Skip to content

Cloud Infra

Repository: landerox/cloud-landerox-infra

This framework serves as the foundational bedrock for all my cloud experiments. It provides the automated infrastructure (IaC) required to support the Cloud Data blueprint and other application layers, demonstrating how to manage a GCP environment with the same rigor as a mission-critical product.

Key Goals

  1. Security First: Every resource is deployed with least-privilege IAM roles and strict network boundaries.
  2. Modularity: The architecture is composed of reusable Terraform modules, allowing for rapid assembly of new environments.
  3. GitOps: All infrastructure changes are driven by Pull Requests, ensuring auditability and rollback capabilities via GitHub Actions.

Tech Stack

  • IaC: Terraform
  • CI/CD: GitHub Actions
  • Platform: Google Cloud (Cloud Run, BigQuery, VPC, IAM)

Architecture Highlights

  • Automated Lakehouse: Provisions the storage and compute layers for a Medallion Architecture in BigQuery.
  • Serverless Foundation: Sets up the necessary plumbing for Cloud Functions and Cloud Run services.
  • Vector Search Ready: Prepares infrastructure for RAG applications.

Enterprise Considerations

While this repository demonstrates a single-project setup, my architectural approach scales to complex organizations by incorporating:

  • VPC Service Controls: Defining security perimeters to mitigate data exfiltration risks.
  • Shared VPC Patterns: Centralizing network management (Host Projects) while allowing service autonomy (Service Projects).
  • Organizational Policies: Enforcing guardrails at the folder/org level (e.g., restricting public IPs or specific regions).

View on GitHub