account
This component is responsible for provisioning the full account hierarchy along with Organizational Units (OUs). It
Amazon Web Services provider.
View All TagsThis component is responsible for provisioning the full account hierarchy along with Organizational Units (OUs). It
This component is responsible for provisioning information only: it simply populates Terraform state with data (account
This component is responsible for requesting service quota increases. We recommend making requests here rather than in
This component is responsible for provisioning account level settings: IAM password policy, AWS Account Alias, EBS
This component is responsible for requesting an ACM certificate for a domain and adding a CNAME record to the DNS zone
This component creates a Helm release for
This component is responsible for creating an administrative stack and its
This component is responsible for provisioning a generic Application Load Balancer. It depends on the vpc and
This component creates a Helm release for
This component deploys a Kubernetes IngressClass resource for the AWS Load Balancer Controller. This is not often
This component provisions a Kubernetes Service that creates an ALB for a specific [IngressGroup].
This component is responsible for provisioning AWS Amplify apps, backend environments, branches, domain associations,
This component is responsible for setting the global, regional settings required to allow API Gateway to write to
This component is responsible for deploying an API Gateway REST API.
This component is responsible for provisioning an API Key for an Amazon Managed Grafana workspace.
This component is responsible for provisioning Argo CD.
This component is responsible for creating and managing an ArgoCD desired state repository.
This component is responsible for provisioning an Amazon Athena workgroup, databases, and related resources.
This component is responsible for provisioning Aurora MySQL RDS clusters. It seeds relevant database information
This component is responsible for provisioning Aurora MySQL resources: additional databases, users, permissions, grants,
This component is responsible for provisioning Aurora Postgres RDS clusters. It seeds relevant database information
This component is responsible for provisioning Aurora Postgres resources: additional databases, users, permissions,
This component is responsible for provisioning an AWS Backup Plan. It creates a schedule for backing up given ARNs.
This component is responsible for configuring AWS Config.
This component is responsible for provisioning an
This component is responsible for configuring Inspector V2 within an AWS Organization.
This component creates a Helm release for
This component is responsible for provisioning SAML metadata into AWS IAM as new SAML providers. Additionally, for an
This component is responsible for enabling AWS Shield Advanced Protection for the following resources:
This component is responsible for creating AWS SSO Permission Sets and creating AWS SSO Account Assignments, that
Deploys AWS ssosync to sync Google Groups with AWS SSO.
This component is responsible for provisioning user and system IAM roles outside the identity account. It sets them up
This component is responsible for provisioning all primary user and system roles into the centralized identity account.
This component is responsible for provisioning a generic Bastion host within an ASG with parameterized user_data and
This component provisions Glue catalog databases.
This component provisions Glue catalog tables.
This component creates a Helm release for cert-manager on a Kubernetes
This component is responsible for provisioning cloudtrail auditing in an individual account. It's expected to be used
This component is responsible for provisioning a bucket for storing cloudtrail logs for auditing purposes. It's expected
This component is responsible for creation of CloudWatch Log Streams and Log Groups.
This component is responsible for provisioning an end-to-end EKS Cluster, including managed node groups and Fargate
This component is responsible for provisioning and managing AWS Cognito resources.
This module creates an S3 bucket suitable for storing AWS Config data.
This component provisions Glue connections.
This component provisions Glue crawlers.
This component is responsible for provisioning an
This component is responsible for provisioning a dashboard an Amazon Managed Grafana workspace.
Useful submodule for other modules to quickly configure the datadog provider
This component installs the datadog-agent for EKS clusters.
This component is responsible for provisioning SSM or ASM entries for Datadog API keys.
This component is responsible for provisioning Datadog AWS integrations. It depends on the datadog-configuration
This component is responsible for provision all the necessary infrastructure to deploy
This component is responsible for provisioning Datadog Log Archives. It creates a single log archive pipeline for each
This component is responsible for provisioning Datadog monitors and assigning Datadog roles to the monitors.
This component is responsible for creating a datadog private location and deploying it to ECS (EC2 / Fargate)
This component provides the ability to implement
This component provisions a Datadog synthetics private location on Datadog and a private location agent on EKS cluster.
This component is responsible for provisioning a DNS zone which delegates nameservers to the DNS zone in the primary DNS
This component is responsible for provisioning the primary DNS zones into an AWS account. By convention, we typically
This component is responsible for provisioning DocumentDB clusters.
This component is responsible for provisioning a DynamoDB table.
This component is responsible for provisioning VPN Client Endpoints.
This component is responsible for provisioning a single EC2 instance.
This is copied from
This component is responsible for provisioning repositories, lifecycle rules, and permissions for streamlined ECR usage.
This component is responsible for provisioning an ECS Cluster and associated load balancer.
This component is responsible for creating an ECS service.
This component is responsible for provisioning an EFS Network File System with KMS
This component is responsible for provisioning ElastiCache Redis clusters.
This component is responsible for provisioning an Elasticsearch cluster with built-in integrations with Kibana and
This component provisions DMS endpoints.
