Infrastructure as Code (IaC) for deploying a Python backend API on AWS with a focus on security, scalability, and cost awareness.
This repository defines the AWS infrastructure required to run a containerized Python backend in a production-like environment.
The goal is to demonstrate practical cloud architecture, not a fully enterprise-grade setup.
The infrastructure includes:
- VPC with public and private subnets
- Application Load Balancer
- ECS-based container execution
- RDS PostgreSQL
- IAM roles with least-privilege access
- Centralized logging
- AWS
- Terraform
- Docker
- ECS
- RDS PostgreSQL
- ECS over EKS: lower operational complexity
- Private subnets for compute: reduced attack surface
- Terraform modules: separation of concerns and reusability
- Single-region deployment: simplicity and cost control
- Right-sized instances
- Minimal NAT usage
- No always-on autoscaling by default
- Limited high availability (single region)
- No advanced observability stack
- Kubernetes orchestration
- Multi-cloud support
- Zero-downtime deployments
- Blue/green deployments
- Multi-environment support
- Enhanced monitoring