coderabbit-demo
diff --git a/‎README.md‎
Lines changed: 165 additions & 10 deletions b/‎README.md‎
Lines changed: 165 additions & 10 deletions
diff --git a/‎bin/rabbits-playground-aws-cdk.ts‎
Lines changed: 26 additions & 13 deletions b/‎bin/rabbits-playground-aws-cdk.ts‎
Lines changed: 26 additions & 13 deletions
diff --git a/‎config/environment.ts‎
Lines changed: 130 additions & 0 deletions b/‎config/environment.ts‎
Lines changed: 130 additions & 0 deletions
@@ -1,14 +1,169 @@
-# Welcome to your CDK TypeScript project
+# Rabbits Playground AWS CDK
 
-This is a blank project for CDK development with TypeScript.
+This project contains the AWS infrastructure for Rabbits Playground, ported from Terraform/Terragrunt to AWS CDK.
 
-The `cdk.json` file tells the CDK Toolkit how to execute your app.
+## Architecture
 
-## Useful commands
+The infrastructure includes:
 
-* `npm run build`   compile typescript to js
-* `npm run watch`   watch for changes and compile
-* `npm run test`    perform the jest unit tests
-* `npx cdk deploy`  deploy this stack to your default AWS account/region
-* `npx cdk diff`    compare deployed stack with current state
-* `npx cdk synth`   emits the synthesized CloudFormation template
+- **VPC**: Multi-AZ networking with public and private subnets
+- **EKS**: Kubernetes cluster with managed node groups (ARM64/Graviton instances)
+- **Bastion**: EC2 bastion host for secure access
+- **S3**: Static content and user content buckets with lifecycle policies
+- **CloudFront**: CDN for static content delivery
+- **Route53**: DNS management and routing
+
+## Project Structure
+
+```
+├── bin/
+│   └── rabbits-playground-aws-cdk.ts    # CDK app entry point
+├── lib/
+│   ├── constructs/                       # Reusable constructs
+│   │   ├── vpc-construct.ts
+│   │   ├── eks-construct.ts
+│   │   ├── bastion-construct.ts
+│   │   ├── s3-construct.ts
+│   │   ├── cloudfront-construct.ts
+│   │   └── route53-construct.ts
+│   └── stacks/
+│       └── infrastructure-stack.ts       # Main infrastructure stack
+├── config/
+│   └── environment.ts                    # Environment-specific configurations
+└── cdk.json                             # CDK configuration
+```
+
+## Environments
+
+Two environments are supported:
+- **dev**: Development environment with cost-optimized settings
+- **prod**: Production environment with high-availability settings
+
+### Key Differences
+
+| Feature | Dev | Prod |
+|---------|-----|------|
+| VPC CIDR | 10.0.0.0/16 | 10.1.0.0/16 |
+| NAT Gateways | 1 (cost optimization) | 3 (multi-AZ HA) |
+| EKS Capacity | SPOT instances | ON_DEMAND instances |
+| EKS Instance Type | t4g.medium | t4g.large, t4g.xlarge |
+| EKS Nodes | 2 desired (1-3) | 3 desired (3-10) |
+| EKS API Access | Public | Private |
+| Log Retention | 7 days | 30 days |
+| S3 Versioning | Disabled | Enabled |
+| S3 Lifecycle | Disabled | Enabled (IA at 90d, Glacier at 180d) |
+
+## Prerequisites
+
+- Node.js 14.x or later
+- AWS CLI configured with appropriate credentials
