Inputs and variables

The root inputs live in terraform/staging/variables.tf and terraform/prod/variables.tf. Both roots share the same interface.

Identity and ownership

Variable	Purpose	Current shape
aws_region	target AWS region	us-east-1 in both roots
project_name	naming and tagging prefix	poc-atlas in staging example, atlas in prod
environment	environment tag and naming suffix	dev in staging example, prod in prod
owner_email	alert subscription target and ownership tag	required in both roots

Ingress and hostnames

Variable	Purpose	Current shape
alb_certificate_id	ACM certificate for the ALB HTTPS listener	environment-specific
alb_ingress_cidrs	client allow-list for ALB HTTP/HTTPS	0.0.0.0/0 in current staging example and prod values
events_ingestion_host	host routed to the events API	atlas-ingest.twinfo.io in staging example
dashboard_backend_host	host routed to the dashboard backend	atlas-back.twinfo.io in staging example
kafka_ui_host	host routed to Kafka UI	atlas-kafka.twinfo.io in staging example
*_listener_priority	ALB host-header rule priority	events 1, dashboard 2, Kafka UI 3

Networking and environment shape

Variable	Purpose	Current shape
vpc_cidr_block	primary VPC CIDR	10.0.0.0/16 in staging example, 10.20.0.0/16 in prod
private_vpc_peering_routes	extra routes on each private route table	empty in staging example, defined in prod
vpc_flow_logs_retention_days	retention for /vpc/flow-logs	1 day in staging example, 7 days in prod

Events and image bootstrap

Variable	Purpose	Current shape
events_service_name_suffix	events ECS service suffix	events-ingestion
events_ecr_repository_suffix	events ECR repository suffix	events-ingestion
events_log_retention_days	events service log retention	1 day in staging example, 7 days in prod
dashboard_backend_log_retention_days	dashboard service log retention	1 day in staging example, 7 days in prod
kafka_ui_log_retention_days	Kafka UI log retention	1 day in staging example, 7 days in prod

MSK and sink controls

Variable	Purpose	Current shape
msk_broker_instance_type	Kafka broker class	kafka.t3.small in staging example, kafka.m5.large in prod
msk_enable_multi_vpc_connectivity	enables multi-VPC connectivity support	false in staging example, true in prod
msk_subnet_type	public or private broker placement	public in staging example, private in prod
msk_public_access_cidrs	CIDRs allowed to reach public IAM + TLS on 9198	open in staging defaults
enable_msk_s3_sink	enables optional MSK Connect to S3	enabled in the committed examples
create_msk_connect_plugin_bucket	creates the plugin bucket	enabled
msk_s3_sink_plugin_file_key	required ZIP object key when sink is on	set only after upload
msk_s3_sink_topics_regex	topic selector regex	atlas\\.events\\..*
msk_s3_sink_partition_fields	S3 partitioning fields	organization_id, brand_id

Dashboard database controls

Variable	Purpose	Current shape
dashboard_db_identifier	DB instance identifier suffix	rds-atlas-dashboard in staging example, rds in prod
dashboard_db_name	initial database name	atlas_dashboard
dashboard_db_instance_class	RDS instance size	db.t4g.micro in staging example, db.t3.medium in prod
dashboard_db_subnet_group_type	public or private subnet group	public in staging example, private in prod
dashboard_db_publicly_accessible	public accessibility flag	true in staging example, false in prod
dashboard_db_multi_az	Multi-AZ toggle	false in staging example, true in prod
dashboard_db_allowed_cidr_blocks	CIDRs allowed to reach PostgreSQL	open in staging example, constrained in prod
dashboard_db_deletion_protection	destroy protection	false in staging example, true in prod
dashboard_db_skip_final_snapshot	destroy-time snapshot behavior	true in staging example, false in prod

tip

When in doubt, compare terraform/staging/terraform.tfvars.example with terraform/prod/production.auto.tfvars. That gives the clearest view of how Atlas wants environment parity with different safety and access postures.