A module catalog for the enterprise

The Gruntwork Library contains over 300K lines of reusable, battle-tested, production-ready infrastructure code for AWS.

Built for
Trustbar LogosTrustbar LogosTrustbar Logos
Hero Image

Speed, quality, cost: pick three

Leverage a mature, battle-tested, reusable library of infrastructure code proven in production for years by hundreds of companies.

Infrastructure as code

Over 300K lines of code written in OpenTofu, Go, Python, and Bash. You get access to 100% of the code.

Thoughtfully opinionated

Opinionated, best-practice modules that are highly configurable so you can extend and compose them to meet your needs.


Every commit goes through a suite of automated unit and integration tests written with Terratest.


Every module includes example code and thorough documentation.

Secure & Compliant

Built with security-first principles, validated with security scanning, and compliant with the CIS AWS Foundations Benchmark out-of-the-box.


Gruntwork provides commercial maintenance and support. We continually make updates, additions, and fixes to the library.

Trusted by
  • https://a-us.storyblok.com/f/1018157/213x110/e6cc978ede/adobe.png
  • https://a-us.storyblok.com/f/1018157/66x55/9a09a2ba05/cisco.png
  • https://a-us.storyblok.com/f/1018157/285x110/a9b1bf0023/dropbox.png
  • https://a-us.storyblok.com/f/1018157/184x110/153ecbe79a/hertz.png
  • https://a-us.storyblok.com/f/1018157/245x110/0743f88049/maxar.png
  • https://a-us.storyblok.com/f/1018157/198x110/b409061c73/nasdaq.png
  • https://a-us.storyblok.com/f/1018157/260x110/56dc51d339/open-text.png
  • https://a-us.storyblok.com/f/1018157/250x110/b35d08e6d9/nimble.png
  • https://a-us.storyblok.com/f/1018157/262x110/0d0c5b46b8/vodafone.png
  • https://a-us.storyblok.com/f/1018157/204x110/8b408c9f22/nelnet.png
  • https://a-us.storyblok.com/f/1018157/288x110/53209eab05/fanatics.png
  • https://a-us.storyblok.com/f/1018157/309x110/9fa1991e3a/mercedes-benz.png
  • https://a-us.storyblok.com/f/1018157/288x110/f99cdc468b/saks-fifth-avenue.png
  • https://a-us.storyblok.com/f/1018157/184x110/153ecbe79a/hertz.png
  • https://a-us.storyblok.com/f/1018157/203x110/6d99bbcf9b/splunk.png
  • https://a-us.storyblok.com/f/1018157/211x110/65d7172587/toyota.png
  • https://a-us.storyblok.com/f/1018157/190x110/7081cf087e/axios.png
  • https://a-us.storyblok.com/f/1018157/297x110/0075f7d83a/star-tribune.png

What’s Included

Landing Zone

Account baselines, Control Tower integration, SSO, IAM users/groups/roles, OIDC, GuardDuty, CloudTrail, AWS Config, Macie.

App Orchestration

EKS (Kubernetes), Helm, ECS, EC2, Auto Scaling Groups.


VPC, Transit Gateway, IPAM, DualStack/IPv6 [BETA], Application Load Balancer, CloudFront, Route 53.

Data Storage

MySQL, Postgres, Aurora, Redis, Memcached, S3, ECR, EBS, EFS.


Lambda, API Gateway, Fargate, Aurora Serverless.


Account baselines compliant with the CIS AWS Foundations Benchmark out-of-the-box.

Search & Analytics

Elasticsearch, MSK (Kafka), SQS, Kinesis, Redshift.


OpenTofu & Terraform workflows, AMI & Docker scripts, Git scripts, Monorepo scripts.

Using the library

Create your own centralized, vetted module catalog

Module Catalog

Your ops team creates a catalog of approved, standardized modules

Combine and compose the modules from the Gruntwork Library to create your own catalog of modules that are tested, standardized, and approved to meet your company's requirements.

Developer self-service

Your dev team deploys infrastructure from your module catalog

Scaffold new modules with a keystroke, with intelligent prompts for any configurations exposed in the selected template.

How we compare

The Gruntwork difference

How does using the Gruntwork Library compare to building a module catalog from scratch or paying a DevOps consultant to do it?

Do it yourself


Starting point

From scratch

From scratch

300K lines of battle-tested code

Time to launch

6 – 24 months

(highly variable)

6 – 24 months

(highly variable)

~1 week

(highly predictable)


Unproven code

Unproven code

Mature code proven in production at 100s of companies


100% up to you


On-going maintenance, updates, security patches




Commercial support

Gruntwork Library by the numbers


Companies using our modules


Modules in library


Lines of code

Part of Gruntwork DevOps Foundations

Leverage Gruntwork Library as part of an end-to-end DevOps lifecycle to enable automated deployments and developer self-service.


What our customers have to say about the Gruntwork Library

  • Grunty Arm
    We’ve been truly impressed with Gruntwork, the team, the responses, the community. It probably has saved us at least mid 6 figures if we had home rolled our infrastructure ourselves.
    Testimonial Profile Image

    Solomon White


    Testimonial Profile Image
  • The quality that Gruntwork produces and maintains is outstanding. It has proven time and time again to be a huge accelerator bringing companies forward in terms of stability and quality. It also enables closer collaboration across the engineering organization.
    Testimonial Profile Image

    Markus Burger

    4 time repeat customer

    Testimonial Profile Image
  • We ended up going with Gruntwork. I highly recommend. Jim Brikman of Gruntwork was the top infrastructure engineer during my tenure at LinkedIn, so I already knew what to expect. It was fantastic to see how they delivered our awesome AWS + Terraform infrastructure on time and well under budget.
    Testimonial Profile Image

    Erem Boto

    Senior Software Engineer

    Testimonial Profile Image

    Bootstrap your IaC module catalog

    You get 100% of the code and keep full rights even if you cancel after 1 year. Chat with a DevOps expert and learn how to leverage the Gruntwork Library for your own infrastructure.


    Frequently Asked Questions

    How do I access the code?
    What clouds do you support?
    Can I use the code for my own customers?
    What versions of Terraform / OpenTofu do you support?