Infrastructure Resource Names Reference

This document lists all AWS resource names. Use this reference to configure the application code.

S3 Buckets

Purpose	Bucket Name	Notes
Global storage	`v1-orcha-global-storage-{account_id}`	Replace `{account_id}` with AWS account ID (e.g., `700558745280`)
Pipeline artifacts	`v1-orcha-pipeline-artifacts-{account_id}`	Used by CodePipeline

SQS Queues

Purpose	Queue Name	URL Pattern
Ingestion processing	`v1-orcha-global-ingest`	`https://sqs.eu-central-1.amazonaws.com/{account_id}/v1-orcha-global-ingest`
Ingestion DLQ	`v1-orcha-global-ingest-dlq`	`https://sqs.eu-central-1.amazonaws.com/{account_id}/v1-orcha-global-ingest-dlq`
Email acquisition	`v1-orcha-global-email-acquire`	`https://sqs.eu-central-1.amazonaws.com/{account_id}/v1-orcha-global-email-acquire`
Email acquisition DLQ	`v1-orcha-global-email-acquire-dlq`	`https://sqs.eu-central-1.amazonaws.com/{account_id}/v1-orcha-global-email-acquire-dlq`

ECR Repository

Purpose	Repository Name	URI Pattern
Application images	`v1-orcha`	`{account_id}.dkr.ecr.eu-central-1.amazonaws.com/v1-orcha`

RDS Database

Attribute	Value
Instance identifier	`v1-orcha-db`
Database name	`orcha`
Master username	`orcha_admin`
Engine	PostgreSQL 18.1
Instance type	db.t4g.medium
Port	5432

Secrets Manager

Secret Name	Contents
`/v1-orcha/db-credentials`	`{"username": "orcha_admin", "password": "...", "host": "...", "port": 5432, "dbname": "orcha", "engine": "postgres"}`

SSM Parameters

Parameter Path	Type	Description
`/v1-orcha/account-id`	String	AWS account ID
`/v1-orcha/anthropic-api-key`	String	Claude API key
`/v1-orcha/google-genai-api-key`	String	Gemini API key
`/v1-orcha/google-cloud-project`	String	Google Cloud project ID
`/v1-orcha/google-docai-processor-id`	String	Document AI processor ID
`/v1-orcha/outlook-client-id`	String	Microsoft OAuth client ID
`/v1-orcha/outlook-client-secret`	String	Microsoft OAuth client secret
`/v1-orcha/outlook-state-secret`	String	OAuth state JWT signing secret
`/v1-orcha/gmail-client-id`	String	Google OAuth client ID
`/v1-orcha/gmail-client-secret`	String	Google OAuth client secret
`/v1-orcha/gmail-state-secret`	String	Gmail OAuth state secret
`/v1-orcha/gmail-pubsub-topic`	String	Gmail Pub/Sub topic
`/v1-orcha/gmail-pubsub-subscription`	String	Gmail Pub/Sub subscription

Security Groups

Name	Purpose
`v1-orcha-alb-sg`	Application Load Balancer
`v1-orcha-ec2-sg`	EC2 instances
`v1-orcha-rds-sg`	RDS database
`v1-orcha-codebuild-sg`	CodeBuild projects

Route53 Hosted Zone

Attribute	Value
Zone name	`{env_name}.getorcha.com` (e.g., `prod.getorcha.com`)
Type	Public hosted zone

VPC

Attribute	Value
CIDR	`10.0.0.0/16`
Region	`eu-central-1`
Availability Zones	`eu-central-1a`, `eu-central-1b`

Subnets

Type	AZ	CIDR (auto-allocated by CDK)
Public	eu-central-1a	10.0.0.0/24
Public	eu-central-1b	10.0.1.0/24
Private	eu-central-1a	10.0.2.0/24
Private	eu-central-1b	10.0.3.0/24

CloudFormation Stack Names

Stack	Name Pattern
Foundation	`V1Orcha{Env}Foundation` (e.g., `V1OrchaProdFoundation`)
Data	`V1Orcha{Env}Data` (e.g., `V1OrchaProdData`)

Tags (Applied to All Resources)

Key	Value
`Project`	`orcha`
`Environment`	`{env_name}` (e.g., `prod`)
`ManagedBy`	`cdk`

Environment Variables for Application

Use these in your application configuration:

# S3
AWS_S3_BUCKET=v1-orcha-global-storage-{account_id}

# SQS
AWS_SQS_INGEST_QUEUE_URL=https://sqs.eu-central-1.amazonaws.com/{account_id}/v1-orcha-global-ingest
AWS_SQS_EMAIL_ACQUIRE_QUEUE_URL=https://sqs.eu-central-1.amazonaws.com/{account_id}/v1-orcha-global-email-acquire

# Database (retrieve from Secrets Manager)
DB_SECRET_NAME=/v1-orcha/db-credentials
# The secret contains host, port, dbname, username, password as JSON

# ECR
ECR_REPOSITORY_URI={account_id}.dkr.ecr.eu-central-1.amazonaws.com/v1-orcha

# Region
AWS_REGION=eu-central-1