SG-3410: Add StackGuardian Private Runner Terraform modules for AWS deployment

[hllvc]

Summary

This PR introduces comprehensive Terraform modules for deploying StackGuardian Private Runners on AWS, including both Packer-based AMI building and EC2 auto-scaling infrastructure. The implementation provides a complete solution for creating optimized custom AMIs and deploying highly available, auto-scaling runner infrastructure with Lambda-based queue monitoring.

Key Changes

New Modules and Templates

• Packer AMI Builder Module (packer/) - Builds custom AMIs with pre-installed dependencies including Docker, Terraform, OpenTofu, jq, and StackGuardian runner components
• AWS Deployment Module (aws/) - Deploys auto-scaling EC2 instances with Lambda-based autoscaling, S3 storage backend, and StackGuardian platform integration
• Root Template Documentation - Comprehensive guides for both deployment patterns and complete end-to-end workflow

Packer Module Features

• Multi-OS support: Amazon Linux 2, Ubuntu LTS (20.04, 22.04), and RHEL (8.8, 9.6)
• Configurable Terraform and OpenTofu version installation with multi-version support
• Optional OS package updates and custom user scripts for additional setup
• AMI deregistration protection with optional cooldown periods
• Automatic or manual AMI cleanup on terraform destroy
• Support for both public and private subnet builds with proxy configuration

AWS Module Features

• Auto Scaling Group with configurable instance types and EBS volumes
• Lambda-based autoscaler monitoring StackGuardian job queues
• EventBridge Scheduler triggering autoscaler every minute
• S3 storage backend with encryption, versioning, and lifecycle management
• Security groups with configurable SSH access and additional ingress rules
• IAM roles following least-privilege principles for EC2 instances and Lambda functions
• StackGuardian Runner Group and Connector resources for platform integration
• Support for both public and private subnet deployments with NAT Gateway option
• Automatic EBS volume mounting to /var for improved storage capacity

Configuration and Schemas

• JSON schemas for input validation in StackGuardian platform
• UI schemas with detailed descriptions for no-code template configuration
• Example terraform.tfvars files for both modules
• Comprehensive variable documentation with defaults and validation rules

Documentation

• Detailed README files for both modules explaining architecture, prerequisites, and usage
• Root-level README with complete deployment guide and alternative patterns
• TERRAFORM_DESTROY_GUIDE.md for proper AMI cleanup procedures
• Inline comments and descriptions for all Terraform resources

Supporting Files

• Shell scripts for Packer build automation and AWS CLI integration
• Setup scripts for AMI provisioning with OS-specific package management
• Cleanup scripts for automated AMI deregistration and snapshot deletion
• .gitignore configuration for Terraform and Packer artifacts

Additional Notes

• All resources follow AWS best practices with encryption, versioning, and security group restrictions
• The modules support enterprise environments with existing network infrastructure
• Automatic cleanup of AMIs can be disabled to preserve images for manual management
• Lambda autoscaler respects configurable cooldown periods to prevent scaling oscillations
• Both modules include comprehensive error handling and validation

[notion-workspace]

Terraform Module Template for Private Runner