Deploy a cluster in dev (#27)

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> **Medium Risk**
> Creates/changes real AWS infrastructure (VPC, NAT, ALB with public
ingress, ECS cluster), which can incur cost and expose resources if
misconfigured. Most files are generated, but reviewers should validate
networking, tagging lookups, and security group rules.
> 
> **Overview**
> Introduces a new Terramate `BundleInstance`
(`ecs-fargate-dev-dev.tm.yml`) to deploy the
`tf-aws-complete-ecs-fargate-cluster` bundle in the `dev` environment
with VPC CIDR `10.0.0.0/16`.
> 
> Adds Terramate-generated Terraform stacks under
`stacks/dev/ecs-clusters/ecs-fargate-dev/` to provision a VPC (3 AZs,
public/private subnets, single NAT), an ECS cluster with a mixed
`FARGATE`/`FARGATE_SPOT` capacity provider strategy, and an
internet-facing ALB with port 80 open and egress scoped to the VPC CIDR;
all stacks use a local Terraform backend and tag resources with the
bundle UUID/alias.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
53d1f2d. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Author: soerenmartius

cloud-services/tf-aws-complete-ecs-fargate-cluster/ecs-fargate-dev-dev.tm.yml

@@ -0,0 +1,20 @@
+apiVersion: terramate.io/cli/v1
+kind: BundleInstance
+metadata:
+  name: ecs-fargate-dev-dev
+  uuid: 8d3d9fdc-e259-4a5c-80fe-cde16193fc6a
+spec:
+  source: /bundles/example.com/tf-aws-complete-ecs-fargate-cluster/v1
+  inputs:
+    
+    # A list of available environments to create the ECS cluster in.
+    env: dev
+    
+    # The name for the ECS Fargate Cluster, Load Balancer, and VPC.
+    name: ecs-fargate-dev
+    
+    # CIDR block for the VPC (e.g., 10.0.0.0/16)
+    vpc_cidr: 10.0.0.0/16
+    
+    # AWS Resource tags to attach to all created resources. Additional internal tags will be added by default.
+    tags: {}

stacks/dev/ecs-clusters/ecs-fargate-dev/alb/backend.tf

@@ -0,0 +1,6 @@
+// TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT
+
+terraform {
+  backend "local" {
+  }
+}

stacks/dev/ecs-clusters/ecs-fargate-dev/alb/component_alb_main.tf

@@ -0,0 +1,81 @@
+// TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT
+
+resource "null_resource" "initial_deployment_trigger" {
+}
+data "aws_vpc" "vpc_by_tags" {
+  depends_on = [
+    null_resource.initial_deployment_trigger,
+  ]
+  filter {
+    name = "tag:example.com/tf-aws-complete-ecs-fargate-cluster/v1/bundle-uuid"
+    values = [
+      "8d3d9fdc-e259-4a5c-80fe-cde16193fc6a",
+    ]
+  }
+}
+data "aws_subnets" "public" {
+  filter {
+    name = "vpc-id"
+    values = [
+      data.aws_vpc.vpc_by_tags.id,
+    ]
+  }
+  filter {
+    name = "tag:Name"
+    values = [
+      "*-public-*",
+    ]
+  }
+}
+locals {
+  security_group_egress_rules = { for k, v in {
+    all = {
+      cidr_ipv4   = "10.0.0.0/16"
+      ip_protocol = "-1"
+    }
+    } : k => merge(v, {
+      cidr_ipv4 = v.cidr_ipv4 != null ? v.cidr_ipv4 : local.vpc_cidr_block_value
+  }) }
+  subnets_value        = data.aws_subnets.public.ids
+  vpc_cidr_block_value = data.aws_vpc.vpc_by_tags.cidr_block
+  vpc_id_value         = data.aws_vpc.vpc_by_tags.id
+}
+module "alb" {
+  enable_deletion_protection = false
+  listeners = {
+    http = {
+      fixed_response = {
+        content_type = "text/plain"
+        status_code  = "200"
+      }
+      port     = 80
+      protocol = "HTTP"
+      rules    = {}
+    }
+  }
+  load_balancer_type = "application"
+  name               = "ecs-fargate-dev-dev"
+  security_group_egress_rules = {
+    all = {
+      cidr_ipv4   = "10.0.0.0/16"
+      ip_protocol = "-1"
+    }
+  }
+  security_group_ingress_rules = {
+    all_http = {
+      cidr_ipv4   = "0.0.0.0/0"
+      from_port   = 80
+      ip_protocol = "tcp"
+      to_port     = 80
+    }
+  }
+  source  = "terraform-aws-modules/alb/aws"
+  subnets = local.subnets_value
+  tags = {
+    "example.com/tf-aws-complete-ecs-fargate-cluster/v1/bundle-alias" = "ecs-fargate-dev-dev"
+    "example.com/tf-aws-complete-ecs-fargate-cluster/v1/bundle-uuid"  = "8d3d9fdc-e259-4a5c-80fe-cde16193fc6a"
+  }
+  target_groups = {}
+  version       = "10.4.0"
+  vpc_id        = local.vpc_id_value
+}

