From 6a9a6793a48c4e54151a32a064f33dad5696d98f Mon Sep 17 00:00:00 2001
From: parthokr <partho.kr@proton.me>
Date: Sat, 13 Dec 2025 00:38:19 +0600
Subject: [PATCH] feat(storage): provision s3 bucket for dev and prod

---
 infra/envs/dev/.terraform.lock.hcl  | 23 +++++++++++++++++++++++
 infra/envs/dev/main.tf              | 18 ++++++++++++++++++
 infra/envs/dev/outputs.tf           | 10 +++++++++-
 infra/envs/dev/variables.tf         | 13 ++++++++++++-
 infra/envs/prod/.terraform.lock.hcl | 22 ++++++++++++++++++++++
 infra/envs/prod/main.tf             | 12 +++++++++++-
 infra/envs/prod/outputs.tf          | 10 +++++++++-
 infra/envs/prod/variables.tf        | 13 ++++++++++++-
 infra/modules/compute/main.tf       |  4 ++++
 infra/modules/storage/main.tf       | 10 ++++++++++
 infra/modules/storage/outputs.tf    | 14 ++++++++++++++
 infra/modules/storage/variables.tf  | 15 +++++++++++++++
 12 files changed, 159 insertions(+), 5 deletions(-)
 create mode 100644 infra/modules/storage/main.tf
 create mode 100644 infra/modules/storage/outputs.tf
 create mode 100644 infra/modules/storage/variables.tf

diff --git a/infra/envs/dev/.terraform.lock.hcl b/infra/envs/dev/.terraform.lock.hcl
index 3acc57c..3239afe 100644
--- a/infra/envs/dev/.terraform.lock.hcl
+++ b/infra/envs/dev/.terraform.lock.hcl
@@ -1,6 +1,29 @@
 # This file is maintained automatically by "terraform init".
 # Manual edits may be lost in future updates.
 
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "5.100.0"
+  constraints = "~> 5.0"
+  hashes = [
+    "h1:Ijt7pOlB7Tr7maGQIqtsLFbl7pSMIj06TVdkoSBcYOw=",
+    "zh:054b8dd49f0549c9a7cc27d159e45327b7b65cf404da5e5a20da154b90b8a644",
+    "zh:0b97bf8d5e03d15d83cc40b0530a1f84b459354939ba6f135a0086c20ebbe6b2",
+    "zh:1589a2266af699cbd5d80737a0fe02e54ec9cf2ca54e7e00ac51c7359056f274",
+    "zh:6330766f1d85f01ae6ea90d1b214b8b74cc8c1badc4696b165b36ddd4cc15f7b",
+    "zh:7c8c2e30d8e55291b86fcb64bdf6c25489d538688545eb48fd74ad622e5d3862",
+    "zh:99b1003bd9bd32ee323544da897148f46a527f622dc3971af63ea3e251596342",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:9f8b909d3ec50ade83c8062290378b1ec553edef6a447c56dadc01a99f4eaa93",
+    "zh:aaef921ff9aabaf8b1869a86d692ebd24fbd4e12c21205034bb679b9caf883a2",
+    "zh:ac882313207aba00dd5a76dbd572a0ddc818bb9cbf5c9d61b28fe30efaec951e",
+    "zh:bb64e8aff37becab373a1a0cc1080990785304141af42ed6aa3dd4913b000421",
+    "zh:dfe495f6621df5540d9c92ad40b8067376350b005c637ea6efac5dc15028add4",
+    "zh:f0ddf0eaf052766cfe09dea8200a946519f653c384ab4336e2a4a64fdd6310e9",
+    "zh:f1b7e684f4c7ae1eed272b6de7d2049bb87a0275cb04dbb7cda6636f600699c9",
+    "zh:ff461571e3f233699bf690db319dfe46aec75e58726636a0d97dd9ac6e32fb70",
+  ]
+}
+
 provider "registry.terraform.io/hashicorp/google" {
   version     = "5.45.2"
   constraints = "~> 5.0"
diff --git a/infra/envs/dev/main.tf b/infra/envs/dev/main.tf
index 2beee12..0dbede8 100644
--- a/infra/envs/dev/main.tf
+++ b/infra/envs/dev/main.tf
@@ -8,6 +8,10 @@ terraform {
       source  = "hashicorp/google"
       version = "~> 5.0"
     }
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
   }
 }
 
