aws-iac-patterns

What problem does it solve?

It solves the problem of building inconsistent, insecure, and hard-to-maintain AWS infrastructure with Terraform by providing proven multi-environment patterns for state management, least-privilege IAM, monitoring, and secrets handling.

Core Features & Use Cases

• Multi-environment Terraform structure: Organizes modules/ and environments/ (dev/staging/prod) with a shared global/ layer for IAM and a remote state backend.
• Secure remote state setup: Uses S3 for Terraform state with encryption (KMS) and DynamoDB for state locking to prevent concurrent writes.
• Reusable Terraform modules: Encourages composable modules (e.g., Lambda) with clean variables/outputs to speed up consistent infra creation.
• Least-privilege IAM policies: Provides policy patterns scoped to specific resources (no *) for DynamoDB, SQS, and secrets access.
• CloudWatch alerting patterns: Defines alarms for critical components like Lambda errors and DynamoDB throttling.
• Secrets management guidance: Chooses Secrets Manager vs Parameter Store appropriately, includes rotation strategy, and demonstrates runtime access.
• Mandatory tagging standard: Establishes required tags (environment/service/team/cost center/managed-by) applied across resources.

Quick Start

Ask the AI to generate a Terraform repo layout for dev/staging/prod AWS using the aws-iac-patterns conventions, then produce the S3+DynamoDB remote state config, a reusable Lambda module, and least-privilege IAM for DynamoDB/SQS plus Secrets Manager access.