stacks/dev/ecs-clusters/ecs-fargate-dev/alb/stack.tm.hcl

@@ -0,0 +1,3 @@
+stack {
+  id = "de8f108a-7cdb-4e07-8d19-7ed0a482ad04"
+}

stacks/dev/ecs-clusters/ecs-fargate-dev/alb/terraform.tf

@@ -0,0 +1,20 @@
+// TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT
+
+terraform {
+  required_version = "1.14.1"
+}
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "6.25.0"
+    }
+    null = {
+      source  = "hashicorp/null"
+      version = "3.2.0"
+    }
+  }
+}
+provider "aws" {
+  region = "us-east-1"
+}

stacks/dev/ecs-clusters/ecs-fargate-dev/cluster/backend.tf

@@ -0,0 +1,6 @@
+// TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT
+
+terraform {
+  backend "local" {
+  }
+}

stacks/dev/ecs-clusters/ecs-fargate-dev/cluster/component_ecs-cluster_main.tf

@@ -0,0 +1,20 @@
+// TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT
+
+module "ecs_cluster" {
+  cluster_name = "ecs-fargate-dev-dev"
+  default_capacity_provider_strategy = {
+    FARGATE = {
+      base   = 20
+      weight = 50
+    }
+    FARGATE_SPOT = {
+      weight = 50
+    }
+  }
+  source = "terraform-aws-modules/ecs/aws"
+  tags = {
+    "example.com/tf-aws-complete-ecs-fargate-cluster/v1/bundle-alias" = "ecs-fargate-dev-dev"
+    "example.com/tf-aws-complete-ecs-fargate-cluster/v1/bundle-uuid"  = "8d3d9fdc-e259-4a5c-80fe-cde16193fc6a"
+  }
+  version = "6.1.0"
+}

stacks/dev/ecs-clusters/ecs-fargate-dev/cluster/stack.tm.hcl

@@ -0,0 +1,3 @@
+stack {
+  id = "f0f27568-8b93-405d-b0b3-8b6ffda0bd3f"
+}

stacks/dev/ecs-clusters/ecs-fargate-dev/cluster/terraform.tf

@@ -0,0 +1,20 @@
+// TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT
+
+terraform {
+  required_version = "1.14.1"
+}
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "6.25.0"
+    }
+    null = {
+      source  = "hashicorp/null"
+      version = "3.2.0"
+    }
+  }
+}
+provider "aws" {
+  region = "us-east-1"
+}

stacks/dev/ecs-clusters/ecs-fargate-dev/vpc/backend.tf

@@ -0,0 +1,6 @@
+// TERRAMATE: GENERATED AUTOMATICALLY DO NOT EDIT
+
+terraform {
+  backend "local" {
+  }
+}