iaun
/
sharepoint-transcribe


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136
							terraform {
  required_version = ">= 1.5"
  required_providers {
    aws = { source = "hashicorp/aws", version = "~> 5.0" }
  }
}

provider "aws" {
  region = var.aws_region
}

# ============================================================
# Variables
# ============================================================
variable "aws_region" {
  default = "ap-northeast-1"
}
variable "project" {
  default = "sp-transcribe"
}
variable "smtp_host" { type = string }
variable "smtp_port" {
  type    = number
  default = 587
}
variable "smtp_user" { type = string }
variable "smtp_pass" {
  type      = string
  sensitive = true
}
variable "smtp_from" { type = string }
variable "llm_api_url" { type = string }
variable "llm_api_key" {
  type      = string
  sensitive = true
}
variable "llm_model" {
  type    = string
  default = "gpt-4o-mini"
}

locals {
  prefix = var.project
}

# ============================================================
# S3 Bucket
# ============================================================
resource "aws_s3_bucket" "media" {
  bucket_prefix = "${local.prefix}-media-"
  force_destroy = true
}

resource "aws_s3_bucket_lifecycle_configuration" "media" {
  bucket = aws_s3_bucket.media.id
  rule {
    id     = "cleanup"
    status = "Enabled"
    filter {}
    expiration { days = 7 }
  }
}

# ============================================================
# DynamoDB
# ============================================================
resource "aws_dynamodb_table" "users" {
  name         = "${local.prefix}-users"
  billing_mode = "PAY_PER_REQUEST"
  hash_key     = "api_key"

  attribute {
    name = "api_key"
    type = "S"
  }
}

resource "aws_dynamodb_table" "jobs" {
  name         = "${local.prefix}-jobs"
  billing_mode = "PAY_PER_REQUEST"
  hash_key     = "job_id"

  attribute {
    name = "job_id"
    type = "S"
  }

  ttl {
    attribute_name = "ttl"
    enabled        = true
  }
}

# ============================================================
# SSM Parameters (secrets)
# ============================================================
resource "aws_ssm_parameter" "smtp_host" {
  name  = "/${local.prefix}/smtp/host"
  type  = "String"
  value = var.smtp_host
}
resource "aws_ssm_parameter" "smtp_port" {
  name  = "/${local.prefix}/smtp/port"
  type  = "String"
  value = tostring(var.smtp_port)
}
resource "aws_ssm_parameter" "smtp_user" {
  name  = "/${local.prefix}/smtp/user"
  type  = "String"
  value = var.smtp_user
}
resource "aws_ssm_parameter" "smtp_pass" {
  name  = "/${local.prefix}/smtp/pass"
  type  = "SecureString"
  value = var.smtp_pass
}
resource "aws_ssm_parameter" "smtp_from" {
  name  = "/${local.prefix}/smtp/from"
  type  = "String"
  value = var.smtp_from
}
resource "aws_ssm_parameter" "llm_api_url" {
  name  = "/${local.prefix}/llm/api_url"
  type  = "String"
  value = var.llm_api_url
}
resource "aws_ssm_parameter" "llm_api_key" {
  name  = "/${local.prefix}/llm/api_key"
  type  = "SecureString"
  value = var.llm_api_key
}
resource "aws_ssm_parameter" "llm_model" {
  name  = "/${local.prefix}/llm/model"
  type  = "String"
  value = var.llm_model
}