The repo you're looking at now is called infrastructure-live-acme. This repo represents the live, deployed
state of your AWS account(s). This code "instantiates" the modules in the infrastructure-modules-acme repo
(described in the next section) in each of your environments (stage, prod, etc), setting the input variables for the
module with values appropriate for that environment.
Account: At the top level are each of your AWS accounts, such as stage, prod, shared-services, etc. If you
have everything deployed in a single AWS account, there will just be a single folder at the root (e.g. main).
Region: Within each account, there will be one or more AWS
regions, such as
us-east-1, eu-west-1, and ap-southeast-2, where you've deployed resources. There may also be a _global
folder that defines resources that are available across all the AWS regions in this account, such as IAM users,
Route 53 hosted zones, and CloudTrail.
Environment: Within each region, there will be one or more "environments", such as qa, mgmt, etc. Typically,
an environment will correspond to a single AWS Virtual Private Cloud (VPC), which
isolates that environment from everything else in that AWS account. There may also be a _global folder
that defines resources that are available across all the environments in this AWS region, such as Route 53 A records,
SNS topics, and ECR repos.
Resource: Within each environment, you deploy all the resources for that environment, such as EC2 Instances, Auto
Scaling Groups, ECS Clusters, Databases, Load Balancers, and so on. The deployment is done using
Terragrunt, which is a thin wrapper for Terraform that helps keep your
code DRY and maintainable.
The reason we keep each account, region, and environment in separate Terraform templates in separate folders is for
isolation. This reduces the chances that when you're fiddling in, say, the staging environment in us-west-2, you
accidentally break something in the prod environment in us-east-1. In fact, our setup also ensures that Terraform
will store the state of your infrastructure in separate files for each
environment too, so in the (very rare) case that you totally corrupt your state in the stage environment, your prod
environment should keep running just fine. Moreover, small modules run faster, the plan output is easier to read,
permissions management is easier, testing is easier, and so on. See Lessons Learned From Writing Over 300,000 Lines of
Infrastructure Code
for more info.
infrastructure-modules-acme
This infrastructure-modules-acme repo contains all of Acme's infrastructure code, broken down
into modules. Think of each module as an opinionated "blueprint" for how to deploy a particular piece of
infrastructure. Each module is meant to be reused across multiple environments, so any setting that may differ from
environment to environment is exposed as an input variable.
The advantages of this approach are:
You can define reusable pieces of infrastructure in modules.
You can test each module in isolation.
You can version each module separately and thereby experiment with different versions of your infrastructure in
different environments (e.g. try a new database in staging before production).
The modules are configured for and deployed to each environment in the infrastructure-live-acme repo, as
described in the previous section. Under the hood, many of the modules in the infrastructure-modules-acme repo
make use of Gruntwork modules, as described in the next section.
Gruntwork Infrastructure as Code Library
The Gruntwork Infrastructure as Code (IaC) Library is a
collection of over 300,000 lines of reusable, battle-tested, production-grade infrastructure code for AWS, GCP, and
Azure. Many of the modules in the infrastructure-modules-acme repo are using modules from the Gruntwork IaC
Library under the hood.
{"treedata":{"name":"root","toggled":true,"children":[{"name":".gitignore","path":".gitignore","sha":"1c27fc6013cba46cd301a7c8bf951694670153a3"},{"name":"CODEOWNERS","path":"CODEOWNERS","sha":"6bddb3ff6e1b3dfaba7cf180e56bca12c245be56"},{"name":"README.md","path":"README.md","sha":"74507349a9d5cd784540410365adc61ba68000f1"},{"name":"_docs","children":[{"name":"01-architecture-overview.md","path":"_docs/01-architecture-overview.md","sha":"fa091294c3f4cfb2e7bd1d7df78907faf076996b"},{"name":"02-whats-deployed.md","path":"_docs/02-whats-deployed.md","sha":"8bf4519132e2ea43cbcf1e1d67eff3f961471af2"},{"name":"03-security-compliance-compatibility.md","path":"_docs/03-security-compliance-compatibility.md","sha":"9342617f42adb28e440cc2161f3fee56205c150e"},{"name":"04-how-code-is-organized.md","path":"_docs/04-how-code-is-organized.md","sha":"64b9396f54fb0b791d39b93919a6416ab8215f0d","toggled":true},{"name":"05-dev-environment.md","path":"_docs/05-dev-environment.md","sha":"9209da466b0f9afee5e1afb36f01a2ba8149012f"},{"name":"06-ci-cd.md","path":"_docs/06-ci-cd.md","sha":"0685cbe746fa0271357db34ebd39d76397ea19c4"},{"name":"07-monitoring-alerting-logging.md","path":"_docs/07-monitoring-alerting-logging.md","sha":"619c810c6e60418b3a46fa3d903bc76dc6d48e41"},{"name":"08-ssh-vpn.md","path":"_docs/08-ssh-vpn.md","sha":"0f526549f4b0d08cf2a914def239f8ff872ec2d1"},{"name":"09-accounts-and-auth.md","path":"_docs/09-accounts-and-auth.md","sha":"9e6d2c1f8b9a7cc7c5b3ce3386eea22daac6cc17"},{"name":"10-gruntwork-tools.md","path":"_docs/10-gruntwork-tools.md","sha":"d08b1fe7cfbb9ad91155bfff9e3a05525c39c127"},{"name":"11-deploying-a-docker-service.md","path":"_docs/11-deploying-a-docker-service.md","sha":"d2123b688287557c1c38cd415a729b3a445a45ad"},{"name":"12-migration.md","path":"_docs/12-migration.md","sha":"6e46bf752f330de978a8927858a716f04db13f60"},{"name":"13-deploying-the-reference-architecture-from-scratch.md","path":"_docs/13-deploying-the-reference-architecture-from-scratch.md","sha":"9eb702bb6da48a97b2c9eead594a3474a1ee6703"},{"name":"14-undeploying-the-reference-architecture.md","path":"_docs/14-undeploying-the-reference-architecture.md","sha":"3ed0569cdd0e3d32079ab537e1697fbcb3ee27d8"},{"name":"15-adding-new-environments-regions-and-accounts.md","path":"_docs/15-adding-new-environments-regions-and-accounts.md","sha":"6a0372a843a9245570379e1beaad452e67d234c3"},{"name":"README.md","path":"_docs/README.md","sha":"785d2b0b36b10e75c96e4eaa7414c1c71d78e222"},{"name":"_images","children":[{"name":"cw-logs-1.png","path":"_docs/_images/cw-logs-1.png","sha":"84c86f014751844fbd777b5139ed61f749b5ed32"},{"name":"cw-logs-2.png","path":"_docs/_images/cw-logs-2.png","sha":"9a0a80b20490fdc1b9014040cc0bbc87c9cf6f68"},{"name":"cw-logs-3.png","path":"_docs/_images/cw-logs-3.png","sha":"bda49dc4e947658e0ceb9ba592b4e314d9db61e9"},{"name":"cw-logs-4.png","path":"_docs/_images/cw-logs-4.png","sha":"54bcc44c4b0701620b7f20c4e6fc0a9fd8f38049"},{"name":"ecs-console-1.png","path":"_docs/_images/ecs-console-1.png","sha":"afe452278d5f107e6ec225a235c587de7cb53510"},{"name":"ecs-console-2.png","path":"_docs/_images/ecs-console-2.png","sha":"40609b98015d781b9e1de801c131fadc323337ae"},{"name":"ecs-console-3.png","path":"_docs/_images/ecs-console-3.png","sha":"87ad40d291b7e9e6f6caa0389b846392bdb93ee0"},{"name":"ref-arch-full.png","path":"_docs/_images/ref-arch-full.png","sha":"8c17eef52be06757553a1f3ee4e387e6dc820016"},{"name":"ref-arch-icon.png","path":"_docs/_images/ref-arch-icon.png","sha":"05876962e6877df911674237ca1b793d9f4f04b3"},{"name":"terraform-code-provenance.png","path":"_docs/_images/terraform-code-provenance.png","sha":"e2a9d6bfbd8b963b057d4341dd0ec93e3823d834"}]}],"toggled":true},{"name":"main","children":[{"name":"_global","children":[{"name":"README.md","path":"main/_global/README.md","sha":"d1b8a96c00211751f079fa13cac1b3417d29bf09"},{"name":"cloudtrail","children":[{"name":"README.md","path":"main/_global/cloudtrail/README.md","sha":"7bf54b13e60f80416bbe3ee5b22328ee47a2532a"},{"name":"terragrunt.hcl","path":"main/_global/cloudtrail/terragrunt.hcl","sha":"5d4953cb81dc711c1f5641e26b54b2de8dedf62e"}]},{"name":"iam-groups","children":[{"name":"README.md","path":"main/_global/iam-groups/README.md","sha":"b6797c786d3c914257fc0e0bb4680e9fc861ab38"},{"name":"terragrunt.hcl","path":"main/_global/iam-groups/terragrunt.hcl","sha":"f14f3f59fb104ffc4f9925dd8565f43d665600c7"}]},{"name":"iam-user-password-policy","children":[{"name":"README.md","path":"main/_global/iam-user-password-policy/README.md","sha":"1ddbc02253cb2fb3971fdbf1b3e09758f8eede9a"},{"name":"terragrunt.hcl","path":"main/_global/iam-user-password-policy/terragrunt.hcl","sha":"482cdc172a7e5f033acf9d808bef3e8bd3ef8f1e"}]},{"name":"machine-user","children":[{"name":"README.md","path":"main/_global/machine-user/README.md","sha":"0d676a50c24d954dab8a57794e6790eb03d03e4e"},{"name":"terragrunt.hcl","path":"main/_global/machine-user/terragrunt.hcl","sha":"50b845d531ee85c0a109c6abba695a3fe7d5b89e"}]},{"name":"region.yaml","path":"main/_global/region.yaml","sha":"18b7823ed017b97431d58da7bcb9a4e31299272a"},{"name":"route53-public","children":[{"name":"README.md","path":"main/_global/route53-public/README.md","sha":"4757db7a8adde3d4af6a86f3ea20e050ae946a08"},{"name":"terragrunt.hcl","path":"main/_global/route53-public/terragrunt.hcl","sha":"06c315b032005358d2a3e6c5774f5b99ab64e681"}]},{"name":"service-linked-roles","children":[{"name":"README.md","path":"main/_global/service-linked-roles/README.md","sha":"45c1919cc5667b8d8ae25f09b3baf3078a7b36f9"},{"name":"terragrunt.hcl","path":"main/_global/service-linked-roles/terragrunt.hcl","sha":"398538ac8d92ed0160f303b029720592f81af280"}]}]},{"name":"empty.yaml","path":"main/empty.yaml","sha":"5aa66daa40faeaef37eccb7b4b0fcc792233cd7b"},{"name":"terragrunt.hcl","path":"main/terragrunt.hcl","sha":"3f362bb353e2d6e02f59294d7f7044da3a62b565"},{"name":"us-east-1","children":[{"name":"_global","children":[{"name":"README.md","path":"main/us-east-1/_global/README.md","sha":"37b828b038945a50e2e571ef1e755c4f9170e7cf"},{"name":"ecr-repos","children":[{"name":"README.md","path":"main/us-east-1/_global/ecr-repos/README.md","sha":"e7215127ffcf141002796e83ed1b9e9647ddbe22"},{"name":"terragrunt.hcl","path":"main/us-east-1/_global/ecr-repos/terragrunt.hcl","sha":"20c8ae6bd26f8cfd8fddcb8676cc109201bc49eb"}]},{"name":"sns-topics","children":[{"name":"README.md","path":"main/us-east-1/_global/sns-topics/README.md","sha":"05eb8a853eccf6465dc558bb9c57637fb4e9ccd3"},{"name":"terragrunt.hcl","path":"main/us-east-1/_global/sns-topics/terragrunt.hcl","sha":"81c92f821daf7077881a43678c717d485fc36401"}]}]},{"name":"mgmt","children":[{"name":"README.md","path":"main/us-east-1/mgmt/README.md","sha":"8a131a11632b97fec18a5e344d5c721fce24b652"},{"name":"env.yaml","path":"main/us-east-1/mgmt/env.yaml","sha":"b514ab3187ebfb5bf467c632f27a21f5a9611bfc"},{"name":"kms-master-key","children":[{"name":"README.md","path":"main/us-east-1/mgmt/kms-master-key/README.md","sha":"2affa3417a1b76f670e407330cb9dc62d01a521e"},{"name":"terragrunt.hcl","path":"main/us-east-1/mgmt/kms-master-key/terragrunt.hcl","sha":"5e24ee41d1565d3e026354e71a5ae7a362a206ea"}]},{"name":"openvpn-server","children":[{"name":"README.md","path":"main/us-east-1/mgmt/openvpn-server/README.md","sha":"93a2465ed5c720dd30b434aa36a2d28c4e0c7fcf"},{"name":"terragrunt.hcl","path":"main/us-east-1/mgmt/openvpn-server/terragrunt.hcl","sha":"aaf206a2c80987a888872ef7812bb93984cf26d1"}]},{"name":"vpc","children":[{"name":"README.md","path":"main/us-east-1/mgmt/vpc/README.md","sha":"495e2b8828a490c03ea7e153e695239f2bb92512"},{"name":"terragrunt.hcl","path":"main/us-east-1/mgmt/vpc/terragrunt.hcl","sha":"d6fad3a7e2397ea7bc62fa77ea6e138ec27e4335"}]}]},{"name":"prod","children":[{"name":"README.md","path":"main/us-east-1/prod/README.md","sha":"f15da18661ef3624d5f63deb288bad072e93df57"},{"name":"cloudwatch-dashboard","children":[{"name":"README.md","path":"main/us-east-1/prod/cloudwatch-dashboard/README.md","sha":"766cff97af8b2bbbdb90c2262c150b4d0bc88c62"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/cloudwatch-dashboard/terragrunt.hcl","sha":"ff055251d5427c0116d0e382f38c537b09db96ee"}]},{"name":"data-stores","children":[{"name":"elasticsearch","children":[{"name":"README.md","path":"main/us-east-1/prod/data-stores/elasticsearch/README.md","sha":"de10ddf77c3ae0b341ebbd7152f8d3c086d7ba20"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/data-stores/elasticsearch/terragrunt.hcl","sha":"736a4bdbdcc1b54dcd909671a76f09988c226436"}]},{"name":"kafka","children":[{"name":"README.md","path":"main/us-east-1/prod/data-stores/kafka/README.md","sha":"3681db5950b18676e92d6f00df190ff553c06404"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/data-stores/kafka/terragrunt.hcl","sha":"89d57ee0e689e1f28141c383924b03937b46fb3b"}]},{"name":"mysql","children":[{"name":"README.md","path":"main/us-east-1/prod/data-stores/mysql/README.md","sha":"3ff802dea2beeb94b34a9d2087fa1ce332702ba0"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/data-stores/mysql/terragrunt.hcl","sha":"681f993523ec8336c4f6be26a41ab1148b127ce8"}]},{"name":"redis","children":[{"name":"README.md","path":"main/us-east-1/prod/data-stores/redis/README.md","sha":"7f5426659066280ce18fad93eb14dd573e3de1b0"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/data-stores/redis/terragrunt.hcl","sha":"e7d7171695ad1ca039db9171ac31f1fb210f51f5"}]},{"name":"zookeeper","children":[{"name":"README.md","path":"main/us-east-1/prod/data-stores/zookeeper/README.md","sha":"3aa643354b946d75610e3a8d10e616e1080717bc"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/data-stores/zookeeper/terragrunt.hcl","sha":"ed94a3d0277beb71cd9500f1d29053e2f5b99f28"}]}]},{"name":"env.yaml","path":"main/us-east-1/prod/env.yaml","sha":"90e2d18e481b6e35ddc57391f752874ffc0058cf"},{"name":"kms-master-key","children":[{"name":"README.md","path":"main/us-east-1/prod/kms-master-key/README.md","sha":"7bf1a8da34427b8314d99904b01c20937604e1e0"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/kms-master-key/terragrunt.hcl","sha":"fb4afa8978a7b719c852756ac51883c5e87f5ab8"}]},{"name":"lambda","children":[{"name":"long-running-scheduled","children":[{"name":"README.md","path":"main/us-east-1/prod/lambda/long-running-scheduled/README.md","sha":"a6a7503b1168dd015618028f30