Terraform
Use Terraform when you want Corridor infrastructure provisioned as code on a supported cloud. Corridor maintains cloud-specific Terraform repositories for managed container deployments:
corridor/terraform-aws-ggxfor AWS ECS Fargate.corridor/terraform-azurerm-ggxfor Azure Container Apps.corridor/terraform-google-ggxfor Google Cloud Run.
These modules are separate from the Kubernetes manifests. Use Kubernetes for AKS, GKE, or EKS clusters. Use Terraform when you want cloud-managed container services and the surrounding cloud infrastructure created through IaC.
Common Workflow
Section titled “Common Workflow”Each repository follows the same Terraform workflow:
cp terraform.tfvars.example terraform.tfvars# Edit terraform.tfvars with cloud, image, database, hostname, and license values.terraform initterraform planterraform applyKeep terraform.tfvars and state files out of source control unless your organization has an approved secrets and backend workflow. For production, configure a remote backend such as S3, Azure Storage, or GCS and restrict state access because state may contain sensitive values.
AWS Module
Section titled “AWS Module”The AWS module runs Corridor on ECS Fargate. It provisions or configures:
- One ECS service on an ECS cluster.
- A Fargate task definition with
corridor-migration,corridor-app,corridor-worker, andcorridor-jupyter. - Application Load Balancer routing
/to the app container and/jupyterto Jupyter. - EFS file system, mount targets, and access points for shared persistent state.
- IAM task execution and task roles.
- CloudWatch log group.
- Security groups for ALB, ECS tasks, and EFS.
Primary configuration values include:
imagehostnamecertificate_arndatabase_urllicense_key
See the AWS page for AWS service and permission guidance.
Azure Module
Section titled “Azure Module”The Azure module deploys Corridor on Azure Container Apps. It provisions or configures:
- Container Apps for the app, worker, Jupyter, PostgreSQL-facing configuration, and Nginx routing.
- Azure Files for shared storage.
- Optional dedicated workload profiles when the default consumption profile is not enough.
- Resource group, Container App Environment, storage account, and database-related outputs.
Primary configuration values include:
resource_group_namelocationacr_login_serveracr_sp_client_idacr_sp_client_secretimage_nameimage_versioncorridor_license_keydb_admin_passwordapp_workload_profile
See the Azure page for Azure service and permission guidance.
Google Cloud Module
Section titled “Google Cloud Module”The Google Cloud module runs Corridor on Cloud Run and maps the Kubernetes application shape to managed Google Cloud services. It provisions or configures:
corridor-migrationas a Cloud Run Job.corridor-app,corridor-worker, andcorridor-jupyteras Cloud Run services.- Cloud SQL for PostgreSQL.
- Cloud Storage for shared file-backed state.
- Direct VPC egress for private service connectivity.
- External HTTPS load balancer with serverless NEGs so
/routes to the app and/jupyterroutes to Jupyter. - Service account and IAM bindings.
Primary configuration values include:
project_idimagehostnamedb_passwordlicense_key- SMTP values when email notifications are required
See the GCP page for Google Cloud service and permission guidance.
When To Use Terraform
Section titled “When To Use Terraform”| Requirement | Recommended path |
|---|---|
| Managed Kubernetes on AKS, GKE, or EKS | Kubernetes |
| AWS serverless containers | Terraform AWS ECS Fargate module |
| Azure managed containers | Terraform Azure Container Apps module |
| Google Cloud managed containers | Terraform Cloud Run module |
| Existing VMs or bare metal | Manual |
| Existing Docker host or compose environment | Docker-based |