Home · Apps · rl-main-infra
Workload Registry
rl-main-infra is not only an import repo. It is the shared platform IaC home for production workloads that need AWS infrastructure composition and lifecycle management.
This registry documents which workload folders should exist or be expected in the repo structure.
Registry standard
Each workload should have:
- a clear workload folder under
src/workloads/
- a short architecture note in docs
- explicit ownership of ingress, DNS, security assumptions, and workload-specific outputs
- separation between durable workload code and migration-only helpers
Canonical workload list
PBX
Canonical name: PBX
Folder standard: src/workloads/pbx/
Legacy alias: OpenCX only where existing code/config still uses it
Role:
- telephony workload hosted in the shared production AWS estate
- includes both web/admin and voice ingress concerns
Expected workload scope:
- host composition
- web ingress composition
- voice ingress composition
- workload DNS and certificate bindings
- workload-specific security assumptions
Naming rule:
- new docs/modules/folders use
PBX
- legacy
OpenCX references are tolerated only for backwards compatibility and historical traceability
Fed Proxy
Canonical name: fed-proxy
Folder standard: src/workloads/fed-proxy/
Role:
- ECS-backed proxy/application ingress composition
Expected workload scope:
- ECS service composition
- ALB/shared ingress attachment
- service discovery / Cloud Map assumptions
- workload DNS outputs if needed
Data Download
Canonical name: data-download
Folder standard: src/workloads/data-download/
Role:
- edge-delivered download/distribution workload
Expected workload scope:
- S3/CloudFront delivery composition
- aliases and certificates
- edge security options if needed
A folder belongs in src/workloads/ when it answers:
- how this named business/operational workload is assembled
- what DNS names belong to it
- what ingress model belongs to it
- what workload-specific rules or outputs must be exported
A folder does not belong in src/workloads/ when it is just a reusable primitive such as:
- ALB + ECS pattern
- ALB + EC2 pattern
- NLB + EC2 pattern
- Route53 helper
- WAF helper
Those belong in platform areas.
Minimal documentation expectation per workload
Each workload represented in rl-main-infra should eventually have:
- overview / purpose
- architecture summary
- ingress pattern summary
- DNS/cert model
- key security assumptions
- operational runbook references where applicable
- any known migration/legacy aliases
Current documentation note
At the moment, PBX is the workload with the clearest naming transition requirement:
- prefer
PBX everywhere human-facing
- retain
OpenCX only for legacy code/config compatibility until a safe later cleanup window exists