Terraform Modules - TealTiger Docs

TealTiger provides official Terraform modules to provision and manage your AI security infrastructure across all major cloud providers. These modules follow Terraform best practices with sensible defaults and full customization.

Quick Start

module "tealtiger" {
  source  = "tealtiger/tealtiger/aws"
  version = "~> 1.1.0"

  environment = "production"
  region      = "us-east-1"

  # TealEngine configuration
  engine_config = {
    memory_size = 512
    timeout     = 30
    concurrency = 100
  }

  # Provider API keys (from AWS Secrets Manager)
  secrets_manager_arn = aws_secretsmanager_secret.tealtiger.arn

  tags = {
    Project     = "ai-platform"
    ManagedBy   = "terraform"
  }
}

terraform init
terraform plan
terraform apply

Available Modules

AWS

Lambda, ECS/Fargate, EKS, API Gateway, CloudWatch

Google Cloud

Cloud Run, GKE, Cloud Functions, Cloud Monitoring

Azure

Functions, AKS, Container Instances, Monitor

AWS Module

Serverless Deployment (Lambda)

Deploy TealTiger as Lambda functions behind API Gateway.

module "tealtiger_serverless" {
  source  = "tealtiger/tealtiger/aws//modules/serverless"
  version = "~> 1.1.0"

  function_name = "tealtiger-engine"
  runtime       = "python3.12"
  memory_size   = 512
  timeout       = 30

  # API Gateway
  api_gateway = {
    enabled     = true
    stage_name  = "v1"
    domain_name = "api.example.com"
  }

  # VPC (optional)
  vpc_config = {
    subnet_ids         = module.vpc.private_subnets
    security_group_ids = [aws_security_group.lambda.id]
  }

  # Environment
  environment_variables = {
    TEALTIGER_ENV        = "production"
    TEALTIGER_LOG_LEVEL  = "INFO"
  }

  # Secrets
  secrets_manager_arns = [
    aws_secretsmanager_secret.openai.arn,
    aws_secretsmanager_secret.anthropic.arn
  ]

  tags = var.tags
}

Container Deployment (ECS Fargate)

Deploy TealTiger as containers on ECS Fargate.

module "tealtiger_ecs" {
  source  = "tealtiger/tealtiger/aws//modules/ecs"
  version = "~> 1.1.0"

  cluster_name = "tealtiger-cluster"
  service_name = "tealtiger-engine"

  # Container
  container = {
    image  = "ghcr.io/tealtiger/python-sdk:latest"
    cpu    = 512
    memory = 1024
    port   = 8080
  }

  # Auto-scaling
  autoscaling = {
    min_capacity = 2
    max_capacity = 20
    cpu_target   = 70
  }

  # Networking
  vpc_id     = module.vpc.vpc_id
  subnet_ids = module.vpc.private_subnets

  # Load balancer
  alb = {
    enabled     = true
    internal    = false
    certificate = aws_acm_certificate.api.arn
  }

  tags = var.tags
}

Kubernetes Deployment (EKS)

Deploy TealTiger on Amazon EKS.

module "tealtiger_eks" {
  source  = "tealtiger/tealtiger/aws//modules/eks"
  version = "~> 1.1.0"

  cluster_name    = "tealtiger-cluster"
  cluster_version = "1.29"

  # Node groups
  node_groups = {
    default = {
      instance_types = ["t3.medium"]
      min_size       = 2
      max_size       = 10
      desired_size   = 3
    }
  }

  # Networking
  vpc_id     = module.vpc.vpc_id
  subnet_ids = module.vpc.private_subnets

  # Add-ons
  enable_metrics_server    = true
  enable_cluster_autoscaler = true

  tags = var.tags
}

Google Cloud Module

Cloud Run

module "tealtiger_cloudrun" {
  source  = "tealtiger/tealtiger/google//modules/cloud-run"
  version = "~> 1.1.0"

  project_id   = var.project_id
  region       = "us-central1"
  service_name = "tealtiger-engine"

  container = {
    image  = "ghcr.io/tealtiger/python-sdk:latest"
    cpu    = "1"
    memory = "512Mi"
  }

  autoscaling = {
    min_instances = 0
    max_instances = 100
  }

  # Custom domain
  domain_mapping = "api.example.com"

  # Secret Manager
  secrets = {
    OPENAI_API_KEY    = google_secret_manager_secret.openai.id
    ANTHROPIC_API_KEY = google_secret_manager_secret.anthropic.id
  }
}

