A production-grade Laravel application on AWS ECS Fargate — demonstrating cloud-native architecture, CI/CD pipelines, async processing, and multi-environment deployments.
All services run as serverless containers on AWS ECS Fargate — no EC2 instances to manage. Traffic flows through an Application Load Balancer with HTTPS termination.
Three dedicated CodePipeline pipelines handle the full lifecycle — from code commit to production deployment. The staging image is promoted to production without rebuild.
Dashed borders = manual trigger. The release script scripts/release.sh v1.x.x automates the merge, Git tag, and tag pipeline launch.
Two fully isolated environments sharing the same ECS cluster and ECR repository, with separate ALBs, databases, SQS queues, and SSM parameters.
Every component chosen for reliability, observability, and developer experience.
| Component | Technology | Category | Details |
|---|---|---|---|
| Web framework | Laravel 11 | App | PHP 8.3, Eloquent ORM, Queue system |
| Container runtime | AWS ECS Fargate | AWS | Serverless, awsvpc networking |
| Container registry | AWS ECR | AWS | Lifecycle policy: keep last 10 images |
| Load balancer | AWS ALB | AWS | HTTPS, TLS 1.3, health checks on /up |
| DNS + TLS | Route53 + ACM | AWS | kaiac.io zone, DNS validation |
| Database | MySQL 8.0 | Infra | ECS Fargate + Service Discovery |
| Message queue | AWS SQS | AWS | default + priority queues, long polling |
| Secrets | AWS SSM | Security | APP_KEY, DB_PASSWORD, SQS params |
| CI/CD | AWS CodePipeline | AWS | 3 pipelines: staging, tag, prod |
| Build | AWS CodeBuild | AWS | Docker multi-stage, composer update |
| Security scan | Trivy | Security | CVE scan, SARIF reports in S3 |
| Source control | Bitbucket | Infra | main + staging branches, semver tags |
| Infrastructure as Code | Terraform | Infra | ~10 .tf files, all resources managed |
| Networking | AWS VPC | AWS | Public/private subnets, NAT Gateway |