AWS Infrastructure-as-Code modules
20 verified terraform modules for AWS, spanning AWS. Every artifact is statically validated (tofu validate + tflint + Checkov) and passes the publish gate before it appears here. Each ships an annotated terraform.tfvars.example and a perpetual licence with 12 months of updates.
16 of 20 AWS modules are live-tested — really applied to a cloud account, verified, then destroyed. The remaining 4 are static-validated, live-test pending. We never label a module “live-tested” unless it actually passed apply→verify→destroy.
All AWS modules
API Gateway HTTP API
HTTP API with routes, Lambda/ALB integrations, custom domain, JWT authorizers, and access logs.
$129.00
AWSApplication Load Balancer
ALB with HTTPS listeners, target groups, listener rules, and access logging — drop-in for ECS/EC2/Lambda targets.
$129.00
AWSAurora Cluster (Serverless v2 ready)
Aurora PostgreSQL/MySQL cluster with instances, parameter groups, Serverless v2 scaling, and enhanced monitoring.
$299.00
AWSAWS S3 Bucket (hardened)
Private S3 bucket with encryption, versioning, public-access block, and TLS-only policy.
$49.00
AWSCloudFront Site (S3 + ACM + Route53)
Complete HTTPS site/CDN: CloudFront distribution, OAC-locked S3 origin, ACM cert, and Route53 alias records.
$299.00
AWSCodeDeploy CI/CD (EC2 / ECS / Lambda)
CodeDeploy application, deployment groups, and the platform-correct service role for automated EC2/ECS/Lambda rollouts with auto-rollback on failure.
$129.00
AWSDynamoDB Table
DynamoDB table with GSIs/LSIs, TTL, streams, autoscaling or on-demand, and point-in-time recovery.
$49.00
AWSEC2 Instance
EC2 instance with IMDSv2, encrypted EBS, instance profile, and EIP — secure defaults out of the box.
$49.00
AWSECR Repository
ECR repo with lifecycle rules, scan-on-push, immutable tags, and cross-account/replication policies.
$49.00
AWSECS Fargate Service
Full Fargate stack: cluster, task definition, service with ALB integration, autoscaling, and Cloud Map discovery.
$299.00
AWSEKS Cluster with Managed Node Groups
Opinionated EKS cluster with node groups, core add-ons, Pod Identity, and KMS secret encryption.
$299.00
AWSIAM Roles, Policies & OIDC Trust
Least-privilege IAM roles, managed policies, and GitHub/EKS OIDC federation in one composable module.
$129.00
AWSKMS Key with Policy Patterns
Customer-managed KMS keys with sane key policies, aliases, rotation, and multi-region replicas.
$49.00
AWSLambda Function (Packaged & Wired)
Lambda with execution role, log group, triggers, aliases, and zip/container packaging handled.
$129.00
AWSProduction VPC (Multi-AZ)
Battle-tested multi-AZ VPC with public/private/database subnets, NAT, endpoints, and flow logs.
$129.00
AWSRDS Instance (PostgreSQL/MySQL)
Single-instance or Multi-AZ RDS with subnet/parameter/option groups, backups, and monitoring wired correctly.
$129.00
AWSSecrets Manager Secret
Secrets with versioning, resource policies, replication, and optional Lambda rotation scaffolding.
$49.00
AWSSecurity Group with Rule Presets
Security groups with named rule presets (https, postgres, redis...) using modern standalone rule resources.
$49.00
AWSSNS Topic with Subscriptions
SNS standard/FIFO topic with encryption, delivery policies, and SQS/Lambda/email subscriptions.
$49.00
AWSSQS Queue with DLQ
SQS standard/FIFO queue with dead-letter queue, redrive policy, SSE, and least-privilege queue policy.
$49.00