🚀 NaN Labs' Terraform AWS Modules

Deploy Production Infrastructure in Minutes, Not Months

🔥 Battle-tested • 🔒 Security-first • 💰 Cost-optimized • 🚀 Developer-friendly

From MVP to Enterprise: Infrastructure that scales with your business

---

🧭 TL;DR

Deploy production-grade AWS building blocks fast with battle-tested Terraform modules (secure defaults, full customization, clear docs).

# Try the smallest stack (~$46/mo)
git clone https://github.com/nanlabs/terraform-aws-modules.git
cd terraform-aws-modules/examples/simple-web-app
terraform init && terraform apply

Need something bigger? Jump to the example catalog or full module list below.

✨ Why These Modules?

Secure by default, production-proven, cost-aware, and fully overridable. Built to scale from MVP to multi-account enterprise without rewriting your Terraform.

Show feature matrix

• 🛡️ Reliability: Multi‑AZ patterns, zero‑downtime friendly changes, safe defaults that avoid accidental data loss.
• 🔐 Security: KMS encryption everywhere, least‑privilege IAM surfaces, GitHub OIDC (keyless CI), optional CloudTrail + Config integration.
• 💰 Cost Awareness: Right‑sized defaults, opt‑in NAT / Transit Gateway, lifecycle policies for cold data, no hidden always‑on extras.
• 📊 Observability: VPC Flow Logs ready, log/metrics hooks, consistent naming for tracing & tagging, surfaces for future dashboards.
• 🧪 Developer Experience: Consistent variable names, “complete wrapper” philosophy, rich runnable examples, auto‑generated docs.
• 🧩 Extensibility: All upstream module variables & outputs exposed, composable building blocks, feature flags instead of forks.

🎪 Examples

Pick a starting point:

Tier	Example	What You Get	Est. Cost*
Starter	🌐 Simple Web App	Minimal VPC + one compute entrypoint (low cost)	~$46
Growth	⚙️ Medium Complexity	EKS + RDS + Bastion (microservices base)	~$300
Enterprise	🏢 Complete Enterprise	Full platform: multi-AZ network, EKS, RDS (HA), MSK, TGW	~$940

Need data / security / networking patterns? See the expanded catalog.

Full example catalog (with costs & focus areas)

Example	Core Services	Focus	Est. Cost*
🌐 Simple Web App	VPC + minimal compute	MVP / quick start	~$46
⚙️ Medium Complexity	VPC, EKS, RDS, Bastion	Microservices staging	~$300
🏢 Complete Enterprise	VPC (multi-AZ), EKS, RDS (HA), MSK, TGW, encryption	Production foundation	~$940
🔐 Secure Multi-Environment Data Platform	CloudTrail, Config, Data Lake, Glue, KMS	Compliance & governance	~$420
🛰️ Hub & Spoke Networking	Transit Gateway + multi-VPC	Segmentation / org networking	~$160
📊 Analytics + Document Store	Data Lake, DocumentDB, MSK, Glue	Hybrid analytics (structured + doc)	~$780
🔄 Data Processing Pipeline	Data Lake, Glue Jobs + Workflow	Batch ETL / curation	~$180
🧩 Multi-Account Data Platform (Simulated)	Central KMS, TGW, Data Lake, Glue, Bastion	Multi-account pattern	~$210

*Estimates at authoring time, us-east-1 on-demand, minimal throughput. Validate with AWS Pricing Calculator / Infracost before production.

Tip

New here? Jump to the Usage Guide or scan the modules below.

🎯 Motivation

Building and maintaining infrastructure across cloud providers can become repetitive and error-prone. This repository consolidates reusable Terraform modules following best practices, allowing your team to provision infrastructure efficiently, securely, and consistently—whether it's an AWS VPC, a Kubernetes cluster, or a MongoDB Atlas database.

📦 Modules Overview

Highly opinionated wrappers around official modules—simple defaults, full override capability.

