Infrastructure as Code Library

A collection of reusable, battle-tested, production-ready infrastructure code.

You don't have to reinvent the wheel

Most teams have the same basic infrastructure needs: server cluster, load balancer, database, cache, CI/CD, monitoring, secrets management, and so on. Why waste time building it all from scratch? At Gruntwork, we are a team of DevOps experts who have spent thousands of hours writing reusable infrastructure code, and now you can leverage all of it with the Infrastructure as Code Library.

Infrastructure as Code Library Features

Infrastructure as Code
Infrastructure as Code

Written in Terraform, Go, Python, and Bash

Documented
Documented

Includes example code and thorough documentation

Tested
Tested

Every commit goes through a suite of automated tests

Reusable
Reusable

Highly reusable, configurable, and composable

Proven
Proven

Proven in production with dozens of Gruntwork Customers

Supported
Supported

Commercially maintained and supported by Gruntwork

Updated
Updated

We continually make updates, additions, and fixes to the library

Full Code Access
Full Code Access

You get access to 100% of the code

No Lock-In
No Lock-In

If you ever choose to cancel, you keep rights to all the code

Infrastructure Packages

Network Topology

Create a best-practices Virtual Private Cloud (VPC). Includes multiple subnet tiers, network ACLs, security groups, NAT gateways, and VPC peering.

View Public Docs

AWS

Monitoring & Alerting

Configure monitoring, log aggregation, and alerting using CloudWatch, SNS, and S3. Includes Slack integration.

View Public Docs

AWS

Amazon ECS Docker Cluster

Deploy a best-practices ECS Cluster. Includes zero-downtime, rolling deployments, auto scaling, and experimental support for CUDA on ECS.

View Public Docs

AWS

AMI Cluster

Deploy Amazon Machine Images (AMIs) on top of an Auto Scaling Group. Supports zero-downtime, rolling deployment of new AMI versions, load balancing, health checks, service discovery, and auto scaling.

View Public Docs

AWS

Lambda

Deploy and manage Lambda functions with Terraform. Automatically upload source code, configure environment variables, create an IAM Role, associate with a VPC. enable versioning/aliasing. Also supports scheduled Lambdas and dead letter targets.

View Full Repo (subscribers only)

AWS

Security

A collection of security best practices for managing secrets, credentials, and servers. Includes streamlined support for CloudTrail, KMS, SSH key management via IAM, IAM Groups, and OS hardening.

View Public Docs

AWS GCP Azure

Continuous Delivery

A collection of bash scripts and Terraform code that implement common CI tasks including building a Docker image, building a Packer image, updating Terraform code, pushing to git, sharing or making AMIs public, and configuring the build environment.

View Public Docs

AWS GCP Azure

Relational Database

Run MySQL, Postgres, MariaDB, or Amazon Aurora on Amazon’s Relational Database Service (RDS). Creates the database, sets up replicas, configures multi-zone automatic failover and automatic backup.

View Public Docs

AWS

Distributed Cache

Run Redis or Memcached clusters using Amazon’s ElastiCache Service. Creates the cluster, sets up replicas, configures multi-zone automatic failover and automatic backup.

View Public Docs

AWS

Stateful Server

Set up a best-practices deployment of a single, stateful server on top of AWS, such as Jenkins or WordPress. Supports EBS volume re-attachment, and a scheduled Lambda job to backup the Instance on a cron schedule. Includes alarm if backup jobs fail.

View Public Docs

AWS

Static Assets

Deploy your static content and static websites on S3, optionally with a CloudFront distribution in front of it as a CDN. Includes bucket versioning, access logging, cache settings, Route 53 DNS entries, and TLS certs.

View Full Repo (subscribers only)

AWS

MongoDB Cluster

Deploy a MongoDB cluster, including replica sets, sharding, an automated bootstrapping process, backup, recovery, and OS optimizations.

View Full Repo (subscribers only)

AWS

Kafka

Deploy a cluster of Apache brokers that can automatically bootstrap themselves. Includes support for automatically discovering a ZooKeeper cluster, EBS Volumes for better log performance, automated zero-downtime rolling deployment, end-to-end encryption, OS optimizations, and security groups and IAM policy configuration.

View Full Repo (subscribers only)

AWS

ZooKeeper

Deploy an Apache ZooKeeper cluster that can automatically bootstrap itself. Includes support for Exhibitor as a process supervisor and management UI for ZooKeeper, static IP addresses (ENIs), EBS Volumes for better transaction log performance, automated zero-downtime rolling deployment, automatic recovery of failed servers, and security groups and IAM policy configuration.

View Full Repo (subscribers only)

AWS

OpenVPN Server

Deploy an OpenVPN server and manage user accounts using IAM groups. Includes automatic install and configuration of a high-availability OpenVPN server, public key infrastructure (PKI), data backup, IAM policies, security groups, and cross-platform apps to automatically request and revoke credentials.

View Full Repo (subscribers only)

AWS

Messaging

Create SQS queues with support for FIFO, message retention, message delays, content-based deduplication, dead-letter queues, and IP-based access controls. Create SNS topics with configurable IAM and delivery policies. Create Kinesis streams with configurable or auto-calculated shard and retention settings.

View Full Repo (subscribers only)

AWS

Tools

GruntKMS

A command-line tool that makes it easy to encrypt and decrypt data using Amazon Key Management Service (KMS).

View Tool (subscribers only)

AWS

ssh-iam

A tool that allows you to manage SSH access to EC2 Instances using AWS IAM. Developers can use their personal SSH keys to log in.

View Public Docs

AWS

aws-auth

A small wrapper script for the AWS CLI that makes it much easier to authenticate to AWS with Multi-factor authentication (MFA), or when you want to assume an IAM Role in another AWS account.

View Public Docs

AWS

gruntwork-installer

A simple, lightweight package manager for installing Gruntwork modules.

View Tool

Open Source Terraform Modules

Consul

Deploy a best-practices HashiCorp Consul cluster. Includes support for automatic bootstrapping, configuring dnsmasq to use Consul as a DNS server, access to the Consul UI, and automatic recovery of failed servers.

View Repo: AWS | GCP | Azure

AWS GCP Azure

Nomad

Deploy a HashiCorp Nomad cluster. Includes support for automatic bootstrapping and automatic recovery of failed servers.

View Repo: AWS | GCP | Azure

AWS GCP Azure

Vault

Deploy a HashiCorp Vault cluster. Includes support for automatically discovering Consul clusters as a high availability backend, using S3 as a storage backend, creating self-signed TLS certificates, updating the OS certificate store, configuring an ELB in front of Vault to allow public access, and automatic recovery of failed servers.

View Repo: AWS | GCP | Azure

AWS GCP Azure

How do I get access to this code?

To get access to all the code in the Infrastructure as Code Library, you must buy a License. Check out the pricing page for details.