Skip to content

MisaelTox/AWS_grocery_v2

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

135 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

πŸ›’ GroceryMate β€” AWS Infrastructure Deployment

CI/CD AWS Terraform Docker Python

Final project for the Masterschools Cloud Engineering Program

Production-grade AWS deployment of a grocery e-commerce platform β€” Flask on EC2, RDS PostgreSQL, S3, CloudWatch, and fully automated CI/CD via GitHub Actions.

Deployment Status: Offline β€” destroyed via terraform destroy to avoid charges. All IaC configs in /infrastructure.


πŸ—οΈ Architecture

AWS Architecture Diagram

Component Technology
Compute AWS EC2 (Amazon Linux 2)
Database Amazon RDS PostgreSQL
Storage Amazon S3 (static assets)
Logging Amazon CloudWatch Agent
Security IAM Roles + Security Groups
IaC Terraform (modular)
CI/CD GitHub Actions

πŸ”„ CI/CD Pipeline

Push to version2
      ↓
βœ… Terraform CI (parallel)    βœ… Docker Build Check (parallel)
   β†’ terraform fmt               β†’ docker build
   β†’ terraform validate          β†’ verifies image builds
      ↓                               ↓
      └──────────── both pass β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                      ↓
           ⏸️ Manual approval gate
                      ↓
            πŸš€ terraform apply β†’ provisions all AWS resources

AWS credentials stored as GitHub Secrets β€” never hardcoded.


βš™οΈ Terraform Modular Structure

infrastructure/
β”œβ”€β”€ main.tf          ← orchestrates all modules
β”œβ”€β”€ provider.tf
β”œβ”€β”€ variables.tf
└── user_data.tpl    ← EC2 bootstrap script

modules/
β”œβ”€β”€ network/         ← VPC, subnets, IGW, route tables
β”œβ”€β”€ compute/         ← EC2, instance profile, security group
β”œβ”€β”€ database/        ← RDS PostgreSQL, subnet group
β”œβ”€β”€ storage/         ← S3 bucket
β”œβ”€β”€ iam/             ← roles for EC2 β†’ S3 and EC2 β†’ CloudWatch
└── cloudwatch/      ← log group configuration

🧩 EC2 Automated Bootstrap

On launch, user_data.tpl automatically:

  1. Installs Docker, Git, and PostgreSQL client
  2. Clones this repository
  3. Builds the Flask Docker image
  4. Starts the container linked to RDS via environment variables
  5. Installs and configures the CloudWatch Agent for log streaming

Zero manual SSH configuration needed.


πŸš€ Deployment

cd infrastructure
terraform init
terraform plan
terraform apply

Terraform outputs the EC2 public IP and RDS endpoint on completion.


πŸ“Š Monitoring

Logs stream automatically to CloudWatch under /aws/flask/grocerymate. View on EC2 directly:

sudo tail -f /var/log/grocerymate.log

🧹 Cleanup

terraform destroy

πŸ“ Lessons Learned

  • CI/CD with GitHub Actions β€” parallel Terraform validation + Docker build check with manual approval gate
  • Modular Terraform β€” organized 6 reusable modules (network, compute, database, storage, IAM, CloudWatch) keeping infrastructure maintainable and scalable
  • RDS integration β€” injected database credentials via Terraform environment variables, avoiding hardcoded secrets
  • CloudWatch observability β€” configured CloudWatch Agent via user_data to stream application and system logs automatically on EC2 launch

🧾 Credits

Original Application: Alejandro RomÑn IbÑñez AWS Infrastructure & CI/CD: MisaelTox

About

πŸ—οΈ Scalable Flask Infrastructure on AWS | Terraform (Modular), Docker, RDS PostgreSQL, S3 & CloudWatch. A production-grade deployment featuring centralized logging, managed databases, and automated IaC.

Resources

Stars

Watchers

Forks

Packages

 
 
 

Contributors