This is a short-lived environment spun up automatically when a pull request is opened.
It runs your exact branch code in AWS ECS — same infrastructure as production, isolated per PR.
It self-destructs when the PR is closed.
Isolated
Each PR gets its own ECS service, IAM roles, CloudFront distribution, and S3 bucket — no shared state.
Ephemeral
Resources are created on PR open and destroyed on PR close. Nothing lingers.
Stateless
Terraform state is stored in S3 — no manual cleanup between pushes.
Production-parity
Runs the same Terraform modules as dev/stg/prd. What you see here is what ships.
CrowdStrike Protected
Falcon sensor sidecar runs alongside your container — same security posture as production.