b74aeb1ba7baf3"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/lambda/long-running-scheduled/terragrunt.hcl","sha":"c05243749ec7d3bd386c0563936b0f5e0b4bbbe6"}]},{"name":"s3-image-processing","children":[{"name":"README.md","path":"main/us-east-1/prod/lambda/s3-image-processing/README.md","sha":"1b149a62078c71549d77e59b0ea995f7181a7d8b"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/lambda/s3-image-processing/terragrunt.hcl","sha":"68b62dc42154055b1eaf522fd2240992df4d7814"}]}]},{"name":"networking","children":[{"name":"alb-internal","children":[{"name":"README.md","path":"main/us-east-1/prod/networking/alb-internal/README.md","sha":"5880e9468a3bf336b613dc7132b052ea89a0f99a"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/networking/alb-internal/terragrunt.hcl","sha":"7ad684cfd8fc90140bf149e0f7fa689a2bd6ace0"}]},{"name":"alb-public","children":[{"name":"README.md","path":"main/us-east-1/prod/networking/alb-public/README.md","sha":"5880e9468a3bf336b613dc7132b052ea89a0f99a"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/networking/alb-public/terragrunt.hcl","sha":"ad8fd584b78fdd026ac76554e60653f2c23cf765"}]},{"name":"route53-private","children":[{"name":"README.md","path":"main/us-east-1/prod/networking/route53-private/README.md","sha":"9160c66a0b04a407981db7bf9ee40dad8c5d9434"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/networking/route53-private/terragrunt.hcl","sha":"df4f82c4dc568fbe251eef10adbc28f1b1ccc263"}]}]},{"name":"services","children":[{"name":"ecs-cluster","children":[{"name":"README.md","path":"main/us-east-1/prod/services/ecs-cluster/README.md","sha":"560d730485383f188833313b77599681d146bdd7"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/ecs-cluster/terragrunt.hcl","sha":"38c41c4c8583f8569c2d37e51321acf4a0af6f5f"}]},{"name":"eks-cluster","children":[{"name":"README.md","path":"main/us-east-1/prod/services/eks-cluster/README.md","sha":"84d53a02559d844d8c62ee9d11a558265b3ae5b5"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/eks-cluster/terragrunt.hcl","sha":"e80ff0c733463d17c33d8c7062121e985d1cd1e8"}]},{"name":"eks-core-services","children":[{"name":"README.md","path":"main/us-east-1/prod/services/eks-core-services/README.md","sha":"298969aaf6db9c7e972cd735cef2d43cda899e3f"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/eks-core-services/terragrunt.hcl","sha":"1e8a88f4c8330f10848fea04daa719ab92c74d53"}]},{"name":"k8s-applications-namespace","children":[{"name":"README.md","path":"main/us-east-1/prod/services/k8s-applications-namespace/README.md","sha":"5e0a3640be89e96aece9e4ac8f8b7967e4d57056"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/k8s-applications-namespace/terragrunt.hcl","sha":"120cab356ca4590c262bd3b727d60f6c8294792b"}]},{"name":"k8s-sample-app-backend-acme","children":[{"name":"README.md","path":"main/us-east-1/prod/services/k8s-sample-app-backend-acme/README.md","sha":"4737c31d75b6d6c7565fa3d391177c9d3d022a5e"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/k8s-sample-app-backend-acme/terragrunt.hcl","sha":"c4e9d2aaad8a61ebcb1148800e50858e1023d959"}]},{"name":"k8s-sample-app-frontend-acme","children":[{"name":"README.md","path":"main/us-east-1/prod/services/k8s-sample-app-frontend-acme/README.md","sha":"43161374e0c977f15e8af04913e3554894ed2a82"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/k8s-sample-app-frontend-acme/terragrunt.hcl","sha":"9ab415e18bdf994e3b78f9a6ade6cd3b0fb87e5f"}]},{"name":"sample-app-backend-acme-asg","children":[{"name":"README.md","path":"main/us-east-1/prod/services/sample-app-backend-acme-asg/README.md","sha":"90c4b69a937239b4b51e99c4404360f4aba4edde"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/sample-app-backend-acme-asg/terragrunt.hcl","sha":"940d42befd46a394d63124cfd0d5830c6cea44b2"}]},{"name":"sample-app-backend-acme","children":[{"name":"README.md","path":"main/us-east-1/prod/services/sample-app-backend-acme/README.md","sha":"db3e1635aae0577080a9e2518633d4b5830a259a"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/sample-app-backend-acme/terragrunt.hcl","sha":"c2f4509348ff2f45c10901bbd06f7e409b888e14"}]},{"name":"sample-app-beanstalk","children":[{"name":"README.md","path":"main/us-east-1/prod/services/sample-app-beanstalk/README.md","sha":"27f6c3930f0621262b5dd0400f59e1122631da65"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/sample-app-beanstalk/terragrunt.hcl","sha":"2eaf051ae2cb3f4871be2cb78d3c9edec2da212e"}]},{"name":"sample-app-frontend-acme-asg","children":[{"name":"README.md","path":"main/us-east-1/prod/services/sample-app-frontend-acme-asg/README.md","sha":"ab9db3714676828cb0b766b5a3329f37115b1729"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/sample-app-frontend-acme-asg/terragrunt.hcl","sha":"2d6811f17d17c94bdf9f06c74bf74a3424555c3b"}]},{"name":"sample-app-frontend-acme","children":[{"name":"README.md","path":"main/us-east-1/prod/services/sample-app-frontend-acme/README.md","sha":"c0bc1f93aef1ab1bcf3e22aaec14a1744da74dfb"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/sample-app-frontend-acme/terragrunt.hcl","sha":"84c663da537b9e7485f4e3eff18ffaabfc90ff4b"}]},{"name":"static-website","children":[{"name":"README.md","path":"main/us-east-1/prod/services/static-website/README.md","sha":"16d262eab6ca158ae60d84010bc4804a948673cf"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/services/static-website/terragrunt.hcl","sha":"bb0530a96785e00136cb13da4dd2aca6583ba393"}]}]},{"name":"vpc","children":[{"name":"README.md","path":"main/us-east-1/prod/vpc/README.md","sha":"eb0cfd86345b2983b4a9c9572501728493bfcde4"},{"name":"terragrunt.hcl","path":"main/us-east-1/prod/vpc/terragrunt.hcl","sha":"5a5f20f83d3935f43b48c71b88c0f44443eb11ed"}]}]},{"name":"region.yaml","path":"main/us-east-1/region.yaml","sha":"d56afa3d82e6cea0d792e84748de56dafb0bad70"},{"name":"stage","children":[{"name":"README.md","path":"main/us-east-1/stage/README.md","sha":"b24ba21bf01baf19ff84a2de457697a757d905c5"},{"name":"cloudwatch-dashboard","children":[{"name":"README.md","path":"main/us-east-1/stage/cloudwatch-dashboard/README.md","sha":"766cff97af8b2bbbdb90c2262c150b4d0bc88c62"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/cloudwatch-dashboard/terragrunt.hcl","sha":"feb471fd97d340798fd7ea565195faf4c4328f82"}]},{"name":"data-stores","children":[{"name":"elasticsearch","children":[{"name":"README.md","path":"main/us-east-1/stage/data-stores/elasticsearch/README.md","sha":"de10ddf77c3ae0b341ebbd7152f8d3c086d7ba20"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/data-stores/elasticsearch/terragrunt.hcl","sha":"b65b647edff6298b3a5a010d8ebe13f022b7c54d"}]},{"name":"kafka","children":[{"name":"README.md","path":"main/us-east-1/stage/data-stores/kafka/README.md","sha":"3681db5950b18676e92d6f00df190ff553c06404"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/data-stores/kafka/terragrunt.hcl","sha":"5ba7184e22ee433462c2d05c97ad6bb47c13786b"}]},{"name":"mysql","children":[{"name":"README.md","path":"main/us-east-1/stage/data-stores/mysql/README.md","sha":"3ff802dea2beeb94b34a9d2087fa1ce332702ba0"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/data-stores/mysql/terragrunt.hcl","sha":"d5d7ac741e73afbce47d99af1cbb16219e8af208"}]},{"name":"redis","children":[{"name":"README.md","path":"main/us-east-1/stage/data-stores/redis/README.md","sha":"7f5426659066280ce18fad93eb14dd573e3de1b0"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/data-stores/redis/terragrunt.hcl","sha":"224dc41a716053b231af5c557d7fe95a67af6d51"}]},{"name":"zookeeper","children":[{"name":"README.md","path":"main/us-east-1/stage/data-stores/zookeeper/README.md","sha":"3aa643354b946d75610e3a8d10e616e1080717bc"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/data-stores/zookeeper/terragrunt.hcl","sha":"c084625c9b909a6e5c7cc45995752645e1a9a577"}]}]},{"name":"env.yaml","path":"main/us-east-1/stage/env.yaml","sha":"5767506e27e978f52524dadbbd8fb9f8ad115599"},{"name":"kms-master-key","children":[{"name":"README.md","path":"main/us-east-1/stage/kms-master-key/README.md","sha":"0fc848e518ff6551caae5f234b89f3f2c2a3b015"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/kms-master-key/terragrunt.hcl","sha":"49762d286ee1ed5b999973a5f82688c01bdcf679"}]},{"name":"lambda","children":[{"name":"long-running-scheduled","children":[{"name":"README.md","path":"main/us-east-1/stage/lambda/long-running-scheduled/README.md","sha":"a6a7503b1168dd015618028f30b74aeb1ba7baf3"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/lambda/long-running-scheduled/terragrunt.hcl","sha":"c05243749ec7d3bd386c0563936b0f5e0b4bbbe6"}]},{"name":"s3-image-processing","children":[{"name":"README.md","path":"main/us-east-1/stage/lambda/s3-image-processing/README.md","sha":"1b149a62078c71549d77e59b0ea995f7181a7d8b"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/lambda/s3-image-processing/terragrunt.hcl","sha":"2ab4fe1b159bfe0797662dee0c24aba8b9b3e106"}]}]},{"name":"networking","children":[{"name":"alb-internal","children":[{"name":"README.md","path":"main/us-east-1/stage/networking/alb-internal/README.md","sha":"c1c8edd637ebd686cc5d7675013d750b8ca4ad52"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/networking/alb-internal/terragrunt.hcl","sha":"d90749b2f63ce2187c0fb1ee95723a57fb7e4097"}]},{"name":"alb-public","children":[{"name":"README.md","path":"main/us-east-1/stage/networking/alb-public/README.md","sha":"c1c8edd637ebd686cc5d7675013d750b8ca4ad52"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