GKE

module "tealtiger_gke" {
  source  = "tealtiger/tealtiger/google//modules/gke"
  version = "~> 1.1.0"

  project_id   = var.project_id
  region       = "us-central1"
  cluster_name = "tealtiger-cluster"

  node_pools = {
    default = {
      machine_type = "e2-standard-2"
      min_count    = 1
      max_count    = 10
    }
  }

  network    = google_compute_network.main.name
  subnetwork = google_compute_subnetwork.main.name
}

Azure Module

Azure Functions

module "tealtiger_functions" {
  source  = "tealtiger/tealtiger/azurerm//modules/functions"
  version = "~> 1.1.0"

  resource_group_name = azurerm_resource_group.main.name
  location            = "eastus"
  function_app_name   = "tealtiger-engine"

  runtime = {
    name    = "python"
    version = "3.12"
  }

  app_settings = {
    TEALTIGER_ENV = "production"
  }

  # Key Vault for secrets
  key_vault_id = azurerm_key_vault.main.id

  tags = var.tags
}

AKS

module "tealtiger_aks" {
  source  = "tealtiger/tealtiger/azurerm//modules/aks"
  version = "~> 1.1.0"

  resource_group_name = azurerm_resource_group.main.name
  location            = "eastus"
  cluster_name        = "tealtiger-cluster"

  default_node_pool = {
    vm_size    = "Standard_D2s_v3"
    node_count = 3
    min_count  = 2
    max_count  = 10
  }

  network_profile = {
    network_plugin = "azure"
    service_cidr   = "10.0.0.0/16"
  }

  tags = var.tags
}

Multi-Region Deployment

Deploy TealTiger across multiple regions for high availability.

locals {
  regions = ["us-east-1", "eu-west-1", "ap-southeast-1"]
}

module "tealtiger" {
  source   = "tealtiger/tealtiger/aws//modules/serverless"
  version  = "~> 1.1.0"
  for_each = toset(local.regions)

  function_name = "tealtiger-engine-${each.key}"
  runtime       = "python3.12"
  memory_size   = 512

  environment_variables = {
    TEALTIGER_REGION = each.key
  }

  tags = merge(var.tags, { Region = each.key })
}

# Route 53 latency-based routing
resource "aws_route53_record" "api" {
  for_each = toset(local.regions)

  zone_id        = aws_route53_zone.main.zone_id
  name           = "api.example.com"
  type           = "A"
  set_identifier = each.key

  latency_routing_policy {
    region = each.key
  }

  alias {
    name    = module.tealtiger[each.key].api_gateway_domain
    zone_id = module.tealtiger[each.key].api_gateway_zone_id
  }
}

Module Outputs

All modules export useful outputs for integration.

# Serverless module outputs
output "api_endpoint" {
  value = module.tealtiger_serverless.api_endpoint
}

output "function_arn" {
  value = module.tealtiger_serverless.function_arn
}

output "log_group" {
  value = module.tealtiger_serverless.log_group_name
}

State Management

Use remote state for team collaboration.

terraform {
  backend "s3" {
    bucket         = "tealtiger-terraform-state"
    key            = "production/tealtiger.tfstate"
    region         = "us-east-1"
    dynamodb_table = "terraform-locks"
    encrypt        = true
  }
}

Variables Reference

Variable	Type	Default	Description
`environment`	string	`"production"`	Deployment environment
`region`	string	-	Cloud provider region
`engine_config.memory_size`	number	`512`	Function memory (MB)
`engine_config.timeout`	number	`30`	Function timeout (seconds)
`engine_config.concurrency`	number	`100`	Max concurrent executions
`vpc_config`	object	`null`	VPC configuration
`tags`	map(string)	`{}`	Resource tags

Next Steps

Pulumi

Deploy with Pulumi using TypeScript, Python, or Go

Helm Charts

Deploy on Kubernetes with Helm

CI/CD

Integrate Terraform into your CI/CD pipeline

Monitoring

Set up monitoring for your deployment

Getting Started

Core Concepts

Advanced Concepts

Policy Design

Deployment

Integrations

API Reference - TypeScript

API Reference - Python

Cookbook

Governance & Compliance

Guides

Architecture

Audit & Telemetry

Reference

Versions & Roadmap

About

Playground

​Quick Start

​Available Modules

AWS

Google Cloud

Azure

​AWS Module

​Serverless Deployment (Lambda)

​Container Deployment (ECS Fargate)

​Kubernetes Deployment (EKS)

​Google Cloud Module

​Cloud Run

​GKE

​Azure Module

​Azure Functions

​AKS

​Multi-Region Deployment

​Module Outputs

​State Management

​Variables Reference

​Next Steps