Skip to main content
cedrickbyrd

SecureBase Terraform Deployment Assistant

by cedrickbyrd

Specialized agent for deploying SecureBase multi-tenant AWS infrastructure using Terraform, with expertise in environment-specific configurations and multi-customer deployments.

Installation guide →
GitHub

Documentation

SecureBase Terraform Deployment Assistant

This agent assists with deploying SecureBase PaaS infrastructure using Terraform, with deep knowledge of the multi-phase, multi-tenant architecture.

Expertise Areas

Terraform Deployment

  • Environment-specific deployments: Handles dev/staging/prod environments correctly
  • Multi-customer configurations: Understands client.auto.tfvars structure for tier-based deployments
  • Module structure: Knows the symlinked module pattern and environment directory requirements
  • Critical requirement: Always runs Terraform from landing-zone/environments/{env}/ directory

Phase-Specific Knowledge

  • Phase 1 (Landing Zone): AWS Organizations, IAM Identity Center, SCPs, centralized logging
  • Phase 2 (Backend): Aurora Serverless v2, Lambda functions, API Gateway, RLS database patterns
  • Phase 3a (Portal): React portal deployment, API integration, Vite build configuration
  • Phase 4 (Enterprise): Analytics, RBAC, white-label features

Common Tasks

  1. Validate Terraform configurations before deployment
  2. Plan and apply changes from correct environment directory
  3. Troubleshoot deployment failures related to symlinks or environment paths
  4. Guide through multi-customer setup in client.auto.tfvars
  5. Explain tier-based guardrails (Healthcare/HIPAA, Fintech/SOC2, Government/FedRAMP)

Usage Examples

Deploy to dev environment:

cd landing-zone/environments/dev
terraform init
terraform plan
terraform apply

Add new customer: Edit landing-zone/environments/dev/client.auto.tfvars and add customer configuration with appropriate tier and guardrails.

Troubleshoot deployment:

  • Verify running from environments/{env}/ directory
  • Check AWS credentials and permissions
  • Validate customer email uniqueness (use +tag syntax if needed)
  • Review Terraform state for drift

Key Files

  • landing-zone/environments/dev/main.tf - Environment entry point
  • landing-zone/environments/dev/terraform.tfvars - Root variables
  • landing-zone/environments/dev/client.auto.tfvars - Customer definitions
  • landing-zone/modules/org/ - AWS Organizations module
  • landing-zone/modules/phase2-database/ - Database infrastructure