The eventbridge component is a Terraform module that defines a CloudWatch EventBridge rule. The rule is pointed at
This component creates a Helm deployment for external-dns on a
This component (ESO) is used to create an external SecretStore configured to synchronize secrets from AWS SSM
This component is responsible for provisioning
This component deploys self-hosted GitHub Actions Runners and a
This component is responsible for authorizing the GitHub OIDC provider as an Identity provider for an AWS account. It is
This component is responsible for creating IAM roles for GitHub Actions to assume.
This component is responsible for provisioning EC2 instances for GitHub runners.
This component provisions a GitHub webhook for a single GitHub repository.
This component is responsible for provisioning AWS Global Accelerator and its listeners.
This component is responsible for provisioning a Global Accelerator Endpoint Group.
This component is responsible for configuring GuardDuty within an AWS Organization.
This component is responsible for provisioning an AWS Transit Gateway hub
This component provisions IAM roles required for DMS.
This component provisions IAM roles for AWS Glue.
This component is responsible for provisioning simple IAM roles. If a more complicated IAM role and policy are desired
This component is responsible for provisioning
This component installs the idp-roles for EKS clusters. These identity provider roles specify several pre-determined
This component is responsible for provisioning IPAM per region in a centralized account.
This component provisions Glue jobs.
This component provisions Karpenter on an EKS cluster. It requires at least version 0.32.0 of
This component deploys Karpenter NodePools to an EKS cluster.
This component is used to install the KEDA operator.
This component is responsible for provisioning an Amazon Kinesis data stream.
This component is responsible for provisioning a KMS Key.
This component is responsible for provisioning Amazon Lake Formation resources.
This component is responsible for provisioning Lambda functions.
Grafana Loki is a set of resources that can be combined into a fully featured logging stack. Unlike other logging
This component is responsible for provisioning a Loki data source for an Amazon Managed Grafana workspace.
This component is responsible for configuring Macie within an AWS Organization.
This component is responsible for provisioning an Amazon Managed Prometheus data source for an Amazon Managed Grafana
This component creates a Helm release for metrics-server is a
This component is responsible for provisioning an AmazonMQ broker and corresponding security group.
This component is responsible for provisioning Amazon Managed Streaming clusters for
This component provisions Amazon managed workflows for Apache Airflow.
This component is responsible for provisioning AWS Network Firewall resources,
This component is responsible for provisioning Opsgenie teams and related services, rules, schedules.
This component is responsible for provisioning the surrounding infrastructure for the github runners.
This component provisions the an Amazon Managed collector or scraper to connect Amazon Managed Prometheus (AMP) with an
Promtail is an agent which ships the contents of local logs to a Loki instance.
This component is responsible for provisioning an RDS instance. It seeds relevant database information (hostnames,
This component installs redis for EKS clusters. This is a Self Hosted Redis Cluster installed on EKS.
This component installs redis-operator for EKS clusters. Redis Operator creates/configures/manages high availability
This component is responsible for provisioning a RedShift instance. It seeds relevant database information (hostnames,
This component provisions Glue registries.
This component installs the Stakater Reloader for EKS clusters. reloader can
This component provisions DMS replication instances.
This component provisions DMS replication tasks.
This component is responsible for provisioning
This component is responsible for provisioning S3 buckets.
This component provisions Glue schemas.
This component is responsible for configuring Security Hub within an AWS Organization.
This component is responsible for provisioning SES to act as an SMTP gateway. The credentials used for sending email can
This component is responsible for provisioning SFTP Endpoints.
This component provisions a Site-To-Site VPN with a
This component sets up the requirements for all other Snowflake components, including creating the Terraform service
All data in Snowflake is stored in database tables, logically structured as collections of columns and rows. This
This component is responsible for provisioning an SNS topic.
This component is responsible for provisioning:
These components are responsible for setting up Spacelift and include three components: spacelift/admin-stack,
This component is responsible for creating and managing the spaces in the
This component is responsible for provisioning AWS Transit Gateway attachments
This component is responsible for creating an SQS queue.
This component is responsible for provisioning Parameter Store resources against AWS SSM. It supports normal parameter
This component reads sso credentials from SSM Parameter store and provides them as outputs
This component is responsible for provisioning StorageClasses in an EKS cluster. See the list of guides and references
This component provisions strongDM gateway, relay and roles
This component is responsible for provisioning an S3 Bucket and DynamoDB table that follow security best practices for
AWS Transit Gateway connects your Amazon Virtual Private Clouds (VPCs) and on-premises networks through a central hub.
This component provisions Glue triggers.
This component is responsible for provisioning a VPC and corresponding Subnets. Additionally, VPC Flow Logs can
This component is responsible for provisioning an encrypted S3 bucket which is configured to receive VPC Flow Logs.
This component is responsible for creating a peering connection between two VPCs existing in different AWS accounts.
This component is responsible for provisioning an AWS Web Application Firewall (WAF) with an associated managed rule
This component is responsible for provisioning Spacelift worker pools.
This component provisions Glue workflows.
This component is responsible for provisioning an Amazon Managed Grafana workspace.
This component is responsible for provisioning a workspace for Amazon Managed Service for Prometheus, also known as
This component is responsible for provisioning ZScaler Private Access Connector instances on Amazon Linux 2 AMIs.