Skip to content

desgee/Bank_Infrastructure_AWS

Repository files navigation

Terraform EKS & Database Deployment

This repository contains the infrastructure-as-code (IaC) setup using Terraform to deploy a complete AWS environment, including VPC, EKS (Kubernetes), RDS database, and DNS.


📁 Project Structure

Bank-Infrastructure/
├── environments/
│   ├── dev/                   # Development deployment root
│   │   ├── main.tf
│   │   ├── provider.tf
│   │   ├── variables.tf
│   │   └── terraform.tfvars
│   └── prod/                  # Production deployment root
│       ├── main.tf
│       ├── provider.tf
│       ├── variables.tf
│       └── terraform.tfvars
├── module-database/           # Terraform module to deploy RDS MySQL
├── module-dns/                # Terraform module for Route53 DNS records
├── module-eks/                # Terraform module to deploy EKS cluster and tooling
├── module-vpc/                # Terraform module to provision VPC and networking
├── .gitignore                 # Ignore local state, secrets, and temp files
├── backend.tf                 # Optional shared backend config for root workspace
├── main.tf                    # Existing root entry point (not used by env roots)
├── output.tf                  # Existing root outputs
├── readme.MD                  # This file
├── terraform.tfvars           # Existing shared tfvars file
└── variable.tf                # Existing shared variables file

✅ Environment usage

Run Terraform from the environment folder you want to deploy:

  • cd environments/dev && terraform init
  • cd environments/prod && terraform init

Each environment folder provides its own input values via terraform.tfvars and sets environment = "dev" or environment = "prod".

🧩 Modules

The shared modules are:

  • module-vpc/ for VPC, subnets, NAT gateways, and network security
  • module-eks/ for EKS cluster, node group, IAM roles, Helm charts
  • module-dns/ for Route53 hosted zone and DNS records
  • module-database/ for RDS MySQL deployment

🏗️ Resources provisioned

This deployment creates the following AWS resources:

  • VPC with public subnet -frontend, private subnet - backend, and private subnet -database
  • Internet Gateway and NAT Gateways
  • Public and private route tables with associations
  • Security group for MySQL access
  • EKS cluster with managed node group
  • IAM roles and policies for EKS cluster and worker nodes
  • Helm-deployed NGINX ingress controller
  • Route53 hosted zone and DNS records for application hostnames
  • RDS MySQL instance with DB subnet group

🔐 Secrets and ignored files

Do not commit sensitive values such as:

  • db_username
  • db_password
  • any local tfstate files
  • any .env or private key files

The repo .gitignore already excludes:

  • .terraform/
  • .terraform.lock.hcl
  • *.tfstate
  • *.tfstate.backup
  • *.pem
  • *.key
  • .env

📌 Notes

  • prod is the production environment.
  • dev is the development environment.
  • Both env roots reuse the same modules but with separate configuration values.

Architecture

Project Architecture

About

No description or website provided.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages