AWS Prod Project
In this project we write AWS infrastructure (VPCs, EC2, EKS, RDS, IAM, etc.) as code.
Code is version-controlled in Git, so you can review, rollback, and audit infra changes like application code.
Why Terraform
Consistency Across Environments
Same Terraform module can spin up infra for dev, staging, and prod with different variables.
No “it works in dev but not in prod” problem.
Multi-Cloud & Multi-Account Support
Unlike CloudFormation (AWS-only), Terraform works with AWS, GCP, Azure, Kubernetes, etc.
Enterprises with multiple AWS accounts (common in large orgs) use Terraform to apply the same patterns across accounts.
State Management
Terraform keeps a state file (can be stored in S3 + DynamoDB for locking) that tracks deployed resources.
Prevents accidental duplication or drift between what’s written in code and what’s running in AWS.
Reusable Modules
Teams build Terraform modules for common AWS resources (VPC, EKS, RDS).
Any team can reuse them with minimal input, ensuring standardized, compliant infra across the company.
Collaboration & Automation
Works seamlessly with CI/CD pipelines (GitHub Actions, GitLab, Jenkins).
Teams can review infra changes in Pull Requests before applying.
Helps Site Reliability Engineers (SREs) and DevOps engineers enforce governance.
Cost & Compliance
Terraform policies (with Sentinel or OPA) enforce rules like:
“All S3 buckets must have encryption enabled.”
“No EC2 instance larger than m5.xlarge in dev.”
Prevents unnecessary costs and enforces security standards.
Last updated