Files
bifrost/terraform
Beyhan Oğur 880f412e2c first commit
2026-04-26 21:52:23 +03:00
..
2026-04-26 21:52:23 +03:00
2026-04-26 21:52:23 +03:00
2026-04-26 21:52:23 +03:00

Bifrost Terraform Modules

Deploy Bifrost on AWS, GCP, Azure, or any Kubernetes cluster using a single Terraform module.

Quick Start

Reference the module directly from GitHub. Pin to a specific release tag using ?ref=:

module "bifrost" {
  source         = "github.com/maximhq/bifrost//terraform/modules/bifrost?ref=terraform/v0.1.0"
  cloud_provider = "aws"       # "aws" | "gcp" | "azure" | "kubernetes"
  service        = "ecs"       # AWS: "ecs" | "eks", GCP: "gke" | "cloud-run", Azure: "aks" | "aci", K8s: "deployment"
  region         = "us-east-1"
  image_tag      = "v1.4.6"

  # Option A: Provide a config.json file
  config_json_file = "./config.json"

  # Option B: Build config from Terraform variables (overrides matching keys from file)
  providers_config = {
    openai = { keys = [{ value = var.openai_key, weight = 1 }] }
  }
  config_store = {
    enabled = true
    type    = "postgres"
    config  = { host = var.db_host, port = "5432", user = "bifrost", password = var.db_password, db_name = "bifrost" }
  }
}

Supported Deployments

Cloud Service Description
AWS ecs ECS Fargate with ALB, Secrets Manager, auto-scaling
AWS eks EKS with K8s Deployment, PVC for SQLite, HPA
GCP gke GKE with K8s Deployment, persistent disk, HPA
GCP cloud-run Cloud Run v2 with Secret Manager, auto-scaling
Azure aks AKS with K8s Deployment, managed disk, HPA
Azure aci Azure Container Instances (single instance, dev/test)
Kubernetes deployment Any K8s cluster with Deployment, PVC, HPA, Ingress

Configuration

Bifrost config can come from two sources simultaneously. Terraform variables override matching keys from the base file.

  1. File-based: Set config_json_file to a path or config_json to a raw JSON string.
  2. Variable-based: Set individual variables (config_store, logs_store, providers_config, auth_config, etc.) corresponding to top-level keys in config.schema.json.

All 17 top-level config properties from the schema are supported as variables: encryption_key, auth_config, client, framework, providers_config, governance, mcp, vector_store, config_store, logs_store, cluster_config, scim_config, load_balancer_config, guardrails_config, plugins, audit_logs, websocket.

For scim_config with provider = "okta", include config.issuerUrl, config.clientId, config.clientSecret, and config.apiToken.

Provider Configuration

You only need to configure the Terraform providers for the cloud you are deploying to. For example, deploying to AWS ECS only requires the aws provider -- you do not need to configure google, azurerm, or kubernetes.

See the module README for provider configuration examples per cloud.

Testing

The module includes native Terraform tests (requires Terraform >= 1.7) that run with mocked providers -- no cloud credentials needed:

cd modules/bifrost
terraform init
terraform test

Tests cover all 7 deployment targets across 10 test files. See the module README for details.

Directory Structure

terraform/
  modules/bifrost/              # Top-level module (the only thing you call)
    aws/                        # AWS platform (VPC, SG, IAM, Secrets Manager)
      services/ecs/             # ECS Fargate
      services/eks/             # EKS + K8s resources
    gcp/                        # GCP platform (VPC, firewall, Secret Manager, SA)
      services/gke/             # GKE + K8s resources
      services/cloud-run/       # Cloud Run v2
    azure/                      # Azure platform (VNet, NSG, Key Vault, identity)
      services/aks/             # AKS + K8s resources
      services/aci/             # Azure Container Instances
    kubernetes/                 # Generic K8s (any cluster, no cloud APIs)
  examples/
    aws-ecs/                    # Deploy on ECS Fargate
    gcp-gke/                    # Deploy on GKE
    azure-aks/                  # Deploy on AKS
    kubernetes/                 # Deploy on any K8s cluster

Examples

Each example directory contains main.tf, variables.tf, outputs.tf, terraform.tfvars.example, and a README.md.

cd examples/aws-ecs
cp terraform.tfvars.example terraform.tfvars
# Edit terraform.tfvars with your values
terraform init
terraform plan
terraform apply

Key Variables

Variable Default Description
cloud_provider (required) "aws", "gcp", "azure", or "kubernetes"
service (required) Service type (see table above)
region (required) Cloud region
image_tag "latest" Bifrost Docker image tag
desired_count 1 Number of replicas
cpu 512 CPU units (ECS) or millicores (K8s)
memory 1024 Memory in MB
create_load_balancer false Create a load balancer
enable_autoscaling false Enable auto-scaling
create_cluster true Create new cluster (set false to use existing)
storage_class_name "standard" K8s StorageClass for PVC (generic K8s only)
ingress_class_name "nginx" Ingress controller class (generic K8s only)
ingress_annotations {} Ingress annotations (generic K8s only)

Outputs

Output Description
service_url URL to access Bifrost
health_check_url Health endpoint URL