@@ -16,6 +20,10 @@ provider "google" {
   region  = var.region
 }
 
+provider "aws" {
+  region = var.aws_region
+}
+
 module "network" {
   source = "../../modules/network"
 
@@ -35,3 +43,13 @@ module "heapdog_dev_instance" {
   network_self_link = module.network.network_self_link
   subnet_self_link  = module.network.subnet_self_link
 }
+
+module "storage" {
+  source = "../../modules/storage"
+
+  bucket_name = var.bucket_name
+  tags = {
+    Environment = "dev"
+    Project     = "heapdog"
+  }
+}
diff --git a/infra/envs/dev/outputs.tf b/infra/envs/dev/outputs.tf
index eb8f2c9..fdee177 100644
--- a/infra/envs/dev/outputs.tf
+++ b/infra/envs/dev/outputs.tf
@@ -14,4 +14,12 @@ output "dev_instance_internal_ip" {
 
 output "network_name" {
   value = module.network.network_name
-}
\ No newline at end of file
+}
+
+output "storage_bucket_id" {
+  value = module.storage.bucket_id
+}
+
+output "storage_bucket_arn" {
+  value = module.storage.bucket_arn
+}
diff --git a/infra/envs/dev/variables.tf b/infra/envs/dev/variables.tf
index 68cbc4f..7caa0a5 100644
--- a/infra/envs/dev/variables.tf
+++ b/infra/envs/dev/variables.tf
@@ -17,4 +17,15 @@ variable "zone" {
   description = "GCP zone"
   type        = string
   default     = "northamerica-northeast1-a"
-}
\ No newline at end of file
+}
+
+variable "aws_region" {
+  description = "AWS region"
+  type        = string
+  default     = "us-east-1"
+}
+
+variable "bucket_name" {
+  description = "Name of the S3 bucket"
+  type        = string
+}
diff --git a/infra/envs/prod/.terraform.lock.hcl b/infra/envs/prod/.terraform.lock.hcl
index 3acc57c..2304ab9 100644
--- a/infra/envs/prod/.terraform.lock.hcl
+++ b/infra/envs/prod/.terraform.lock.hcl
@@ -1,6 +1,28 @@
 # This file is maintained automatically by "terraform init".
 # Manual edits may be lost in future updates.
 
+provider "registry.terraform.io/hashicorp/aws" {
+  version = "6.26.0"
+  hashes = [
+    "h1:79RHpchB+IjuZLMNkbCSjkguoAOUsSWnr0N6Bei+PxI=",
+    "zh:038fd943de79acd9f9f73106fa0eba588c6a0d4e0993e146f51f3aa043728c5f",
+    "zh:06fa0177d33d3d3f9cb7e205fbeb1c4c3095ba637e2b4d292429401ec5612e81",
+    "zh:212714fc8b6ee57e26d11d0fdf2ecfe23b37a6eac1008b399c1d790528c3f072",
+    "zh:3197725d772f360e9e466b68a5ba67363e9f6786809c9adefc50f7f7e525bf42",
+    "zh:33385539f3e3fafb96c6036421fd72b05c76505eeefaaff8a089c3eeba25db65",
+    "zh:4ce065e0d3c384d11c1b59fe92582d331aae27ff6e019ace07b8cedef5653aae",
+    "zh:67863d6ff5517db2c0b8097443708dca548f1922d2e08ad76a98d493ff480cb1",
+    "zh:771ccf61fc107013b437b0a05cdb342823a99200653bfe9b892702b9fd8997fe",
+    "zh:80adcf83bef9d683606c48bbe53cbb2b5a04878641674e957939b5e8f124ada0",
+    "zh:9675c7f209db8e64ba2d5197acc8ba0073bd73b48c3dd61a1961a44844bc8a81",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:b47d0f5eff91c94c5d5677815b9361e64dfbe2ee2d59ba2867e2d0f5fa7181e4",
+    "zh:b4933663b8d6cc1cfb51aa47bd8f26c06012ee2e278e57663faffdc722dd5baa",
+    "zh:d53a94ecdb6b68a8dc19ec6e16ba2d4c2acde575af254d1b8b80143e57c76abf",
+    "zh:e7cb8c1770c6f87c5ce1d3e28b838380bb8e5296dd03034b796168de8be1c7ec",
+  ]
+}
+
 provider "registry.terraform.io/hashicorp/google" {
   version     = "5.45.2"
   constraints = "~> 5.0"
diff --git a/infra/envs/prod/main.tf b/infra/envs/prod/main.tf
index 45d7cdd..1cf50b7 100644
--- a/infra/envs/prod/main.tf
+++ b/infra/envs/prod/main.tf
@@ -34,4 +34,14 @@ module "heapdog_prod_instance" {
   disk_size_gb      = 30
   network_self_link = module.network.network_self_link
   subnet_self_link  = module.network.subnet_self_link
-}
\ No newline at end of file
+}
+
+module "storage" {
+  source = "../../modules/storage"
+
+  bucket_name = var.bucket_name
+  tags = {
+    Environment = "prod"
+    Project     = "heapdog"
+  }
+}
diff --git a/infra/envs/prod/outputs.tf b/infra/envs/prod/outputs.tf
index d753d00..1eda04a 100644
--- a/infra/envs/prod/outputs.tf
+++ b/infra/envs/prod/outputs.tf
@@ -14,4 +14,12 @@ output "prod_instance_internal_ip" {
 
