Skip to content

feat(terraform): add AWS ECS + GCP Cloud Run stacks for componentized gateway#27673

Merged
yassin-berriai merged 1 commit into
litellm_internal_stagingfrom
litellm_fix/tf-aws-gcp
May 17, 2026
Merged

feat(terraform): add AWS ECS + GCP Cloud Run stacks for componentized gateway#27673
yassin-berriai merged 1 commit into
litellm_internal_stagingfrom
litellm_fix/tf-aws-gcp

Conversation

@yassin-berriai

@yassin-berriai yassin-berriai commented May 11, 2026

Copy link
Copy Markdown
Contributor

Adds two self-contained Terraform root modules under terraform/ that deploy the componentized LiteLLM proxy (gateway + backend + UI) end-to-end:

  • terraform/aws: VPC, Aurora Postgres cluster (writer + reader, IAM auth), ElastiCache, S3, Secrets Manager, ECS Fargate cluster with three services, ALB with path-routing rules mirroring the helm ingress, one-off prisma_migration ECS task.
  • terraform/gcp: VPC + serverless VPC connector, Cloud SQL Postgres (primary + read replica), Memorystore, GCS, Secret Manager, three Cloud Run v2 services, Cloud Run Job for migrations, external HTTPS LB with serverless NEGs + URL map.

Both stacks expose a typed proxy_config input that mirrors the helm chart's gateway.config.proxy_config (YAML-encoded, base64-passed, decoded at container start) plus per-component *_extra_env and *_extra_secrets so callers can layer provider API keys from Secrets Manager / Secret Manager and reference them from the YAML via os.environ/<NAME>.

Relevant issues

Linear ticket

Pre-Submission checklist

Please complete all items before asking a LiteLLM maintainer to review your PR

  • I have Added testing in the tests/test_litellm/ directory, Adding at least 1 test is a hard requirement - see details
  • My PR passes all unit tests on make test-unit
  • My PR's scope is as isolated as possible, it only solves 1 specific problem
  • I have requested a Greptile review by commenting @greptileai and received a Confidence Score of at least 4/5 before requesting a maintainer review

Delays in PR merge?

If you're seeing a delay in your PR being merged, ping the LiteLLM Team on Slack (#pr-review).

CI (LiteLLM team)

CI status guideline:

  • 50-55 passing tests: main is stable with minor issues.
  • 45-49 passing tests: acceptable but needs attention
  • <= 40 passing tests: unstable; be careful with your merges and assess the risk.
  • Branch creation CI run
    Link:

  • CI run for the last commit
    Link:

  • Merge / cherry-pick CI run
    Links:

Screenshots / Proof of Fix

AWS

Screenshot 2026-05-11 at 3 54 17 PM

GCP
Screenshot 2026-05-11 at 10 09 14 PM

Type

🆕 New Feature
🐛 Bug Fix
🧹 Refactoring
📖 Documentation
🚄 Infrastructure
✅ Test

Changes

@CLAassistant

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@yassin-berriai yassin-berriai marked this pull request as draft May 11, 2026 20:18
@codecov

codecov Bot commented May 11, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

Comment thread terraform/litellm/aws/alb.tf
@veria-ai

veria-ai Bot commented May 11, 2026

Copy link
Copy Markdown
Contributor

PR overview

Terraform stacks for AWS ECS and GCP Cloud Run

This PR adds componentized LiteLLM infrastructure for AWS and GCP with public load balancers, private database/cache resources, managed secrets, and per-component routing. I reviewed the exposed entry points, TLS opt-in gates, service identities, secret injection paths, storage permissions, and route split against the existing gateway/backend allowlists; I did not find an attacker-reachable security regression.

Security review

  • No new security issues were flagged in the latest review.
  • No review issues remain open on this pull request.

Risk: 2/10

@greptile-apps

greptile-apps Bot commented May 11, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR adds two self-contained Terraform root modules (terraform/litellm/aws and terraform/litellm/gcp) that deploy the componentized LiteLLM proxy (gateway + backend + UI) end-to-end on AWS ECS Fargate and GCP Cloud Run v2 respectively. All major concerns from previous review rounds have been resolved — TLS is now enforced via lifecycle preconditions with explicit opt-out variables, RDS/CloudSQL deletion-protection defaults are safe, the Redis resource is the correct HA aws_elasticache_replication_group, and S3/GCS force_destroy are exposed as variables.

