152 docs tagged with "provider/aws"

This component is responsible for provisioning the full account hierarchy along with Organizational Units (OUs)

This component is responsible for provisioning information only: it simply populates Terraform state with data (account ids, groups, and roles) that other root modules need via outputs

This component is responsible for requesting service quota increases

This component is responsible for provisioning account level settings: IAM password policy, AWS Account Alias, EBS encryption, and Service Quotas

This component is responsible for requesting an ACM certificate for a domain and adding a CNAME record to the DNS zone to complete certificate validation

This component creates a Helm release for [actions-runner-controller](https://github

This component is responsible for creating an administrative [stack](https://docs

This component is responsible for provisioning a generic Application Load Balancer

This component creates a Helm release for [alb-controller](https://github

This component deploys a Kubernetes `IngressClass` resource for the AWS Load Balancer Controller

This component provisions a Kubernetes Service that creates an ALB for a specific [IngressGroup]

This component is responsible for provisioning AWS Amplify apps, backend environments, branches, domain associations, and webhooks

This component is responsible for setting the global, regional settings required to allow API Gateway to write to CloudWatch logs

This component is responsible for deploying an API Gateway REST API

This component is responsible for provisioning an API Key for an Amazon Managed Grafana workspace

This component is responsible for provisioning [Argo CD](https://argoproj

This component is responsible for creating and managing an ArgoCD desired state repository

This component is responsible for provisioning an Amazon Athena workgroup, databases, and related resources

This component is responsible for provisioning Aurora MySQL RDS clusters

This component is responsible for provisioning Aurora MySQL resources: additional databases, users, permissions, grants, etc

This component is responsible for provisioning Aurora Postgres RDS clusters

This component is responsible for provisioning Aurora Postgres resources: additional databases, users, permissions, grants, etc

This component is responsible for provisioning an AWS Backup Plan

This component is responsible for configuring AWS Config

This component is responsible for provisioning an [AWS Inspector](https://docs

This component is responsible for configuring Inspector V2 within an AWS Organization

This component is responsible for provisioning SAML metadata into AWS IAM as new SAML providers

This component is responsible for enabling AWS Shield Advanced Protection for the following resources: - Application Load Balancers (ALBs) - CloudFront Distributions - Elastic IPs - Route53 Hosted Zones This component assumes that resources it is configured to protect are not already protected by other components that have their `xxx_aws_shield_protection_enabled` variable set to `true`

Deploys [AWS ssosync](https://github

This component is responsible for provisioning user and system IAM roles outside the `identity` account

This component is responsible for provisioning all primary user and system roles into the centralized identity account

This component is responsible for provisioning a generic Bastion host within an ASG with parameterized `user_data` and support for AWS SSM Session Manager for remote access with IAM authentication

This component provisions Glue catalog databases

This component provisions Glue catalog tables

This component creates a Helm release for [cert-manager](https://github

This component is responsible for provisioning cloudtrail auditing in an individual account

This component is responsible for provisioning a bucket for storing cloudtrail logs for auditing purposes

This component is responsible for creation of CloudWatch Log Streams and Log Groups

This component is responsible for provisioning an end-to-end EKS Cluster, including managed node groups and Fargate profiles

This component is responsible for provisioning and managing AWS Cognito resources

This module creates an S3 bucket suitable for storing `AWS Config` data

This component provisions Glue connections

This component provisions Glue crawlers

This component is responsible for provisioning a dashboard an Amazon Managed Grafana workspace

This component installs the `datadog-agent` for EKS clusters

This component is responsible for provisioning SSM or ASM entries for Datadog API keys

This component is responsible for provisioning Datadog AWS integrations

This component is responsible for provision all the necessary infrastructure to deploy [Datadog Lambda forwarders](https://github

This component is responsible for provisioning Datadog Log Archives

This component is responsible for provisioning Datadog monitors and assigning Datadog roles to the monitors

This component is responsible for creating a datadog private location and deploying it to ECS (EC2 / Fargate) ## Usage **Note** The app key required for this component requires admin level permissions if you are using the default roles

This component provides the ability to implement [Datadog synthetic tests](https://docs

This component provisions a Datadog synthetics private location on Datadog and a private location agent on EKS cluster

This component is responsible for provisioning a DNS zone which manages subdomains delegated from a DNS zone in the primary DNS account

This component is responsible for provisioning the primary DNS zones into an AWS account

This component is responsible for provisioning DocumentDB clusters

This component is responsible for provisioning a DynamoDB table

This component is responsible for provisioning VPN Client Endpoints

This component is responsible for provisioning a single EC2 instance

This is copied from [cloudposse/terraform-aws-components](https://github

This component is responsible for provisioning repositories, lifecycle rules, and permissions for streamlined ECR usage

This component is responsible for provisioning an ECS Cluster and associated load balancer

This component is responsible for creating an ECS service

This component is responsible for provisioning an [EFS](https://aws

This component is responsible for provisioning [ElastiCache Redis](https://aws

This component is responsible for provisioning an Elasticsearch cluster with built-in integrations with Kibana and Logstash

This component provisions DMS endpoints

The `eventbridge` component is a Terraform module that defines a CloudWatch EventBridge rule

This component creates a Helm deployment for [external-dns](https://github

This component (ESO) is used to create an external `SecretStore` configured to synchronize secrets from AWS SSM Parameter store as Kubernetes Secrets within the cluster

This component is responsible for provisioning [Github Action Token Rotator](https://github

This component deploys self-hosted GitHub Actions Runners and a [Controller](https://docs

