terraform-u11d-medusajs

Terraform module to create MedusaJS resources

Root module calls these modules which can also be used separately to create independent resources:

• backend - creates MedusaJS backend resources
• ecr - creates ECR resources for container image store
• elasticache - creates Redis instance for MedusaJS backend
• rds - creates RDS database for MedusaJS backend
• storefront - creates MedusaJS starter frontend resources
• vpc - creates VPC

Usage

module "medusajs" {
  source = "u11d-com/terraform-u11d-medusajs"

  ## Required global variables (no defaults)
  project     = "my-project"
  environment = "example"

  ecr_storefront_create = true

  // Using example image build for MedusaJS starter
  backend_container_image = "ghcr.io/u11d-com/medusa-backend:1.20.10-latest"
  backend_seed_create = true
  backend_seed_run    = true
  backend_extra_environment_variables = {
    "NODE_ENV" : "development"
  }

  storefront_create          = false // Enable once image is built and pushed
  storefront_container_image = "xxx" // Full name of the image, including registry and tag
}

Conditional creation

The following values are provided to toggle on/off creation of the associated resources as desired:

module "medusajs" {
  source = "u11d-com/terraform-u11d-medusajs"

  ## Required global variables (no defaults)
  project     = "my-project"
  environment = "example"

  ## Conditional creation variables
  # Disable creation of ECR for backend in case you have external repository
  ecr_backend_create    = false
  # Disable creation of ECR for fronend in case you have external repository
  ecr_storefront_create = false
  # Disable creation of VPC for resources in case there is existing one
  vpc_create           = false
  # Disable creation of Redis instance for MedusaJS backend
  elasticache_create   = false
  # Disable creation of Postgresql RDS instance for MedusaJS backend
  rds_create          = false
  # Disable creation of MedusaJS backend resources
  backend_create      = false
  # Disable seed step for MedusaJS backend
  backend_seed_create = false
  # Disable creation of MedusaJS frontend resources
  storefront_create   = false
}

Examples

• Minimal - minimal configuration needed for deployment
• Complete - complete example using all available variables
• External resources - example using existing VPC and external image repositories

Requirements

Name	Version
terraform	~> 1.10.0
archive	~> 2.7.0
aws	~> 5.84.0
null	~> 3.2.3
random	~> 3.6.3

Providers

Name	Version
aws	5.84.0

Modules

Name	Source	Version
backend	./modules/backend	n/a
ecr_backend	./modules/ecr	n/a
ecr_storefront	./modules/ecr	n/a
elasticache	./modules/elasticache	n/a
rds	./modules/rds	n/a
storefront	./modules/storefront	n/a
vpc	./modules/vpc	n/a

Resources

Name	Type
aws_caller_identity.current	data source
aws_iam_session_context.current	data source
aws_partition.current	data source

