Terraform Agents
Building infrastructure-as-code agents: planning, validation, and apply loops.
01Terraform for AI Agents (1): Why IaC Is the Only Sane Way to Ship Agents
Agent systems are a moving target — new tools, new memory stores, new regions every month. Manual console clicks don't …
02Terraform for AI Agents (2): Provider, Auth, and Remote State on OSS
Pinning the alicloud provider, picking between AK/SK, AssumeRole, and ECS RAM role auth, putting tfstate on OSS with …
03Terraform for AI Agents (3): A Reusable VPC and Security Baseline
The first reusable module — a three-zone VPC with public/private subnets, NAT egress, security groups layered by tier, …
04Terraform for AI Agents (4): Compute — ECS, ACK, or Function Compute?
The three places an agent's main loop can live on Aliyun: a long-running ECS instance with pm2, a Kubernetes pod on ACK, …
05Terraform for AI Agents (5): Storage — Vector, Relational, and Object Memory
An agent has three kinds of memory and they map onto three Aliyun services: PolarDB/RDS for sessions, OpenSearch (vector …
06Terraform for AI Agents (6): LLM Gateway and Secrets Management
Centralise LLM API access through one gateway: per-agent quotas, request logging, and zero secrets outside KMS. …
07Terraform for AI Agents (7): Observability, SLS Dashboards, and Cost Alarms
Logs to SLS, traces to ARMS, metrics to CloudMonitor — all provisioned in HCL so a new env comes pre-instrumented. The …
08Terraform for AI Agents (8): End-to-End — research-agent-stack in One Apply
Stitching the seven modules into one repo, running terraform apply once, and watching a complete agent runtime — VPC, …