Infrastructure
Deep dive into Terraform modules and AWS infrastructure.
Overview
This section provides detailed documentation of the Terraform infrastructure modules used to deploy the NorthBuilt RAG System.
Documents
1. Terraform Modules
Comprehensive guide to all Terraform modules.
- Root module orchestration
- Lambda module (all 12 functions)
- API Gateway module
- Storage module (S3, DynamoDB)
- Secrets module
- Best practices and naming conventions
Audience: Infrastructure Engineers, DevOps Time: 45 minutes
Module Structure
terraform/
├── main.tf # Root module
├── variables.tf # Input variables
├── outputs.tf # Output values
├── backend.tf # S3 + DynamoDB backend
└── modules/
├── api_gateway/ # HTTP API + routes
├── auth/ # Cognito user pool
├── lambda/ # Lambda functions
├── storage/ # S3 + DynamoDB
├── secrets/ # Secrets Manager
└── web/ # CloudFront + S3
Quick Reference
Common Terraform Commands
# Initialize
terraform init
# Plan changes
terraform plan
# Apply changes
terraform apply
# Show outputs
terraform output
# Format code
terraform fmt -recursive
# Validate syntax
terraform validate
# Import existing resource
terraform import 'aws_lambda_function.chat' 'nb-rag-sys-chat'
Module Dependencies
secrets → lambda → api_gateway
storage → lambda
auth → api_gateway
web (standalone)
Best Practices
- Always use modules - Reusable, testable components
- Least-privilege IAM - Specific resource ARNs, no wildcards
- Tag everything - Project, Environment, ManagedBy, Component
- Use variables - No hardcoded values
- Document complex resources - Comments for non-obvious configs
Next: Reference for API documentation.