feat: apply Terraform best practices improvements

- Fix output naming to follow {name}_{type}_{attribute} pattern
- Use 'this' for generic data sources (aws_vpc, aws_ecs_cluster)
- Improve variable descriptions with more context and specificity
- Add nullable = false for required variables (vpc_id, subnet_ids)
- Add validation rules for rds_instance_class and db_allocated_storage

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <[email protected]>

Author: vjdhama

main.tf

@@ -1,4 +1,4 @@
-data "aws_vpc" "vpc" {
+data "aws_vpc" "this" {
   id = var.vpc_id
 }
 
@@ -25,7 +25,7 @@ module "postgres_security_group" {
       from_port   = 0
       to_port     = local.rds.port
       protocol    = "tcp"
-      cidr_blocks = data.aws_vpc.vpc.cidr_block
+      cidr_blocks = data.aws_vpc.this.cidr_block
     },
   ]
   egress_with_cidr_blocks = [{
@@ -94,7 +94,7 @@ module "internal_alb_security_group" {
     from_port   = 0
     to_port     = 0
     protocol    = "-1"
-    cidr_blocks = data.aws_vpc.vpc.cidr_block
+    cidr_blocks = data.aws_vpc.this.cidr_block
   }]
   egress_with_cidr_blocks = [{
     from_port   = 0
@@ -152,7 +152,7 @@ module "ecs_task_security_group" {
       from_port   = 0
       to_port     = 0
       protocol    = "-1"
-      cidr_blocks = data.aws_vpc.vpc.cidr_block
+      cidr_blocks = data.aws_vpc.this.cidr_block
     },
   ]
   egress_with_cidr_blocks = [{
@@ -198,7 +198,7 @@ resource "aws_iam_role_policy_attachment" "ecs_exec" {
 # ECS Kong
 ################################################################################
 
-data "aws_ecs_cluster" "default" {
+data "aws_ecs_cluster" "this" {
   cluster_name = var.cluster_name
 }
 
@@ -207,7 +207,7 @@ module "ecs_kong" {
   version = "~> 4.3.4"
 
   vpc_id       = var.vpc_id
-  cluster_name = data.aws_ecs_cluster.default.cluster_name
+  cluster_name = data.aws_ecs_cluster.this.cluster_name
 
   service = {
     name                 = local.kong.service_name

outputs.tf

@@ -1,19 +1,19 @@
-output "rds_instance_endpoint" {
-  description = "Endpoint of RDS instance"
+output "kong_rds_instance_endpoint" {
+  description = "Endpoint of Kong RDS instance"
   value       = module.kong_rds.db_instance_endpoint
 }
 
-output "ecs_service_arn" {
-  description = "ARN of kong ECS service"
+output "kong_ecs_service_arn" {
+  description = "ARN of Kong ECS service"
   value       = module.ecs_kong.ecs_service_arn
 }
 
-output "public_alb_dns" {
-  description = "DNS name of public ALB"
+output "kong_public_alb_dns_name" {
+  description = "DNS name of Kong public ALB"
   value       = module.ecs_kong.alb_dns_name
 }
 
-output "internal_alb_dns" {
-  description = "DNS name of internal ALB"
+output "kong_internal_alb_dns_name" {
+  description = "DNS name of Kong internal ALB"
   value       = module.internal_alb_kong.arn
 }

variables.tf

@@ -1,28 +1,41 @@
 variable "private_subnet_ids" {
-  description = "List of private subnet id"
+  description = "List of private subnet IDs for database and Kong ECS deployment"
   type        = list(string)
+  nullable    = false
 }
 
 variable "public_subnet_ids" {
-  description = "List of public subnet id"
+  description = "List of public subnet IDs for public-facing load balancers"
   type        = list(string)
+  nullable    = false
 }
 
 variable "vpc_id" {
-  description = "The ID of the VPC"
+  description = "The ID of the VPC where Kong infrastructure will be deployed"
   type        = string
+  nullable    = false
 }
 
 variable "rds_instance_class" {
-  description = "The instance class to use"
+  description = "The RDS instance class for Kong database (e.g., db.t3.micro, db.r5.large)"
   type        = string
   default     = "db.t3.micro"
+
+  validation {
+    condition     = can(regex("^db\\.", var.rds_instance_class))
+    error_message = "RDS instance class must start with 'db.' (e.g., db.t3.micro, db.r5.large)."
+  }
 }
 
 variable "db_allocated_storage" {
-  description = "The amount of allocated storage in GBs"
+  description = "Initial allocated storage for Kong RDS instance in GBs"
   type        = number
   default     = 20
+
+  validation {
+    condition     = var.db_allocated_storage >= 20
+    error_message = "Allocated storage must be at least 20 GBs for RDS instances."
+  }
 }
 
 variable "db_max_allocated_storage" {
@@ -50,7 +63,7 @@ variable "deletion_protection" {
 }
 
 variable "create_db_subnet_group" {
-  description = "Whether to create a DB subnet group"
+  description = "Whether to create a DB subnet group for Kong RDS instance"
   type        = bool
   default     = true
 }
@@ -92,7 +105,7 @@ variable "maintenance_window" {
 }
 
 variable "cluster_name" {
-  description = "Name of the cluster"
+  description = "Name of the ECS cluster where Kong will be deployed"
   type        = string
   default     = "default"
 }