Terraform Infrastructure as Code
Reusable Terraform modules for AWS infrastructure with remote state management, consistent dev/QA/prod parity, and ISO compliance-aligned resource tagging.
Terraform Infrastructure as Code
Managing AWS infrastructure manually doesn’t scale — and it doesn’t audit. This project is the module library and Terraform patterns I use to provision and manage cloud resources consistently across environments.
What’s in Here
Reusable modules for common AWS primitives: VPC with public/private subnet segmentation, EKS clusters, IAM roles and policies, security groups, and S3 buckets with versioning and lifecycle rules. Each module is parameterized so dev, QA, and prod use identical logic with different input variables.
Remote state with locking — state stored in S3 with DynamoDB locking. No more state conflicts when two engineers run terraform apply simultaneously.
ISO compliance alignment — mandatory resource tagging enforced via variable validation and module defaults. Every resource carries environment, team, and cost-center tags, making audit reports automatable.
The Pattern
modules/
eks-cluster/ # EKS cluster + node groups + IRSA
vpc/ # VPC, subnets, NAT, IGW, route tables
iam-role/ # Reusable IRSA-compatible IAM role
environments/
dev/
staging/
prod/Environments call modules with environment-specific variables. The same EKS module provisions a 2-node dev cluster and a production fleet — no copy-paste drift between environments.
Why It Matters
When an EKS cluster needed replacing (blue-green upgrade from v1.23 to v1.28), the new cluster was provisioned from Terraform in under an hour. Infrastructure-as-code turns disaster recovery from a heroic manual effort into a repeatable procedure.