  • AWS stack: VPC, Aurora (IAM auth, writer+reader), ElastiCache replication group (TLS), S3, Secrets Manager, ECS Fargate cluster (gateway/backend/UI services), ALB with path-routing, and a terraform_data-driven bootstrap+migration flow that blocks service start until the schema is in place.
  • GCP stack: VPC + serverless connector, Cloud SQL (password auth via Secret Manager), Memorystore (TLS with CA-cert bootstrap), GCS, three Cloud Run v2 services, a Cloud Run Job for migrations, and an external HTTPS LB with URL-map path routing — all gated on lb_domains or an explicit allow_plaintext_lb opt-out.

Confidence Score: 5/5

Safe to merge — all blocking concerns from prior review rounds are addressed, and the remaining items are defensive hardening suggestions that do not affect the correctness of a default deployment.

The two Terraform stacks are well-structured: TLS is enforced by lifecycle preconditions, storage destruction requires explicit opt-in, IAM follows least-privilege with a dedicated no-permission UI service account, secrets are never written as plaintext env vars, and the bootstrap/migration ordering correctly gates service startup.

terraform/litellm/aws/ecs.tf (backend non-config port override) and terraform/litellm/aws/variables.tf (db_username/db_name identifier validation)

Important Files Changed

Filename Overview
terraform/litellm/aws/ecs.tf ECS task definitions and services for gateway, backend, and UI; non-config backend case omits explicit --port 4001 unlike gateway and the GCP backend, relying silently on the image default
terraform/litellm/aws/iam.tf IAM roles with improved ARN normalization via slice/split (replaces previous regex); separate UI task role with no data-plane permissions
terraform/litellm/aws/bootstrap.tf ECS-based DB bootstrap and migration trigger; db_username and db_name are interpolated into SQL without identifier validation, unlike tenant/env which have regex guards
terraform/litellm/aws/alb.tf ALB with lifecycle precondition enforcing TLS (acm_certificate_arn) or explicit allow_plaintext_alb opt-out; addresses previous HTTP-only concern
terraform/litellm/aws/rds.tf Aurora cluster with IAM auth, skip_final_snapshot defaults to false via variable; writer/reader instances with correct promotion tiers
terraform/litellm/aws/redis.tf Changed to aws_elasticache_replication_group; TLS and HA enabled when redis_num_replicas >= 1
terraform/litellm/aws/variables.tf Variables with good documentation; tenant/env have regex validation but db_username and db_name (interpolated into SQL identifiers) do not
terraform/litellm/gcp/cloudrun.tf Cloud Run v2 services with shell wrapper startup, explicit port args for both gateway and backend, allUsers invoker with INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER (correct external LB pattern)
terraform/litellm/gcp/iam.tf Separate runtime and ui_runtime service accounts; extras IAM binding uses toset(values(merge(...))) to correctly deduplicate secrets
terraform/litellm/gcp/load_balancer.tf External HTTPS LB with lifecycle precondition enforcing TLS or allow_plaintext_lb opt-out; URL map correctly routes gateway/UI/backend prefixes
terraform/litellm/gcp/cloudsql.tf Cloud SQL with deletion_protection = var.cloudsql_deletion_protection (defaults true); pitr and backups enabled on writer
terraform/litellm/aws/s3.tf S3 bucket with force_destroy wired to var.s3_force_destroy (defaults false); SSE-AES256, versioning, and public access block all enabled

Reviews (5): Last reviewed commit: "feat: add Terraform stacks for deploying..." | Re-trigger Greptile

Comment thread terraform/litellm/aws/alb.tf
Comment thread terraform/litellm/gcp/load_balancer.tf
Comment thread terraform/litellm/aws/rds.tf
Comment thread terraform/litellm/gcp/cloudsql.tf Outdated
Comment thread terraform/litellm/aws/iam.tf
Comment thread terraform/litellm/aws/redis.tf Outdated
@yassin-berriai yassin-berriai force-pushed the litellm_fix/tf-aws-gcp branch 4 times, most recently from 106505d to 10fcb61 Compare May 12, 2026 05:00
@yassin-berriai

Copy link
Copy Markdown
Contributor Author

@greptileai please re-review — I just pushed 59f4f3a which addresses all 7 prior comments (HTTPS gating on AWS+GCP, Aurora final snapshot, Cloud SQL deletion protection, ECS secret ARN regex, ElastiCache replication group with TLS, missing var.db_edition).

