# ECR Repository
resource "aws_ecr_repository" "main" {
  name = var.ecr_repository_name
}

# EFS File System
resource "aws_efs_file_system" "main" {
  creation_token = var.efs_creation_token
}

resource "aws_efs_mount_target" "main" {
  count           = length(aws_subnet.private)
  file_system_id  = aws_efs_file_system.main.id
  subnet_id       = aws_subnet.private[count.index].id
  security_groups = [aws_security_group.eks_nodes.id]
}

# S3 Bucket for Terraform State
resource "aws_s3_bucket" "tfstate" {
  bucket = var.s3_bucket_name

  versioning {
    enabled = true
  }

  server_side_encryption_configuration {
    rule {
      apply_server_side_encryption_by_default {
        sse_algorithm = "AES256"
      }
    }
  }
}