Terraform Modules (Catalog)

Last Updated: 2026-01-19

Reusable Terraform modules used by roots under infra/platform/infra/**.

Where they live

acm-certificate: ACM certificate in us-east-1 with DNS validation records.
cloudfront-distribution: CloudFront distribution with OAC origin, logging, and minimal security headers.
dns-record: Route53 records (A/AAAA/CNAME/TXT) with alias support for CloudFront.
route53-zone: Public hosted zone; outputs zone_id, name_servers.
s3-static-site: Private S3 bucket for static content; access via CloudFront OAC only.
vpc: VPC, subnets, gateways, optional endpoints (wired in live/prod/network).
wafv2: WAFv2 WebACL with sensible defaults and optional managed rule sets.