+- AWS CDK CLI: `npm install -g aws-cdk`
+
+## Setup
+
+1. Install dependencies:
+```bash
+npm install
+```
+
+2. Configure AWS credentials:
+```bash
+export AWS_ACCOUNT_ID=your-account-id
+export AWS_REGION=us-west-2
+```
+
+3. Bootstrap CDK (first time only):
+```bash
+cdk bootstrap aws://${AWS_ACCOUNT_ID}/${AWS_REGION}
+```
+
+## Deployment
+
+### Deploy to Dev Environment
+
+```bash
+cdk deploy -c environment=dev
+```
+
+### Deploy to Prod Environment
+
+```bash
+cdk deploy -c environment=prod
+```
+
+## Useful Commands
+
+* `npm run build`   - Compile TypeScript to JavaScript
+* `npm run watch`   - Watch for changes and compile
+* `npm run test`    - Run unit tests
+* `cdk diff -c environment=dev`      - Compare deployed stack with current state
+* `cdk synth -c environment=dev`     - Emit the synthesized CloudFormation template
+* `cdk deploy -c environment=dev`    - Deploy stack to AWS account/region
+* `cdk destroy -c environment=dev`   - Remove stack from AWS account/region
+
+## Configuration
+
+Environment-specific configurations are defined in `config/environment.ts`. Update these values as needed for your environments:
+
+- VPC CIDR ranges
+- EKS cluster settings
+- Bastion access CIDRs
+- S3 bucket names
+- Domain names
+- Route53 hosted zone settings
+
+## Connecting to Resources
+
+### EKS Cluster
+
+After deployment, configure kubectl:
+```bash
+aws eks update-kubeconfig --region us-west-2 --name rabbits-playground-dev
+```
+
+### Bastion Host
+
+Connect via SSM Session Manager:
+```bash
+aws ssm start-session --target <instance-id>
+```
+
+Or via SSH (if key pair configured):
+```bash
+ssh -i your-key.pem ec2-user@bastion.dev.example.com
+```
+
+## Outputs
+
+After deployment, the stack outputs include:
+
+- VPC ID and subnet IDs
+- EKS cluster endpoint and security group
+- Bastion host IPs
+- S3 bucket names and ARNs
+- CloudFront distribution domain name
+- Route53 hosted zone details
+
+## Security Considerations
+
+- EKS nodes run in private subnets
+- Bastion host uses IMDSv2 and SSM for secure access
+- S3 buckets have encryption and public access blocking enabled
+- CloudFront enforces HTTPS-only access
+- Security groups restrict traffic by default
+- IAM roles follow principle of least privilege
+
+## Migration from Terraform
+
+This CDK implementation replaces the previous Terraform/Terragrunt setup with equivalent functionality:
+
+- Terraform modules → CDK constructs
+- Terragrunt environments → CDK context
+- Remote state in S3 → CloudFormation stacks
+- Outputs → CDK CfnOutput
+
+## Support
+
+For issues or questions, please refer to the AWS CDK documentation:
+- https://docs.aws.amazon.com/cdk/
+- https://github.com/aws/aws-cdk
@@ -1,20 +1,33 @@
 #!/usr/bin/env node
 import * as cdk from 'aws-cdk-lib';
-import { RabbitsPlaygroundAwsCdkStack } from '../lib/rabbits-playground-aws-cdk-stack';
+import { InfrastructureStack } from '../lib/stacks/infrastructure-stack';
+import { getConfig } from '../config/environment';
 
