AWS IaC Generator
A pipeline that turns a plain-English infrastructure requirement into reviewed, policy-checked Terraform — generated, validated, and Trivy-scanned, but never deployed.
About
AWS IaC Generator turns a plain-English infrastructure requirement into reviewed, policy-checked Terraform. A Go backend orchestrates a six-stage pipeline — Architect (normalize the requirement into a topology brief), Terraform (generate strict JSON converted to *.tf files), Security (terraform validate + Trivy scan with automatic retry on HIGH/CRITICAL findings), Pull Request, Release, and Cloud readiness — streaming every stage back to a React/Vite UI over Server-Sent Events. The model layer is pluggable and auto-selects at startup: Kiro CLI, Amazon Bedrock (Converse API), or offline fixtures when no key is set. Crucially it runs in backend=false mode and never deploys: model output is treated as untrusted data, generated filenames are constrained to *.tf basenames, and the supported-resource scope is deliberately narrow — S3, IAM, VPC, and KMS.