/networking/alb-public/terragrunt.hcl","sha":"fc8f137af22da522f85614dc22de19f962bdb285"}]},{"name":"route53-private","children":[{"name":"README.md","path":"main/us-east-1/stage/networking/route53-private/README.md","sha":"9160c66a0b04a407981db7bf9ee40dad8c5d9434"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/networking/route53-private/terragrunt.hcl","sha":"df4f82c4dc568fbe251eef10adbc28f1b1ccc263"}]}]},{"name":"services","children":[{"name":"ecs-cluster","children":[{"name":"README.md","path":"main/us-east-1/stage/services/ecs-cluster/README.md","sha":"94916a4be4208e4c1e1e7b7ee0d6dfa2fbfaf38c"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/ecs-cluster/terragrunt.hcl","sha":"744840965cbe10f02eb8d363ee2407201be2baf9"}]},{"name":"eks-cluster","children":[{"name":"README.md","path":"main/us-east-1/stage/services/eks-cluster/README.md","sha":"6db608bd68f9b1d4ee2741d72b2949d0dcf3e33d"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/eks-cluster/terragrunt.hcl","sha":"40da930fe85423d42896eac63f0a084847d85f53"}]},{"name":"eks-core-services","children":[{"name":"README.md","path":"main/us-east-1/stage/services/eks-core-services/README.md","sha":"0311f74f5aca78b831407ac5396907ae792d2297"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/eks-core-services/terragrunt.hcl","sha":"b8d6845c4bbca33df0a3cde51cbe1ef597095050"}]},{"name":"k8s-applications-namespace","children":[{"name":"README.md","path":"main/us-east-1/stage/services/k8s-applications-namespace/README.md","sha":"c96645baedf7aba16fc04d003608c61f9353ff4a"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/k8s-applications-namespace/terragrunt.hcl","sha":"dbd60d465e5cbb46c8a9d21620dca06f9b70dd63"}]},{"name":"k8s-sample-app-backend-acme","children":[{"name":"README.md","path":"main/us-east-1/stage/services/k8s-sample-app-backend-acme/README.md","sha":"430e8d870a1f1895093df8cb4e88e0bf2bb82bc1"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/k8s-sample-app-backend-acme/terragrunt.hcl","sha":"479f85df9855c21e4f095d6251ce4ca6d127b08c"}]},{"name":"k8s-sample-app-frontend-acme","children":[{"name":"README.md","path":"main/us-east-1/stage/services/k8s-sample-app-frontend-acme/README.md","sha":"3efad94b3379996e29355319fbe2de5c426c71dc"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/k8s-sample-app-frontend-acme/terragrunt.hcl","sha":"e0035433fce291da1ce64e77370c20790a4f063d"}]},{"name":"sample-app-backend-acme-asg","children":[{"name":"README.md","path":"main/us-east-1/stage/services/sample-app-backend-acme-asg/README.md","sha":"e2d00c960fa47118b3010550ecddf1133518d5fa"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/sample-app-backend-acme-asg/terragrunt.hcl","sha":"91940573b9a659202289c6815bd9871e50ac4d20"}]},{"name":"sample-app-backend-acme","children":[{"name":"README.md","path":"main/us-east-1/stage/services/sample-app-backend-acme/README.md","sha":"4d0bc076e9d8a51bde996c7c9f77e91bcc3e6125"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/sample-app-backend-acme/terragrunt.hcl","sha":"e240269caa4c5e60e932ebed487cf688a4c22227"}]},{"name":"sample-app-beanstalk","children":[{"name":"README.md","path":"main/us-east-1/stage/services/sample-app-beanstalk/README.md","sha":"1b3f68cb5baac277414f45585221f7048b801c26"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/sample-app-beanstalk/terragrunt.hcl","sha":"4deb3dbc95ed927e33211e473868915c1f86b5b3"}]},{"name":"sample-app-frontend-acme-asg","children":[{"name":"README.md","path":"main/us-east-1/stage/services/sample-app-frontend-acme-asg/README.md","sha":"c4df19131aafdf152f08998a2d1121ccd58c4207"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/sample-app-frontend-acme-asg/terragrunt.hcl","sha":"1d8aaccc8608aa1c2b46338c592a10f27e5b3aea"}]},{"name":"sample-app-frontend-acme","children":[{"name":"README.md","path":"main/us-east-1/stage/services/sample-app-frontend-acme/README.md","sha":"20e39909320df4775e21dd2cea70f3dabdd94c1e"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/sample-app-frontend-acme/terragrunt.hcl","sha":"2597d32b7c9d865e9f3701aa7c02a30ee4deeb01"}]},{"name":"static-website","children":[{"name":"README.md","path":"main/us-east-1/stage/services/static-website/README.md","sha":"16d262eab6ca158ae60d84010bc4804a948673cf"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/services/static-website/terragrunt.hcl","sha":"9a9cb3c9830902ef05fd497bfd21028a7fac38df"}]}]},{"name":"vpc","children":[{"name":"README.md","path":"main/us-east-1/stage/vpc/README.md","sha":"d1e3f82de82c4b8f4eaca81b3a8ec63ed040a0b5"},{"name":"terragrunt.hcl","path":"main/us-east-1/stage/vpc/terragrunt.hcl","sha":"c2429ca5412fd6f0ff00e89dc4a1541e46b07d00"}]}]}]}]}]},"detailsContent":"<h1 class=\"preview__body--title\" id=\"how-the-code-is-organized\">How the code is organized</h1><div class=\"preview__body--border\"></div><p>Now that you have an idea of <a href=\"/repos/v0.0.1-01172020/infrastructure-live-acme/_docs/01-architecture-overview.md\" class=\"preview__body--description--blue\">what the architecture looks like</a>, <a href=\"/repos/v0.0.1-01172020/infrastructure-live-acme/_docs/02-whats-deployed.md\" class=\"preview__body--description--blue\">what's\ndeployed</a>, and <a href=\"/repos/v0.0.1-01172020/infrastructure-live-acme/_docs/03-security-compliance-compatibility.md\" class=\"preview__body--description--blue\">security compliance</a> it's time to look\ninto how the code is organized.