets = (known after apply) + tags = { + "Name" = "app-load-balancer" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "app-load-balancer" + "Project" = "TerraWatch" } + vpc_id = (known after apply) + xff_header_processing_mode = "append" + zone_id = (known after apply) + subnet_mapping (known after apply) } # aws_lb_listener.http will be created + resource "aws_lb_listener" "http" { + arn = (known after apply) + id = (known after apply) + load_balancer_arn = (known after apply) + port = 80 + protocol = "HTTP" + region = "us-east-1" + routing_http_request_x_amzn_mtls_clientcert_header_name = (known after apply) + routing_http_request_x_amzn_mtls_clientcert_issuer_header_name = (known after apply) + routing_http_request_x_amzn_mtls_clientcert_leaf_header_name = (known after apply) + routing_http_request_x_amzn_mtls_clientcert_serial_number_header_name = (known after apply) + routing_http_request_x_amzn_mtls_clientcert_subject_header_name = (known after apply) + routing_http_request_x_amzn_mtls_clientcert_validity_header_name = (known after apply) + routing_http_request_x_amzn_tls_cipher_suite_header_name = (known after apply) + routing_http_request_x_amzn_tls_version_header_name = (known after apply) + routing_http_response_access_control_allow_credentials_header_value = (known after apply) + routing_http_response_access_control_allow_headers_header_value = (known after apply) + routing_http_response_access_control_allow_methods_header_value = (known after apply) + routing_http_response_access_control_allow_origin_header_value = (known after apply) + routing_http_response_access_control_expose_headers_header_value = (known after apply) + routing_http_response_access_control_max_age_header_value = (known after apply) + routing_http_response_content_security_policy_header_value = (known after apply) + routing_http_response_server_enabled = (known after apply) + routing_http_response_strict_transport_security_header_value = (known after apply) + routing_http_response_x_content_type_options_header_value = (known after apply) + routing_http_response_x_frame_options_header_value = (known after apply) + ssl_policy = (known after apply) + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Project" = "TerraWatch" } + tcp_idle_timeout_seconds = (known after apply) + default_action { + order = (known after apply) + type = "forward" + forward { + target_group { + arn = (known after apply) + weight = 1 } } } + mutual_authentication (known after apply) } # aws_lb_target_group.app_tg will be created + resource "aws_lb_target_group" "app_tg" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = (known after apply) + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancer_arns = (known after apply) + load_balancing_algorithm_type = (known after apply) + load_balancing_anomaly_mitigation = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "app-target-group" + name_prefix = (known after apply) + port = 80 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + region = "us-east-1" + slow_start = 0 + tags = { + "Name" = "app-target-group" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "app-target-group" + "Project" = "TerraWatch" } + target_type = "instance" + vpc_id = (known after apply) + health_check { + enabled = true + healthy_threshold = 2 + interval = 30 + matcher = (known after apply) + path = "/" + port = "traffic-port" + protocol = "HTTP" + timeout = 5 + unhealthy_threshold = 2 } + stickiness (known after apply) + target_failover (known after apply) + target_group_health (known after apply) + target_health_state (known after apply) } # aws_nat_gateway.main[0] will be created + resource "aws_nat_gateway" "main" { + allocation_id = (known after apply) + association_id = (known after apply) + auto_provision_zones = (known after apply) + auto_scaling_ips = (known after apply) + availability_mode = (known after apply) + connectivity_type = "public" + id = (known after apply) + network_interface_id = (known after apply) + private_ip = (known after apply) + public_ip = (known after apply) + region = "us-east-1" + regional_nat_gateway_address = (known after apply) + regional_nat_gateway_auto_mode = (known after apply) + route_table_id = (known after apply) + secondary_allocation_ids = (known after apply) + secondary_private_ip_address_count = (known after apply) + secondary_private_ip_addresses = (known after apply) + subnet_id = (known after apply) + tags = { + "Name" = "nat-gateway-az-1" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "nat-gateway-az-1" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_nat_gateway.main[1] will be created + resource "aws_nat_gateway" "main" { + allocation_id = (known after apply) + association_id = (known after apply) + auto_provision_zones = (known after apply) + auto_scaling_ips = (known after apply) + availability_mode = (known after apply) + connectivity_type = "public" + id = (known after apply) + network_interface_id = (known after apply) + private_ip = (known after apply) + public_ip = (known after apply) + region = "us-east-1" + regional_nat_gateway_address = (known after apply) + regional_nat_gateway_auto_mode = (known after apply) + route_table_id = (known after apply) + secondary_allocation_ids = (known after apply) + secondary_private_ip_address_count = (known after apply) + secondary_private_ip_addresses = (known after apply) + subnet_id = (known after apply) + tags = { + "Name" = "nat-gateway-az-2" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "nat-gateway-az-2" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_route.private[0] will be created + resource "aws_route" "private" { + destination_cidr_block = "0.0.0.0/0" + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + nat_gateway_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + region = "us-east-1" + route_table_id = (known after apply) + state = (known after apply) } # aws_route.private[1] will be created + resource "aws_route" "private" { + destination_cidr_block = "0.0.0.0/0" + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + nat_gateway_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + region = "us-east-1" + route_table_id = (known after apply) + state = (known after apply) } # aws_route.public will be created + resource "aws_route" "public" { + destination_cidr_block = "0.0.0.0/0" + gateway_id = (known after apply) + id = (known after apply) + instance_id = (known after apply) + instance_owner_id = (known after apply) + network_interface_id = (known after apply) + origin = (known after apply) + region = "us-east-1" + route_table_id = (known after apply) + state = (known after apply) } # aws_route_table.private[0] will be created + resource "aws_route_table" "private" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + propagating_vgws = (known after apply) + region = "us-east-1" + route = (known after apply) + tags = { + "Name" = "private-route-table-1" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "private-route-table-1" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_route_table.private[1] will be created + resource "aws_route_table" "private" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + propagating_vgws = (known after apply) + region = "us-east-1" + route = (known after apply) + tags = { + "Name" = "private-route-table-2" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "private-route-table-2" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_route_table.public will be created + resource "aws_route_table" "public" { + arn = (known after apply) + id = (known after apply) + owner_id = (known after apply) + propagating_vgws = (known after apply) + region = "us-east-1" + route = (known after apply) + tags = { + "Name" = "public-route-table" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "public-route-table" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_route_table_association.private[0] will be created + resource "aws_route_table_association" "private" { + id = (known after apply) + region = "us-east-1" + route_table_id = (known after apply) + subnet_id = (known after apply) } # aws_route_table_association.private[1] will be created + resource "aws_route_table_association" "private" { + id = (known after apply) + region = "us-east-1" + route_table_id = (known after apply) + subnet_id = (known after apply) } # aws_route_table_association.public[0] will be created + resource "aws_route_table_association" "public" { + id = (known after apply) + region = "us-east-1" + route_table_id = (known after apply) + subnet_id = (known after apply) } # aws_route_table_association.public[1] will be created + resource "aws_route_table_association" "public" { + id = (known after apply) + region = "us-east-1" + route_table_id = (known after apply) + subnet_id = (known after apply) } # aws_s3_bucket.my_bucket will be created + resource "aws_s3_bucket" "my_bucket" { + acceleration_status = (known after apply) + acl = (known after apply) + arn = (known after apply) + bucket = (known after apply) + bucket_domain_name = (known after apply) + bucket_prefix = (known after apply) + bucket_region = (known after apply) + bucket_regional_domain_name = (known after apply) + force_destroy = false + hosted_zone_id = (known after apply) + id = (known after apply) + object_lock_enabled = (known after apply) + policy = (known after apply) + region = "us-east-1" + request_payer = (known after apply) + tags = { + "Name" = "app-bucket-prod" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "app-bucket-prod" + "Project" = "TerraWatch" } + website_domain = (known after apply) + website_endpoint = (known after apply) + cors_rule (known after apply) + grant (known after apply) + lifecycle_rule (known after apply) + logging (known after apply) + object_lock_configuration (known after apply) + replication_configuration (known after apply) + server_side_encryption_configuration (known after apply) + versioning (known after apply) + website (known after apply) } # aws_s3_bucket_acl.my_bucket will be created + resource "aws_s3_bucket_acl" "my_bucket" { + acl = "private" + bucket = (known after apply) + id = (known after apply) + region = "us-east-1" + access_control_policy (known after apply) } # aws_s3_bucket_ownership_controls.my_bucket will be created + resource "aws_s3_bucket_ownership_controls" "my_bucket" { + bucket = (known after apply) + id = (known after apply) + region = "us-east-1" + rule { + object_ownership = "BucketOwnerPreferred" } } # aws_s3_bucket_public_access_block.my_bucket will be created + resource "aws_s3_bucket_public_access_block" "my_bucket" { + block_public_acls = true + block_public_policy = true + bucket = (known after apply) + id = (known after apply) + ignore_public_acls = true + region = "us-east-1" + restrict_public_buckets = true } # aws_s3_bucket_server_side_encryption_configuration.my_bucket will be created + resource "aws_s3_bucket_server_side_encryption_configuration" "my_bucket" { + bucket = (known after apply) + id = (known after apply) + region = "us-east-1" + rule { + blocked_encryption_types = [] + apply_server_side_encryption_by_default { + sse_algorithm = "AES256" # (1 unchanged attribute hidden) } } } # aws_s3_bucket_versioning.my_bucket will be created + resource "aws_s3_bucket_versioning" "my_bucket" { + bucket = (known after apply) + id = (known after apply) + region = "us-east-1" + versioning_configuration { + mfa_delete = (known after apply) + status = "Enabled" } } # aws_security_group.alb_sg will be created + resource "aws_security_group" "alb_sg" { + arn = (known after apply) + description = "Security group for Application Load Balancer" + egress = [ + { + cidr_blocks = [ + "0.0.0.0/0", ] + description = "Allow all outbound" + from_port = 0 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "-1" + security_groups = [] + self = false + to_port = 0 }, ] + id = (known after apply) + ingress = [ + { + cidr_blocks = [ + "0.0.0.0/0", ] + description = "HTTP from Internet" + from_port = 80 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = [] + self = false + to_port = 80 }, + { + cidr_blocks = [ + "0.0.0.0/0", ] + description = "HTTPS from Internet" + from_port = 443 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = [] + self = false + to_port = 443 }, ] + name = "alb-security-group" + name_prefix = (known after apply) + owner_id = (known after apply) + region = "us-east-1" + revoke_rules_on_delete = false + tags = { + "Name" = "alb-security-group" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "alb-security-group" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_security_group.app_sg will be created + resource "aws_security_group" "app_sg" { + arn = (known after apply) + description = "Security group for application instances - only allow traffic from ALB" + egress = [ + { + cidr_blocks = [ + "0.0.0.0/0", ] + description = "Allow all outbound (for updates via NAT)" + from_port = 0 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "-1" + security_groups = [] + self = false + to_port = 0 }, ] + id = (known after apply) + ingress = [ + { + cidr_blocks = [] + description = "HTTP from ALB only" + from_port = 80 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = (known after apply) + self = false + to_port = 80 }, + { + cidr_blocks = [] + description = "HTTPS from ALB only" + from_port = 443 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = (known after apply) + self = false + to_port = 443 }, ] + name = "app-security-group" + name_prefix = (known after apply) + owner_id = (known after apply) + region = "us-east-1" + revoke_rules_on_delete = false + tags = { + "Name" = "app-security-group" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "app-security-group" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_subnet.private[0] will be created + resource "aws_subnet" "private" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-1a" + availability_zone_id = (known after apply) + cidr_block = "10.0.11.0/24" + enable_dns64 = false + enable_resource_name_dns_a_record_on_launch = false + enable_resource_name_dns_aaaa_record_on_launch = false + id = (known after apply) + ipv6_cidr_block = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + ipv6_native = false + map_public_ip_on_launch = false + owner_id = (known after apply) + private_dns_hostname_type_on_launch = (known after apply) + region = "us-east-1" + tags = { + "Name" = "private-subnet-1" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "private-subnet-1" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_subnet.private[1] will be created + resource "aws_subnet" "private" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-1b" + availability_zone_id = (known after apply) + cidr_block = "10.0.12.0/24" + enable_dns64 = false + enable_resource_name_dns_a_record_on_launch = false + enable_resource_name_dns_aaaa_record_on_launch = false + id = (known after apply) + ipv6_cidr_block = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + ipv6_native = false + map_public_ip_on_launch = false + owner_id = (known after apply) + private_dns_hostname_type_on_launch = (known after apply) + region = "us-east-1" + tags = { + "Name" = "private-subnet-2" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "private-subnet-2" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_subnet.public[0] will be created + resource "aws_subnet" "public" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-1a" + availability_zone_id = (known after apply) + cidr_block = "10.0.1.0/24" + enable_dns64 = false + enable_resource_name_dns_a_record_on_launch = false + enable_resource_name_dns_aaaa_record_on_launch = false + id = (known after apply) + ipv6_cidr_block = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + ipv6_native = false + map_public_ip_on_launch = true + owner_id = (known after apply) + private_dns_hostname_type_on_launch = (known after apply) + region = "us-east-1" + tags = { + "Name" = "public-subnet-1" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "public-subnet-1" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_subnet.public[1] will be created + resource "aws_subnet" "public" { + arn = (known after apply) + assign_ipv6_address_on_creation = false + availability_zone = "us-east-1b" + availability_zone_id = (known after apply) + cidr_block = "10.0.2.0/24" + enable_dns64 = false + enable_resource_name_dns_a_record_on_launch = false + enable_resource_name_dns_aaaa_record_on_launch = false + id = (known after apply) + ipv6_cidr_block = (known after apply) + ipv6_cidr_block_association_id = (known after apply) + ipv6_native = false + map_public_ip_on_launch = true + owner_id = (known after apply) + private_dns_hostname_type_on_launch = (known after apply) + region = "us-east-1" + tags = { + "Name" = "public-subnet-2" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "public-subnet-2" + "Project" = "TerraWatch" } + vpc_id = (known after apply) } # aws_vpc.main will be created + resource "aws_vpc" "main" { + arn = (known after apply) + cidr_block = "10.0.0.0/16" + default_network_acl_id = (known after apply) + default_route_table_id = (known after apply) + default_security_group_id = (known after apply) + dhcp_options_id = (known after apply) + enable_dns_hostnames = true + enable_dns_support = true + enable_network_address_usage_metrics = (known after apply) + id = (known after apply) + instance_tenancy = "default" + ipv6_association_id = (known after apply) + ipv6_cidr_block = (known after apply) + ipv6_cidr_block_network_border_group = (known after apply) + main_route_table_id = (known after apply) + owner_id = (known after apply) + region = "us-east-1" + tags = { + "Name" = "main-vpc" } + tags_all = { + "Environment" = "prod" + "ManagedBy" = "Terraform" + "Name" = "main-vpc" + "Project" = "TerraWatch" } } # random_id.bucket_suffix will be created + resource "random_id" "bucket_suffix" { + b64_std = (known after apply) + b64_url = (known after apply) + byte_length = 4 + dec = (known after apply) + hex = (known after apply) + id = (known after apply) } Plan: 43 to add, 0 to change, 0 to destroy. Changes to Outputs: + autoscaling_group_name = "app-asg" + load_balancer_arn = (known after apply) + load_balancer_dns = (known after apply) + nat_gateway_ips = [ + (known after apply), + (known after apply), ] + private_subnet_ids = [ + (known after apply), + (known after apply), ] + public_subnet_ids = [ + (known after apply), + (known after apply), ] + s3_bucket_arn = (known after apply) + s3_bucket_name = (known after apply) + vpc_id = (known after apply) ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ``` </details>

Ver en github

Relacionados en devtools

RSSB2Bdevtools
8.3

Plataforma que calcula automáticamente el tamaño óptimo de modelo, volumen de datos de entrenamiento y presupuesto de inferencia usando Train-to-Test scaling laws

hace 21 horas
Detalles
ProductHuntB2Bdevtools
8.0

Plataforma que analiza y optimiza sitios web para compatibilidad con agentes de IA, incluyendo auditorías automáticas, recomendaciones de mejora y herramientas de implementación.

hace 3 días
Detalles
HNB2Bdevtools
7.8

Una plataforma SaaS de gestión de acceso a infraestructuras cloud que permita control granular, automatización de permisos y credenciales de corta duración, con integración sencilla y sin necesidad de infraestructura propia.

hace 6 horas
Detalles
HNB2Bdevtools
7.8

Plataforma que ayuda a empresas SaaS tradicionales a integrar y orquestar agentes de IA en sus productos existentes para mantener competitividad.

hace 21 horas
Detalles
Ver fuente