01-Product / 01.07.Infra-Features01.07.Infra Features
01.07. Infra Features
This document outlines the core features and functionalities of the bnc-cpt-inf project.
Infrastructure as Code (IaC)
- Terraform (v1.2.x): Comprehensive GCP resource management via modular Terraform.
- Remote State: Environment-specific GCS buckets for state locking and persistence.
- Cross-Step Data: Dynamic output sharing between infrastructure components.
Multi-Environment Architecture
- Isolation: Four distinct environments (
inf, dev, tst, prd).
- Standardized URLs: Unified domain patterns across all tiers.
Step-Based Provisioning Workflow
Infrastructure is deployed in a numbered sequence:
1. 000-003: Bootstrap, APIs, and IAM management.
2. 007: DNS zones and record configuration.
3. 015-016: GCS buckets for static sites and application reports.
4. 025-026: Artifact Registry and Cloud SQL (PostgreSQL).
5. 027-028: Memorystore Redis and VPC Access Connectors.
6. 029-030: Secret Manager and Multi-Region Cloud Run deployment.
7. 031: Cloud Tasks for asynchronous job orchestration.
8. 120: GitHub Actions secret synchronization.
- Multi-Region Ready: Terraform variables configured for
europe-north1, us-central1, and asia-east1.
- Global Load Balancing: Infrastructure support for global user routing.
- Image Lifecycle: Automated Docker image cleanup policies in Artifact Registry.
Security & Connectivity
- Private Networking: VPC connectors for secure, internal communication between Cloud Run, Redis, and SQL.
- IAM-Based Auth: Service account identities used for "keyless" GCS and Secret Manager access.