 output "network_name" {
   value = module.network.network_name
-}
\ No newline at end of file
+}
+
+output "storage_bucket_id" {
+  value = module.storage.bucket_id
+}
+
+output "storage_bucket_arn" {
+  value = module.storage.bucket_arn
+}
diff --git a/infra/envs/prod/variables.tf b/infra/envs/prod/variables.tf
index b3d564c..a003a25 100644
--- a/infra/envs/prod/variables.tf
+++ b/infra/envs/prod/variables.tf
@@ -17,4 +17,15 @@ variable "zone" {
   description = "GCP zone"
   type        = string
   default     = "northamerica-northeast1-a"
-}
\ No newline at end of file
+}
+
+variable "aws_region" {
+  description = "AWS region"
+  type        = string
+  default     = "us-east-1"
+}
+
+variable "bucket_name" {
+  description = "Name of the S3 bucket"
+  type        = string
+}
diff --git a/infra/modules/compute/main.tf b/infra/modules/compute/main.tf
index dbb7dcc..68f1bfb 100644
--- a/infra/modules/compute/main.tf
+++ b/infra/modules/compute/main.tf
@@ -46,4 +46,8 @@ resource "google_compute_instance" "vm" {
   metadata = {
     enable-oslogin = "TRUE"
   }
+
+  lifecycle {
+    ignore_changes = [boot_disk[0].initialize_params[0].image]
+  }
 }
\ No newline at end of file
diff --git a/infra/modules/storage/main.tf b/infra/modules/storage/main.tf
new file mode 100644
index 0000000..1a964fc
--- /dev/null
+++ b/infra/modules/storage/main.tf
@@ -0,0 +1,10 @@
+# ============================================================================
+# infra/modules/storage/main.tf
+# ============================================================================
+
+resource "aws_s3_bucket" "bucket" {
+  bucket = var.bucket_name
+
+  tags = var.tags
+}
+
diff --git a/infra/modules/storage/outputs.tf b/infra/modules/storage/outputs.tf
new file mode 100644
index 0000000..8c7d2bc
--- /dev/null
+++ b/infra/modules/storage/outputs.tf
@@ -0,0 +1,14 @@
+# ============================================================================
+# infra/modules/storage/outputs.tf
+# ============================================================================
+
+output "bucket_id" {
+  description = "The name of the bucket"
+  value       = aws_s3_bucket.bucket.id
+}
+
+output "bucket_arn" {
+  description = "The ARN of the bucket"
+  value       = aws_s3_bucket.bucket.arn
+}
+
diff --git a/infra/modules/storage/variables.tf b/infra/modules/storage/variables.tf
new file mode 100644
index 0000000..40fa60e
--- /dev/null
+++ b/infra/modules/storage/variables.tf
@@ -0,0 +1,15 @@
+# ============================================================================
+# infra/modules/storage/variables.tf
+# ============================================================================
+
+variable "bucket_name" {
+  description = "Name of the S3 bucket"
+  type        = string
+}
+
+variable "tags" {
+  description = "Tags to apply to the bucket"
+  type        = map(string)
+  default     = {}
+}
+