Inputs

Name	Description	Type	Default	Required
az_count	Number of AZs to cover in a given region.	number	2	no
backend_admin_cors	CORS configuration for the admin panel. If not provided, CORS will not be configured.	string	null	no
backend_admin_credentials	Admin user credentials. If provided, it will be used to create an admin user.	object({ email = string password = optional(string) generate_password = optional(bool, true) })	null	no
backend_cloudfront_price_class	The price class for the backend CloudFront distribution	string	"PriceClass_100"	no
backend_container_image	Image tag of the docker image to run in the ECS cluster.	string	n/a	yes
backend_container_port	Port exposed by the task container to redirect traffic to.	number	9000	no
backend_container_registry_credentials	Credentials for private container registry authentication. Cannot be used together with backend_ecr_arn.	object({ username = string password = string })	null	no
backend_cookie_secret	Secret used for cookie signing. If not provided, a random secret will be generated.	string	null	no
backend_create	Enable backend resources creation	bool	true	no
backend_ecr_arn	ARN of Elastic Container Registry. Cannot be used together with backend_container_registry_credentials.	string	null	no
backend_expose_admin_only	Whether to expose publicly only /admin paths in the backend	bool	false	no
backend_extra_environment_variables	Additional environment variables to pass to the backend container	map(string)	{}	no
backend_extra_secrets	Additional secrets to pass to the backend container	map(object({ arn = string key = string }))	{}	no
backend_extra_security_group_ids	List of additional security group IDs to associate with the backend ECS service	list(string)	[]	no
backend_jwt_secret	Secret used for JWT token signing. If not provided, a random secret will be generated.	string	null	no
backend_logs	Logs configuration settings	object({ group = string retention = number prefix = string })	{ "group": "/medusa-backend", "prefix": "container", "retention": 30 }	no
backend_resources	ECS Task configuration settings	object({ instances = number cpu = number memory = number })	{ "cpu": 2048, "instances": 1, "memory": 4096 }	no
backend_run_migrations	Specify backend migrations should be run on start.	bool	true	no
backend_seed_command	Command to run to seed the database.	string	"npx medusa seed -f ./data/seed.json"	no
backend_seed_create	Enable backend seed function creation	bool	false	no
backend_seed_fail_on_error	Whether to fail the deployment if the seed command fails.	bool	true	no
backend_seed_run	Specify backend seed should be run after deployment.	bool	false	no
backend_seed_timeout	Timeout for the seed command.	number	60	no
backend_store_cors	CORS configuration for the store. If not provided, CORS will not be configured.	string	null	no
backend_target_group_health_check_config	Health check configuration for load balancer target group pointing on backend containers	object({ interval = number matcher = number timeout = number path = string healthy_threshold = number unhealthy_threshold = number })	{ "healthy_threshold": 3, "interval": 30, "matcher": 200, "path": "/health", "timeout": 3, "unhealthy_threshold": 3 }	no
backend_url	Medusa backend URL. Required if backend_create is false.	string	null	no
cidr_block	CIDR block used in VPC	string	"10.0.0.0/16"	no
database_url	Database connection URL. Required if rds_create is false.	string	null	no
ecr_backend_create	Enable backend ECR repository creation	bool	false	no
ecr_backend_retention_count	How many images to keep in backend repository	number	32	no
ecr_storefront_create	Enable storefront ECR repository creation	bool	false	no
ecr_storefront_retention_count	How many images to keep in storefront repository	number	32	no
elasticache_create	n/a	bool	true	no
elasticache_node_type	The Elasticache instance class used.	string	"cache.t3.micro"	no
elasticache_nodes_num	The initial number of cache nodes that the cache cluster will have.	number	1	no
elasticache_port	Port exposed by the redis to redirect traffic to.	number	6379	no
elasticache_redis_engine_version	The version of the redis that will be used to create the Elasticache cluster. You can provide a prefix of the version such as 7.1 (for 7.1.4).	string	"7.1"	no
environment	The name of the environment for which infrastructure is being provisioned.	string	n/a	yes
private_subnet_ids	List of private subnet IDs. Required if vpc_create is false.	list(string)	null	no
project	The name of the project for which infrastructure is being provisioned.	string	n/a	yes
public_subnet_ids	List of public subnet IDs. Required if vpc_create is false.	list(string)	null	no
rds_allocated_storage	The allocated storage in gigabytes.	number	5	no
rds_create	n/a	bool	true	no
rds_engine_version	The postgres engine version to use. You can provide a prefix of the version such as 8.0 (for 8.0.36).	string	"15.7"	no
rds_instance_class	The instance type of the RDS instance.	string	"db.t3.micro"	no
rds_port	Port exposed by the RDS.	number	5432	no
rds_username	The username used to authenticate with the PostgreSQL database.	string	"medusa"	no
redis_url	Redis connection URL. Required if elasticache_create is false.	string	null	no
storefront_cloudfront_price_class	The price class for the CloudFront distribution	string	"PriceClass_100"	no
storefront_container_image	Image tag of the docker image to run in the ECS cluster.	string	n/a	yes
storefront_container_port	Port exposed by the task container to redirect traffic to.	number	8000	no
storefront_container_registry_credentials	Credentials for private container registry authentication. Cannot be used together with storefront_ecr_arn.	object({ username = string password = string })	null	no
storefront_create	Enable storefront resources creation	bool	false	no
storefront_ecr_arn	ARN of Elastic Container Registry. Cannot be used together with storefront_container_registry_credentials.	string	null	no
storefront_extra_environment_variables	Additional environment variables to pass to the storefront container	map(string)	{}	no
storefront_extra_secrets	Additional secrets to pass to the storefront container	map(object({ arn = string key = string }))	{}	no
storefront_extra_security_group_ids	List of additional security group IDs to associate with the storefront ECS service	list(string)	[]	no
storefront_logs	Logs configuration settings	object({ group = string retention = number prefix = string })	{ "group": "/medusa-storefront", "prefix": "container", "retention": 30 }	no
storefront_resources	ECS Task configuration settings	object({ instances = number cpu = number memory = number })	{ "cpu": 1024, "instances": 1, "memory": 2048 }	no
storefront_target_group_health_check_config	Health check configuration for load balancer target group pointing on storefront containers	object({ interval = number matcher = number timeout = number path = string healthy_threshold = number unhealthy_threshold = number })	{ "healthy_threshold": 3, "interval": 30, "matcher": 200, "path": "/api", "timeout": 3, "unhealthy_threshold": 3 }	no
vpc_create	Enable vpc creation	bool	true	no
vpc_id	Existing VPC ID. Required if vpc_create is false.	string	null	no

Outputs

Name	Description
backend_url	n/a
ecr_backend_url	n/a
ecr_storefront_url	n/a
storefront_url	n/a