-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Michal Tomczuk edited this page Dec 5, 2022
·
2 revisions
-
Essentials (once per organization)
- terraform stage storage (S3 + Dynamo)
- terraform IAM user
-
Bootstrap (once per account)
- terraform admin policy
- terraform IAM role
-
Users, groups, privileges management
- Create user accounts
- Create user groups
- Setup policies
- Setup roles
-
DNS zones
- public zones
- private zones
-
Virtual network
- VPC
- IGW
- public subnets
- public subnets routing tables - via IGW
- NAT-GW - one, or one per region
- private subnets
- private subnets routing tables - via NAT-GW
- dedicated subnets for ELB
- security groups (?)
-
Virtual machine
- SSH keys management (deploy keys) or not?
- SSH authentication with Azure Active Directory - AWS alternative
-
Kubernetes service
- AKS deployment
- aws-auth config (to enable IAM logins)
- aws-logging config (to enable logs)
- service accounts & IAM role integration
-
Static page hosting (?)
- custom domain
- S3 backend
- ACM certificate
- Cloudfront CDN