This project demonstrates end-to-end DevOps automation to deploy a sample Warehouse Management System (WMS) microservice to AWS ECS Fargate, using:
- Terraform for infrastructure provisioning
- GitHub Actions for CI/CD
- Amazon ECR for container image storage
- CloudWatch for centralized logging
✅ Infrastructure-as-Code (Terraform) ✅ CI/CD Pipeline (GitHub Actions) ✅ Secure image storage in Amazon ECR ✅ Automatic task definition revisions ✅ Auto-deployment to ECS Fargate ✅ Centralized monitoring with CloudWatch Logs
graph TD
A[GitHub Repo] --> B[GitHub Actions]
B --> C[Docker Build]
C --> D[Push to ECR]
D --> E[Register ECS Task Definition]
E --> F[Update ECS Service]
F --> G[ECS Fargate Cluster]
G --> H[Running Container]
H --> I[CloudWatch Logs]
| Resource | Description |
|---|---|
| ECR Repository | Stores Docker images |
| ECS Cluster | Fargate cluster to run containers |
| Task Definition | Defines container spec (CPU, memory, logs) |
| ECS Service | Ensures the desired number of tasks are running |
| IAM Role | Grants ECS permissions to pull images and log |
| CloudWatch Logs | Centralized container logging |
Terraform provisions all infrastructure:
- ECS Cluster
- Task Definition
- Service
- IAM roles
- Security Groups
- Log Groups
Tip: See
main.tfin this repo for the complete example.
The pipeline is triggered on any push to main.
It performs these steps:
- Checkout Code
- Configure AWS Credentials
- Login to Amazon ECR
- Build Docker Image
- Tag and Push to ECR
- Register ECS Task Definition
- Update ECS Service to deploy the new revision
✅ Pipeline file: .github/workflows/deploy.yml
Configure these GitHub Secrets in your repository:
| Secret Name | Example Value |
|---|---|
AWS_ACCESS_KEY_ID |
AKIA*********** |
AWS_SECRET_ACCESS_KEY |
*********************** |
AWS_REGION |
us-east-1 |
AWS_ACCOUNT_ID |
123456789099 |
ECR_REPOSITORY |
wms-sample-repo |
ECS_CLUSTER |
wms-ecs-cluster |
ECS_SERVICE |
wms-ecs-service |
ECS_TASK_DEFINITION |
wms-task |
- AWS Account
- AWS CLI configured locally
- Terraform installed
- GitHub repository with your application code and pipeline YAML
aws ecr create-repository --repository-name wms-sample-repoterraform init
terraform applyTerraform will:
- Create ECS Cluster
- Create IAM Roles
- Create ECS Service
- Setup CloudWatch Logs
On push to main, the GitHub Actions workflow will:
- Build and tag your Docker image
- Push to ECR
- Register new ECS Task Definition
- Update ECS Service
- Go to AWS ECS Console
- Confirm your task is running
- Locate the public IP
- Test the app:
curl http://<public-ip>Logs are sent to CloudWatch Logs under:
/ecs/wms-logs
You can view logs in AWS Console for debugging and monitoring.
This project uses:
- ECS Fargate compute
- CloudWatch Logs
- ECR storage
Remember to delete resources when done to avoid charges:
terraform destroyor scale the ECS Service to 0 tasks.
GitHub Repository Link
Created as part of the DevOps / Cloud Engineer Assignment to demonstrate:
- Infrastructure as Code
- CI/CD automation
- Cloud-native container deployment
If you have questions, feel free to reach out or open an issue.