Week 6 ‐ 24.03.2025 ‐ 30.03.2025 - Campus-Castolo/m300 GitHub Wiki
Week 6 - 24.03.2025 ‐ 30.03.2025
Week 6 - 24.03.2025 ‐ 30.03.2025 - Task list
| Task | Description | Notes | Status | Start Date | Completion Date | Hours Needed |
|---|---|---|---|---|---|---|
| Refactor Terraform Infrastructure Code | Break down monolithic file into multiple modular files | Improves readability & maintainability | ✅ | 25.03.2025 | 27.03.2025 | 3 Hrs |
| Research Secret Management for Terraform | Learn best practices for storing secrets securely in tfvars/variables.tf | Focus on credentials and DB passwords | ✅ | 25.03.2025 | 25.03.2025 | 1.5 Hrs |
| ECS Docker Task Definition + Public Access | Use Docker image in ECS and make the WordPress site accessible | Switched from EC2 to Fargate | ✅ | 26.03.2025 | 28.03.2025 | 4 Hrs |
| Refactor ECS Setup from EC2 to Fargate | Use Fargate for serverless container orchestration | Simplifies management, aligns with AWS best practice | ✅ | 27.03.2025 | 28.03.2025 | 2 Hrs |
Daily Log 25.03.2025
Daily Log 25.03.2025 - Activity
| Task | Description | Notes | Status | Start Date | Completion Date | Hours Needed |
|---|---|---|---|---|---|---|
| Refactor Terraform Infrastructure Code | Split monolithic .tf file into logical separate modules | Improved overview of infrastructure setup | ✅ | 25.03.2025 | 27.03.2025 | 3 Hrs |
| Research Secret Management in Terraform | Investigated ways to securely manage environment secrets | Compared .tfvars vs environment variables |
✅ | 25.03.2025 | 25.03.2025 | 1.5 Hrs |
Daily Log 25.03.2025 - Summary
Today I focused on improving the structure of my Terraform infrastructure code. I split the original single .tf file into 7 smaller and more organized files:
infrastructure-ecs.tfinfrastructure-ecr.tfinfrastructure-vpc.tfinfrastructure-rds.tfinfrastructure-sec.tfinfrastructure-cloudwatch.tfinfrastructure-alb.tf
I also spent some time researching best practices around environment secret management within Terraform. I discovered that sensitive variables should be stored in .tfvars and declared with sensitive = true in variables.tf. I also noted that storing secrets directly in .tf files or GitHub repos is not secure.
Daily Log 28.03.2025
Daily Log 28.03.2025 - Activity
| Task | Description | Notes | Status | Start Date | Completion Date | Hours Needed |
|---|---|---|---|---|---|---|
| ECS Docker Task + Public Access | Finalized ECS Task Definition using WordPress Docker image | Site is now accessible publicly | ✅ | 26.03.2025 | 28.03.2025 | 4 Hrs |
| Switched from EC2 to Fargate | Updated ECS setup to use Fargate instead of EC2 | Serverless, more scalable setup | ✅ | 27.03.2025 | 28.03.2025 | 2 Hrs |
Daily Log 28.03.2025 - Summary
I completed the ECS task that had been left unfinished in Week 5. The WordPress Docker container is now deployed and publicly accessible via Fargate. I initially ran into a few issues with port mappings and IAM roles, but those were resolved after referencing the AWS Fargate docs.
Switching from EC2 to Fargate significantly simplified the setup, removing the need for EC2 instance management and improving the scalability of the deployment.
Weekly Summary - 24.03.2025 - 30.03.2025
This week was focused on refactoring and completing unfinished infrastructure tasks. I modularized the Terraform code into logical files to improve readability and maintainability. I also completed the deployment of the WordPress container using ECS and made the service publicly accessible by switching from EC2 to a cleaner, serverless Fargate setup. Additionally, I researched secure secret management practices in Terraform to ensure that environment variables are handled appropriately going forward.
Weekly Summary - 24.03.2025 - 30.03.2025 - Activity
| Task | Description | Status | Completion Date | Hours Spent |
|---|---|---|---|---|
| Refactor Terraform Infrastructure Code | Broke up large .tf into modular files |
✅ | 27.03.2025 | 3 Hrs |
| Research Secret Management for Terraform | Explored secure storage of sensitive variables | ✅ | 25.03.2025 | 1.5 Hrs |
| ECS Docker Task Definition + Public Access | WordPress container now accessible via public ALB | ✅ | 28.03.2025 | 4 Hrs |
| ECS Setup Refactor to Fargate | Replaced EC2-backed ECS service with Fargate | ✅ | 28.03.2025 | 2 Hrs |
Weekly Summary - 24.03.2025 - 30.03.2025 - Weekly Results
- ✅ Terraform infrastructure now split into 7 clearly defined files.
- ✅ WordPress service now fully deployed and accessible using ECS Fargate.
- ✅ Introduced serverless container orchestration (Fargate).
- ✅ Improved understanding of secret management in Terraform using
sensitivevariables and.tfvars.
Weekly Summary - 24.03.2025 - 30.03.2025 - Problems
- Misconfigured ECS task role permissions at first — resolved by updating IAM roles.
- Initially forgot to open port 80 in the security group, blocking ALB access.
- Needed to manually reinitialize Terraform when switching from EC2 to Fargate.
Weekly Summary - 24.03.2025 - 30.03.2025 - Open Questions
- How can I further automate secret injection in Terraform deployments securely?
- Should I start using Terraform modules for each major infrastructure component?
- Would it make sense to include testing/validation workflows after
terraform apply?