</p>\n<p><img src=\"/repos/images/v0.0.1-01172020/infrastructure-live-acme/_docs/_images/terraform-code-provenance.png\" alt=\"Module Relationship\" class=\"preview__body--diagram\"></p>\n<ul>\n<li><a href=\"#infrastructure-live-acme\" class=\"preview__body--description--blue\">infrastructure-live-acme</a></li>\n<li><a href=\"#infrastructure-modules-acme\" class=\"preview__body--description--blue\">infrastructure-modules-acme</a></li>\n<li><a href=\"#gruntwork-infrastructure-as-code-library\" class=\"preview__body--description--blue\">Gruntwork Infrastructure as Code Library</a></li>\n<li><a href=\"#sample-apps\" class=\"preview__body--description--blue\">Sample apps</a></li>\n</ul>\n<h2 class=\"preview__body--subtitle\" id=\"infrastructure-live-acme\">infrastructure-live-acme</h2>\n<p>The repo you're looking at now is called <code>infrastructure-live-acme</code>. This repo represents the live, deployed\nstate of your AWS account(s). This code "instantiates" the modules in the infrastructure-modules-acme repo\n(described in the next section) in each of your environments (stage, prod, etc), setting the input variables for the\nmodule with values appropriate for that environment.</p>\n<p>This repo uses the following file/folder layout:</p>\n<pre><span class=\"hljs-tag\"><<span class=\"hljs-name\">account</span>></span>\n └ _global\n └ <span class=\"hljs-tag\"><<span class=\"hljs-name\">region</span>></span>\n └ _global\n └ <span class=\"hljs-tag\"><<span class=\"hljs-name\">environment</span>></span>\n └ <span class=\"hljs-tag\"><<span class=\"hljs-name\">resource</span>></span>\n └ terragrunt.hcl\n</pre>\n<p>The hierarchy of folders is as follows:</p>\n<ul>\n<li>\n<p><strong>Account</strong>: At the top level are each of your AWS accounts, such as <code>stage</code>, <code>prod</code>, <code>shared-services</code>, etc. If you\nhave everything deployed in a single AWS account, there will just be a single folder at the root (e.g. <code>main</code>).</p>\n</li>\n<li>\n<p><strong>Region</strong>: Within each account, there will be one or more <a href=\"http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html\" class=\"preview__body--description--blue\" target=\"_blank\">AWS\nregions</a>, such as\n<code>us-east-1</code>, <code>eu-west-1</code>, and <code>ap-southeast-2</code>, where you've deployed resources. There may also be a <code>_global</code>\nfolder that defines resources that are available across all the AWS regions in this account, such as IAM users,\nRoute 53 hosted zones, and CloudTrail.</p>\n</li>\n<li>\n<p><strong>Environment</strong>: Within each region, there will be one or more "environments", such as <code>qa</code>, <code>mgmt</code>, etc. Typically,\nan environment will correspond to a single <a href=\"https://aws.amazon.com/vpc/\" class=\"preview__body--description--blue\" target=\"_blank\">AWS Virtual Private Cloud (VPC)</a>, which\nisolates that environment from everything else in that AWS account. There may also be a <code>_global</code> folder\nthat defines resources that are available across all the environments in this AWS region, such as Route 53 A records,\nSNS topics, and ECR repos.</p>\n</li>\n<li>\n<p><strong>Resource</strong>: Within each environment, you deploy all the resources for that environment, such as EC2 Instances, Auto\nScaling Groups, ECS Clusters, Databases, Load Balancers, and so on. The deployment is done using\n<a href=\"/repos/terragrunt\" class=\"preview__body--description--blue\">Terragrunt</a>, which is a thin wrapper for Terraform that helps keep your\ncode DRY and maintainable.