@yassin-berriai yassin-berriai marked this pull request as ready for review May 16, 2026 21:38
@yassin-berriai yassin-berriai force-pushed the litellm_fix/tf-aws-gcp branch from 59f4f3a to 7e426fe Compare May 16, 2026 21:38
Comment thread terraform/litellm/aws/s3.tf
Comment thread terraform/litellm/gcp/load_balancer.tf
@yassin-berriai yassin-berriai force-pushed the litellm_fix/tf-aws-gcp branch 4 times, most recently from 27a86cd to 106762a Compare May 16, 2026 22:51
@yassin-berriai

Copy link
Copy Markdown
Contributor Author

@greptileai

Comment thread terraform/litellm/gcp/cloudrun.tf Outdated
Comment thread terraform/litellm/gcp/variables.tf
@yassin-berriai yassin-berriai force-pushed the litellm_fix/tf-aws-gcp branch from 106762a to 5fc1dfc Compare May 16, 2026 23:18
@yassin-berriai

Copy link
Copy Markdown
Contributor Author

@greptileai

@yassin-berriai yassin-berriai force-pushed the litellm_fix/tf-aws-gcp branch 2 times, most recently from 61c9a0d to 3c7e692 Compare May 16, 2026 23:28
- Add AWS ECS Fargate stack with Aurora Postgres (IAM auth), ElastiCache Redis, S3, ALB with path-based routing to gateway/backend/ui components, Application Auto Scaling, and automated DB bootstrap + prisma migration via local-exec provisioners
- Add GCP Cloud Run stack with Cloud SQL Postgres (password auth), Memorystore Redis, GCS, external HTTPS load balancer with serverless NEGs and URL map routing, and automated prisma migration via Cloud Run Job
- Both stacks support typed proxy_config input mirroring the helm chart's gateway.config.proxy_config, per-component extra env vars, and Secret Manager references for provider API keys
- Gateway/backend services depend on terraform_data.migration so they never start before the schema is in place, eliminating crash-loop windows on first apply
- AWS stack uses IAM database authentication with a one-shot Fargate bootstrap task that creates and grants the rds_iam role to the application user; GCP stack uses password auth assembled at container startup to avoid Cloud SQL Auth Proxy sidecar complexity
- Add .gitignore rules for Terraform state files, plan files, tfvars inputs, provider binaries, and crash logs while explicitly keeping .terraform.lock.hcl for provider version pinning
- Include terraform.tfvars.example files, provider lock files, and comprehensive README documentation covering architecture, TLS setup, image pull strategies, and quick-start instructions for both stacks
@yassin-berriai yassin-berriai force-pushed the litellm_fix/tf-aws-gcp branch from 3c7e692 to 7b80b86 Compare May 16, 2026 23:36
@yassin-berriai yassin-berriai merged commit 3d5a9ed into litellm_internal_staging May 17, 2026
115 checks passed
@yassin-berriai yassin-berriai deleted the litellm_fix/tf-aws-gcp branch May 17, 2026 00:26
fzowl pushed a commit to fzowl/litellm that referenced this pull request Jun 24, 2026
…iAI#27673)

- Add AWS ECS Fargate stack with Aurora Postgres (IAM auth), ElastiCache Redis, S3, ALB with path-based routing to gateway/backend/ui components, Application Auto Scaling, and automated DB bootstrap + prisma migration via local-exec provisioners
- Add GCP Cloud Run stack with Cloud SQL Postgres (password auth), Memorystore Redis, GCS, external HTTPS load balancer with serverless NEGs and URL map routing, and automated prisma migration via Cloud Run Job
- Both stacks support typed proxy_config input mirroring the helm chart's gateway.config.proxy_config, per-component extra env vars, and Secret Manager references for provider API keys
- Gateway/backend services depend on terraform_data.migration so they never start before the schema is in place, eliminating crash-loop windows on first apply
- AWS stack uses IAM database authentication with a one-shot Fargate bootstrap task that creates and grants the rds_iam role to the application user; GCP stack uses password auth assembled at container startup to avoid Cloud SQL Auth Proxy sidecar complexity
- Add .gitignore rules for Terraform state files, plan files, tfvars inputs, provider binaries, and crash logs while explicitly keeping .terraform.lock.hcl for provider version pinning
- Include terraform.tfvars.example files, provider lock files, and comprehensive README documentation covering architecture, TLS setup, image pull strategies, and quick-start instructions for both stacks

Co-authored-by: Yassin Kortam <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants