Browse the Repo


Browse the Repo

Single-account Reference Architecture

Single-account Reference Architecture

End-to-end tech stack designed to deploy into a single AWS account. Includes VPCs, EKS, ALBs, CI / CD, monitoring, alerting, VPN, DNS, and more.

Code Preview

Preview the Code

mobile file icon


Live Infrastructure

This repository contains code to deploy infrastructure across all live environments for Acme in AWS. The code deploys modules from the infrastructure-modules-acme repository. This code was built on top of the Gruntwork Reference Architecture.

Reference Architecture


  • End-to-end tech stack for AWS.
  • 100% defined and managed as code using tools such as Terraform, Docker, and Packer.
  • Built on top of the reusable, battle-tested, commercially supported code from the Gruntwork Infrastructure as Code Library.
  • Deployed into your AWS accounts in about 1 day.
  • Customized to your needs:
    • Run containerized services using Kubernetes or ECS.
    • Run VMs on EC2 Instances and Auto Scaling Groups.
    • Use PostgreSQL, MySQL, SQL Server, or other relational database.
    • Use Redis or Memcached as a distributed cache.
    • Use other data stores such as Kafka, ZooKeeper, ELK, SQS, Kinesis, and MongoDB.
    • Optionally enable end-to-end encryption (e.g., as part of HIPAA, PCI, or other compliance programs).
    • Configure a CI / CD pipeline in CircleCI, Travis CI, or Jenkins.
    • Access the network via a Bastion Host or OpenVPN server.
    • Use KMS for secrets management.
    • Store static content in S3, with CloudFront as a CDN.
    • Build serverless apps with AWS Lambda and API Gateway.
    • Configure monitoring, alerting, and log aggregation in CloudWatch.
    • And much more!


Core concepts

Repo organization


Deploy updates

If you want to deploy updates to this infrastructure, check out the following resources:

Deploy from scratch

If you want to deploy this infrastructure from scratch, check out the following resources:


Day-to-day operations

Major changes


If you need help with this repo or anything else related to infrastructure or DevOps, Gruntwork offers Commercial Support via Slack, email, and phone/video. If you're already a Gruntwork customer, hop on Slack and ask away! If not, subscribe now. If you're not sure, feel free to email us at

Questions? Ask away.

We're here to talk about our services, answer any questions, give advice, or just to chat.

Ready to hand off the Gruntwork?