</p>\n</li>\n</ul>\n<p>The reason we keep each account, region, and environment in separate Terraform templates in separate folders is for\n<strong>isolation</strong>. This reduces the chances that when you're fiddling in, say, the staging environment in <code>us-west-2</code>, you\naccidentally break something in the prod environment in <code>us-east-1</code>. In fact, our setup also ensures that Terraform\nwill store the <a href=\"https://www.terraform.io/docs/state/\" class=\"preview__body--description--blue\" target=\"_blank\">state of your infrastructure</a> in separate files for each\nenvironment too, so in the (very rare) case that you totally corrupt your state in the stage environment, your prod\nenvironment should keep running just fine. Moreover, small modules run faster, the <code>plan</code> output is easier to read,\npermissions management is easier, testing is easier, and so on. See <a href=\"https://blog.gruntwork.io/5-lessons-learned-from-writing-over-300-000-lines-of-infrastructure-code-36ba7fadeac1\" class=\"preview__body--description--blue\" target=\"_blank\">Lessons Learned From Writing Over 300,000 Lines of\nInfrastructure Code</a>\nfor more info.</p>\n<h2 class=\"preview__body--subtitle\" id=\"infrastructure-modules-acme\">infrastructure-modules-acme</h2>\n<p>This infrastructure-modules-acme repo contains all of Acme's infrastructure code, broken down\ninto modules. Think of each module as an opinionated "blueprint" for how to deploy a particular piece of\ninfrastructure. Each module is meant to be reused across multiple environments, so any setting that may differ from\nenvironment to environment is exposed as an input variable.</p>\n<p>The advantages of this approach are:</p>\n<ol>\n<li>You can define reusable pieces of infrastructure in modules.</li>\n<li>You can test each module in isolation.</li>\n<li>You can version each module separately and thereby experiment with different versions of your infrastructure in\ndifferent environments (e.g. try a new database in staging before production).</li>\n</ol>\n<p>The modules are configured for and deployed to each environment in the infrastructure-live-acme repo, as\ndescribed in the previous section. Under the hood, many of the modules in the infrastructure-modules-acme repo\nmake use of Gruntwork modules, as described in the next section.</p>\n<h2 class=\"preview__body--subtitle\" id=\"gruntwork-infrastructure-as-code-library\">Gruntwork Infrastructure as Code Library</h2>\n<p>The <a href=\"https://gruntwork.io/infrastructure-as-code-library/\" class=\"preview__body--description--blue\" target=\"_blank\">Gruntwork Infrastructure as Code (IaC) Library</a> is a\ncollection of over 300,000 lines of reusable, battle-tested, production-grade infrastructure code for AWS, GCP, and\nAzure. Many of the modules in the infrastructure-modules-acme repo are using modules from the Gruntwork IaC\nLibrary under the hood.</p>\n<p>Check out <a href=\"https://gruntwork.io/guides/foundations/how-to-use-gruntwork-infrastructure-as-code-library/\" class=\"preview__body--description--blue\" target=\"_blank\">How to use the Gruntwork Infrastructure as Code Library</a>\nfor a detailed guide of how the IaC Library is designed and how to use it.</p>\n<h2 class=\"preview__body--subtitle\" id=\"sample-apps\">Sample apps</h2>\n<p>The Reference Architecture may include include sample applications that show best practices for building, packaging,\nand deploying applications:</p>\n<ul>\n<li><strong><a href=\"/repos/sample-app-frontend-acme\" class=\"preview__body--description--blue\">sample-app-frontend-acme</a></strong>: A sample frontend app.</li>\n<li><strong><a href=\"/repos/sample-app-backend-acme\" class=\"preview__body--description--blue\">sample-app-backend-acme</a></strong>: A sample backend app.</li>\n<li><strong><a href=\"/repos/infrastructure-modules-acme/lambda\" class=\"preview__body--description--blue\">lambda examples</a></strong>: Sample lambda functions.</li>\n</ul>\n<h2 class=\"preview__body--subtitle\" id=\"next-steps\">Next steps</h2>\n<p>Now that you know how to find the code, let's talk about how to <a href=\"/repos/v0.0.1-01172020/infrastructure-live-acme/_docs/05-dev-environment.md\" class=\"preview__body--description--blue\">Run an App in the Dev\nEnvironment</a>.</p>\n","repoName":"infrastructure-live-acme","repoRef":"v0.0.1-01172020","serviceDescriptor":{"serviceName":"Single-account Reference Architecture","serviceRepoName":"infrastructure-live-acme","serviceRepoOrg":"gruntwork-io","cloudProviders":["aws"],"description":"End-to-end tech stack designed to deploy into a single AWS account. Includes VPCs, EKS, ALBs, CI / CD, monitoring, alerting, VPN, DNS, and more.","imageUrl":"grunt.png","licenseType":"subscriber","technologies":["Terraform","Go","Bash","Python"],"compliance":[],"tags":[""]},"serviceCategoryName":"Reference Architecture","fileName":"04-how-code-is-organized.md","filePath":"/_docs/04-how-code-is-organized.md","title":"Repo Browser: Single-account Reference Architecture","description":"Browse the repos in the Gruntwork Infrastructure as Code Library."}
_docs
.gitignore
