Define Cloud Infrastructure with Pulumi Using TypeScript or Python

Write a Pulumi program in [LANGUAGE] (TypeScript or Python) that provisions the following cloud infrastructure on [CLOUD_PROVIDER] (AWS, Azure, or GCP): **Target Architecture**: [ARCHITECTURE_DESCRIPTION] (e.g., a containerized web app with a load balancer, managed database, and CDN; a serverless API with Lambda, API Gateway, and DynamoDB). Requirements: 1. **Project Structure**: - Organize resources into logical modules/files: networking, compute, database, and monitoring. - Use a `Pulumi.dev.yaml` and `Pulumi.prod.yaml` stack configuration for environment-specific values like instance sizes, replica counts, and feature flags. - Read configuration values using `pulumi.Config()` rather than hardcoding. 2. **Core Resources**: - Provision [RESOURCE_LIST] (e.g., VPC with public/private subnets, ECS service, RDS instance, S3 bucket). - Enable encryption, logging, and monitoring by default. - Use [CLOUD_PROVIDER]'s managed services where possible. 3. **Reusable Components**: - Create at least one Pulumi `ComponentResource` class for [COMPONENT_NAME] (e.g., a `WebService` that bundles an ALB, ECS service, and target group) with configurable properties. - Show how to instantiate this component multiple times with different configurations. 4. **Secrets and Config**: - Store sensitive values (database passwords, API keys) using `pulumi.Config().requireSecret()`. - Pass secrets to resources without exposing them in plain text in state. 5. **Outputs and Stack References**: - Export key outputs: endpoint URLs, resource IDs, connection strings. - Show how another Pulumi stack can consume these outputs using `StackReference`. 6. **Error Handling**: - Add input validation for component arguments. - Use `pulumi.log` for informational messages during deployment. Include inline comments explaining design decisions and a README snippet describing how to deploy with `pulumi up`.