Categories:

• Network & Access: VPC, Bastion, Transit Gateway (+ Spokes), Shared Networking
• Compute & Orchestration: EKS, Amplify
• Data & Analytics: RDS / Aurora, MSK, DocumentDB, Data Lake infra & encryption, Glue suite
• Security & Governance: CloudTrail, Config, GitHub OIDC, TF State Backend
• Multi-Cloud: MongoDB Atlas

Show full module catalog

Module	Description	Use Cases
🌐 AWS VPC	VPC with subnets, flow logs, sane defaults	Network foundation, multi-AZ setup
⚡ AWS EKS	Managed Kubernetes + addons wrapper	Microservices, container orchestration
🗄️ AWS RDS	Relational DB (backups, monitoring)	Application persistence
🗄️ AWS RDS Aurora	High-performance Aurora cluster	HA & read scaling
📨 AWS MSK	Managed Kafka (secure & multi-AZ)	Event streaming, pipelines
🏰 AWS Bastion	SSM-based secure jump host	Admin access, troubleshooting
📊 AWS DocumentDB	MongoDB-compatible document store	Flexible JSON workloads
👤 AWS IAM Role	Opinionated IAM role creation	Least-privilege access
🌍 AWS Amplify App	Frontend hosting & CI/CD	Static & SPA delivery
🔐 AWS CloudTrail	Central activity logging	Audit & compliance
🛡️ AWS Config	Resource config tracking & rules	Governance & drift detection
🧱 AWS Data Lake Encryption	Central KMS (S3 + Glue keys)	Unified encryption & rotation
🗃️ AWS Data Lake Infrastructure	Medallion S3 layout scaffold	Bronze/Silver/Gold zoning
🧬 AWS Glue Code Registry	Schema/code registry	ETL governance
📚 AWS Glue Data Lake Catalog	Catalog databases / tables	Metadata discovery
🛠️ AWS Glue Jobs	Map-based multi Glue jobs	Batch / Spark ETL
🔄 AWS Glue Workflow	Workflow & trigger orchestration	Chained ETL processes
✈️ AWS Transit Gateway	Central routing hub	Multi-VPC topology
🛰️ AWS Transit Gateway Spoke	VPC attachment wrapper	Hub & spoke expansion
🕸️ AWS Shared Networking	Shared services networking layer	Central endpoints & DNS
📦 AWS TF State Backend	S3 + DynamoDB state backend	Remote state & locking
🔐 AWS GitHub OIDC Provider	OIDC federation for CI	Keyless deployments

Other Cloud Providers

Module	Description	Use Cases
🍃 MongoDB Atlas Cluster	Managed multi-cloud MongoDB	Global & serverless data

🚀 Quick Module Usage

Each module is designed to be plug-and-play with sensible defaults, yet highly customizable for complex requirements.

module "vpc" {
  source = "git::https://github.com/nanlabs/terraform-aws-modules.git//modules/aws-vpc?ref=v0.2.0"

  vpc_cidr = "10.0.0.0/16"
  # That's it! VPC with best practices is ready 🎉
}

📖 See the Usage Guide for advanced patterns (version pinning, multi-account, remote state, KMS sharing).

🎯 Ready to Get Started?

🚀 Quick Start	📚 Learn More	🤝 Get Help
Browse Examples	Read Documentation	Join Discussions
Pick an example that fits your needs	Understand best practices	Ask questions, share ideas

⭐ If this project helps you, please consider giving it a star! ⭐

🤝 Contributing

We love contributions! Whether you're:

• 🐛 Reporting bugs or suggesting improvements
• 📝 Improving documentation or adding examples
• 🚀 Adding new modules or enhancing existing ones
• 💡 Sharing ideas for new features

Every contribution matters! Check our Contributing Guidelines to get started.

🌟 Ways to Contribute

1. Star this repo - It helps others discover these modules
2. Share your experience - Write a blog post or tweet about your usage
3. Submit feedback - Open issues with suggestions or bug reports
4. Code contributions - Submit PRs for new features or fixes
5. Documentation - Help improve guides and examples

📚 Documentation

📖 Guide	🎯 Purpose
📚 Usage Guide	Complete module usage, versioning, and advanced patterns
🛠️ Development Setup	Set up your development environment
📦 Modules Guide	How to use and create modules
⭐ Best Practices	Module design, security, and guidelines
🚀 Versioning Strategy	Release management and versioning
🔄 GitHub Actions	CI/CD workflows and automation
🤝 Contributing	How to contribute to this repository

📚 Additional Resources

• 🚀 Awesome NAN - Best practices and resources
• 📖 Terraform Documentation - Official Terraform docs
• ☁️ AWS Provider Documentation - AWS provider reference
• 💬 NaN Labs Blog - Technical articles and insights

License

This project is licensed under the MIT License - see the LICENSE file for details.

👥 Contributors

Made with contributors-img.

---

🌟 Built with ❤️ by NaN Labs

🚀 Accelerating development through proven technology solutions