 const app = new cdk.App();
-new RabbitsPlaygroundAwsCdkStack(app, 'RabbitsPlaygroundAwsCdkStack', {
-  /* If you don't specify 'env', this stack will be environment-agnostic.
-   * Account/Region-dependent features and context lookups will not work,
-   * but a single synthesized template can be deployed anywhere. */
 
-  /* Uncomment the next line to specialize this stack for the AWS Account
-   * and Region that are implied by the current CLI configuration. */
-  // env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION },
+// Get environment from context or default to 'dev'
+const environment = app.node.tryGetContext('environment') || 'dev';
 
-  /* Uncomment the next line if you know exactly what Account and Region you
-   * want to deploy the stack to. */
-  // env: { account: '123456789012', region: 'us-east-1' },
+if (environment !== 'dev' && environment !== 'prod') {
+  throw new Error('Environment must be either "dev" or "prod"');
+}
 
-  /* For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html */
-});
+// Get configuration for the specified environment
+const config = getConfig(environment);
+
+// Get AWS account and region from environment variables or CDK context
+const account = process.env.CDK_DEFAULT_ACCOUNT || process.env.AWS_ACCOUNT_ID;
+const region = config.region;
+
+// Create the infrastructure stack
+new InfrastructureStack(app, `RabbitsPlayground-${environment}`, {
+  env: {
+    account: account,
+    region: region,
+  },
+  config: config,
+  description: `Rabbits Playground infrastructure for ${environment} environment`,
+  stackName: `rabbits-playground-${environment}`,
+});
+
+app.synth();
@@ -0,0 +1,130 @@
+export interface EnvironmentConfig {
+  account?: string;
+  region: string;
+  environment: 'dev' | 'prod';
+
+  // VPC Configuration
+  vpcCidr: string;
+  singleNatGateway: boolean;
+
+  // EKS Configuration
+  clusterName: string;
+  kubernetesVersion: string;
+  nodeInstanceTypes: string[];
+  nodeCapacityType: 'SPOT' | 'ON_DEMAND';
+  nodeDesiredSize: number;
+  nodeMinSize: number;
+  nodeMaxSize: number;
+  endpointPublicAccess: boolean;
+  logRetentionDays: number;
+
+  // Bastion Configuration
+  bastionInstanceType: string;
+  bastionAllowedCidrs: string[];
+  bastionKeyName?: string;
+
+  // S3 Configuration
+  staticBucketName: string;
+  userBucketName: string;
+  enableVersioning: boolean;
+  enableLifecycleRules: boolean;
+
+  // CloudFront Configuration
+  cloudfrontPriceClass: string;
+
+  // Route53 Configuration
+  domainName: string;
+  createHostedZone: boolean;
+  hostedZoneId?: string;
+
+  // Tags
+  tags: { [key: string]: string };
+}
+
+export const devConfig: EnvironmentConfig = {
+  region: 'us-west-2',
+  environment: 'dev',
+
+  // VPC
+  vpcCidr: '10.0.0.0/16',
+  singleNatGateway: true,
+
+  // EKS
+  clusterName: 'rabbits-playground-dev',
+  kubernetesVersion: '1.28',
+  nodeInstanceTypes: ['t4g.medium'],
+  nodeCapacityType: 'SPOT',
+  nodeDesiredSize: 2,
+  nodeMinSize: 1,
+  nodeMaxSize: 3,
+  endpointPublicAccess: true,
+  logRetentionDays: 7,
+
+  // Bastion
+  bastionInstanceType: 't4g.micro',
+  bastionAllowedCidrs: ['0.0.0.0/0'],
+
+  // S3
+  staticBucketName: 'rabbits-playground-static-dev',
+  userBucketName: 'rabbits-playground-user-content-dev',
+  enableVersioning: false,
+  enableLifecycleRules: false,
+
+  // CloudFront
+  cloudfrontPriceClass: 'PriceClass_100',
+
+  // Route53
+  domainName: 'dev.example.com',
+  createHostedZone: false,
+
+  tags: {
+    ManagedBy: 'AWS CDK',
+    Environment: 'dev',
+  },
+};
+
+export const prodConfig: EnvironmentConfig = {
+  region: 'us-west-2',
+  environment: 'prod',
+
+  // VPC
+  vpcCidr: '10.1.0.0/16',
+  singleNatGateway: false,
+
+  // EKS
+  clusterName: 'rabbits-playground-prod',
+  kubernetesVersion: '1.28',
+  nodeInstanceTypes: ['t4g.large', 't4g.xlarge'],
+  nodeCapacityType: 'ON_DEMAND',
+  nodeDesiredSize: 3,
+  nodeMinSize: 3,
+  nodeMaxSize: 10,
+  endpointPublicAccess: false,
+  logRetentionDays: 30,
+
+  // Bastion
+  bastionInstanceType: 't4g.micro',
+  bastionAllowedCidrs: ['10.1.0.0/16'],
+
+  // S3
+  staticBucketName: 'rabbits-playground-static-prod',
+  userBucketName: 'rabbits-playground-user-content-prod',
+  enableVersioning: true,
+  enableLifecycleRules: true,
+
+  // CloudFront
+  cloudfrontPriceClass: 'PriceClass_100',
+
+  // Route53
+  domainName: 'example.com',
+  createHostedZone: false,
+
+  tags: {
+    ManagedBy: 'AWS CDK',
+    Environment: 'prod',
+  },
+};
+
+export function getConfig(environment: 'dev' | 'prod'): EnvironmentConfig {
+  return environment === 'dev' ? devConfig : prodConfig;
+}