This example provisions an AWS VPC via the mars/heroku_aws_vpc module, a new Private Space, peers them automatically, and deploys a Heroku app and an AWS ECS app that form a two-way (duplex) health check.

An AWS IAM user (aws_access_key & aws_secret_key in Usage below).

Name suggestion: terraform-vpc-peered-health-provisioner

With policies:

• AmazonEC2FullAccess
• AmazonECS_FullAccess
• AmazonVPCFullAccess
• IAMFullAccess
• CloudWatchLogsFullAccess

export \
  TF_VAR_heroku_email=name@example.com \
  TF_VAR_heroku_enterprise_team=xxxxx \
  TF_VAR_heroku_api_key=xxxxx \
  TF_VAR_aws_access_key=xxxxx \
  TF_VAR_aws_secret_key=xxxxx \
  TF_VAR_instance_public_key='ssh-rsa xxxxx…' 
terraform init
terraform apply \
  -var name=my-deployment-name \
  -var aws_region=us-west-2

Once apply completes successfully, visit the output health_public_url in a web browser.

⏲ It may take a few minutes for all services to start & DNS records to propagate.

Eventually, the Health Check web UI should reflect a healthy duplex connection: