Posts

Day 21 - AWS Policy and Governance

Image
For Day 21 of my AWS Terraform learning journey, I worked on a mini project focused on AWS policy creation and governance setup. The goal was to build a small but practical governance foundation using Terraform, IAM policies, AWS Config, S3 security controls, and compliance rules. This project helped me understand how cloud governance is not just about creating resources. It is about continuously checking whether those resources follow security and compliance expectations. Project Goal The main goal of this project was to create a governance setup that can monitor AWS resources and detect misconfigurations. I implemented the following: IAM policies for security enforcement AWS Config recorder for continuous monitoring AWS Config delivery channel to store snapshots in S3 Seven AWS Config managed rules Secure S3 bucket for Config data Account password policy Required tagging checks Public access and encryption controls This is a good example of using infrastructure as code f...
Post a Comment
Read more

Day 20 - Deploying an Amazon EKS Cluster Using Custom Terraform Modules

Image
Introduction In this project, I deployed a complete Amazon EKS environment using Terraform custom modules. The goal of this implementation was to understand how production style Kubernetes infrastructure is organized using reusable Terraform modules instead of a single monolithic configuration file. The deployment included: Custom VPC across 3 Availability Zones Public and private subnets NAT Gateway IAM roles for EKS Amazon EKS cluster Managed node groups Spot and On Demand worker nodes IRSA and OIDC provider Kubernetes add-ons NGINX sample application deployment AWS LoadBalancer integration This project helped me better understand how Kubernetes networking, IAM, Terraform modules, and AWS managed services work together in real-world environments. Architecture Diagram Project Structure day20-eks-custom-modules/ ├── main.tf ├── variables.tf ├── outputs.tf ├── provider.tf ├── backend.tf ├── modules/ │ ├── vpc/ │ ├── iam/ │ ├── eks/ │ └── secrets-...
Post a Comment
Read more

Day 19 - Understanding Terraform Provisioners with AWS EC2 and Nginx

Image
Introduction For Day 19 of my challenge, I explored Terraform Provisioners using AWS EC2. In this demo, I used: local-exec file provisioner remote-exec The goal was to: Deploy an EC2 instance Copy a shell script into the server Install nginx automatically Validate the deployment from the browser This exercise also helped me understand why HashiCorp considers provisioners a “last resort” approach in production environments. Architecture Diagram Types of Terraform Provisioners local-exec provisioner "local-exec" { command = "echo ${self.public_ip} >> inventory.txt" } file Provisioner provisioner "file" { source = "welcome.sh" destination = "/tmp/welcome.sh" } remote-exec provisioner "remote-exec" { inline = [ "chmod +x /tmp/welcome.sh", "sudo /tmp/welcome.sh" ] } Terraform Deployment Initialize Terraform terraform init Validate Terraform Con...
Post a Comment
Read more