This component is responsible for authorizing the GitHub OIDC provider as an Identity provider for an AWS account

This component is responsible for creating IAM roles for GitHub Actions to assume

This component is responsible for provisioning EC2 instances for GitHub runners

This component provisions a GitHub webhook for a single GitHub repository

This component is responsible for provisioning AWS Global Accelerator and its listeners

This component is responsible for provisioning a Global Accelerator Endpoint Group

This component is responsible for configuring GuardDuty within an AWS Organization

This component is responsible for provisioning an [AWS Transit Gateway](https://aws

This component is responsible for provisioning an [AWS Transit Gateway Peering Connection](https://aws

This component provisions IAM roles required for DMS

This component provisions IAM roles for AWS Glue

This component is responsible for provisioning simple IAM roles

This component is responsible for provisioning [IAM Service-Linked Roles](https://docs

This component is responsible for creating [AWS SSO Permission Sets][1] and creating AWS SSO Account Assignments, that is, assigning IdP (Okta) groups and/or users to AWS SSO permission sets in specific AWS Accounts

This component installs the `idp-roles` for EKS clusters

This component is responsible for provisioning IPAM per region in a centralized account

This component provisions Glue jobs

This component provisions [Karpenter](https://karpenter

This component deploys [Karpenter NodePools](https://karpenter

This component is used to install the KEDA operator

This component is responsible for provisioning an Amazon Kinesis data stream

This component is responsible for provisioning a KMS Key

This component is responsible for provisioning Amazon Lake Formation resources

This component is responsible for provisioning Lambda functions

Grafana Loki is a set of resources that can be combined into a fully featured logging stack

This component is responsible for provisioning a Loki data source for an Amazon Managed Grafana workspace

This component is responsible for configuring Macie within an AWS Organization

This component is responsible for provisioning an Amazon Managed Prometheus data source for an Amazon Managed Grafana workspace

This component creates a Helm release for [metrics-server](https://github

This component is responsible for provisioning an AmazonMQ broker and corresponding security group

This component is responsible for provisioning [Amazon Managed Streaming](https://aws

This component provisions Amazon managed workflows for Apache Airflow

This component is responsible for provisioning [AWS Network Firewall](https://aws

This component creates a Helm release for [aws-node-termination-handler](https://github

This component is responsible for provisioning Opsgenie teams and related services, rules, schedules

This component is responsible for provisioning the surrounding infrastructure for the github runners

This component provisions the an Amazon Managed collector or scraper to connect Amazon Managed Prometheus (AMP) with an EKS cluster

Promtail is an agent which ships the contents of local logs to a Loki instance

This component is responsible for provisioning an RDS instance

This component installs `redis` for EKS clusters

This component installs `redis-operator` for EKS clusters

This component is responsible for provisioning a RedShift instance

This component provisions Glue registries

This component installs the [Stakater Reloader](https://github

This component provisions DMS replication instances

This component provisions DMS replication tasks

This component is responsible for provisioning [Route 53 Resolver DNS Firewall](https://docs

This component is responsible for provisioning an RunsOn (https://runs-on

This component is responsible for provisioning S3 buckets

This component provisions Glue schemas

This component is responsible for configuring Security Hub within an AWS Organization

This component is responsible for provisioning SES to act as an SMTP gateway

This component is responsible for provisioning SFTP Endpoints

This component provisions a [Site-To-Site VPN](https://aws

This component sets up the requirements for all other Snowflake components, including creating the Terraform service user

All data in Snowflake is stored in database tables, logically structured as collections of columns and rows

This component is responsible for provisioning an SNS topic

This component is responsible for provisioning: - S3 bucket - CloudFront distribution for a Single Page Application - ACM placed in us-east-1 regardless of the stack region (requirement of CloudFront) NOTE: The component does not use the ACM created by `dns-delegated`, because the ACM region has to be us-east-1

These components are responsible for setting up Spacelift and include three components: spacelift/admin-stack,

This component provisions the `WorkerPool` part of the [Kubernetes Operator](https://docs

This component provisions the controller part of the [Kubernetes Operator](https://docs

This component is responsible for creating and managing the [spaces](https://docs

This component is responsible for provisioning [AWS Transit Gateway](https://aws

This component is responsible for creating an SQS queue

This component is responsible for provisioning Parameter Store resources against AWS SSM

This component reads sso credentials from SSM Parameter store and provides them as outputs ## Usage **Stack Level**: Regional Use this in the catalog or use these variables to overwrite the catalog values

This component is responsible for provisioning `StorageClasses` in an EKS cluster

This component provisions [strongDM](https://www

This component is responsible for provisioning an S3 Bucket and DynamoDB table that follow security best practices for usage as a Terraform backend

AWS Transit Gateway connects your Amazon Virtual Private Clouds (VPCs) and on-premises networks through a central hub.

This component provisions Glue triggers

This component is responsible for provisioning a VPC and corresponding Subnets

This component is responsible for provisioning an encrypted S3 bucket which is configured to receive VPC Flow Logs

This component is responsible for creating a peering connection between two VPCs existing in different AWS accounts

This component is responsible for provisioning an AWS Web Application Firewall (WAF) with an associated managed rule group

This component is responsible for provisioning Spacelift worker pools

This component provisions Glue workflows

This component is responsible for provisioning an Amazon Managed Grafana workspace

This component is responsible for provisioning a workspace for Amazon Managed Service for Prometheus, also known as Amazon Managed Prometheus (AMP)

This component is responsible for provisioning ZScaler Private Access Connector instances on Amazon Linux 2 AMIs