This documentation covers the AWS infrastructure defined as code using Terraform, featuring VPC, EKS, RDS, and more with security best practices.
Terraform Code Examples
VPC Configuration:
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "3.14.0"
name = "main-vpc"
cidr = "10.0.0.0/16"
azs = ["us-east-1a", "us-east-1b", "us-east-1c"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
enable_nat_gateway = true
single_nat_gateway = false
one_nat_gateway_per_az = true
enable_dns_hostnames = true
enable_dns_support = true
tags = {
Environment = "production"
Project = "multi-tier-app"
}
}
EKS Cluster:
module "eks" {
source = "terraform-aws-modules/eks/aws"
version = "18.20.0"
cluster_name = "main-cluster"
cluster_version = "1.22"
vpc_id = module.vpc.vpc_id
subnet_ids = module.vpc.private_subnets
eks_managed_node_groups = {
main = {
desired_size = 2
min_size = 2
max_size = 5
instance_types = ["t3.medium"]
capacity_type = "ON_DEMAND"
}
}
tags = {
Environment = "production"
Project = "multi-tier-app"
}
}
RDS Database:
module "db" {
source = "terraform-aws-modules/rds/aws"
version = "4.2.0"
identifier = "main-db"
engine = "aurora-postgresql"
engine_version = "13.6"
instance_class = "db.r5.large"
allocated_storage = 100
db_name = "appdb"
username = "dbadmin"
port = "5432"
vpc_security_group_ids = [aws_security_group.db_sg.id]
db_subnet_group_name = aws_db_subnet_group.main.name
multi_az = true
backup_retention_period = 7
skip_final_snapshot = false
deletion_protection = true
tags = {
Environment = "production"
Project = "multi-tier-app"
}
}