DEV Community

KithupaG
KithupaG

Posted on

Building a Production Grade AWS Infrastructure Project (Part 1)

#devops #aws #learning #cloud

I'm 16, self-taught, and currently studying for my AWS Solutions Architect Associate certification. Alongside the course, I'm building a production-grade AWS infrastructure from scrach and documenting the entire journey here

Why?

Honestly, because certs alone don't porve you can build anything. I want something real to show for it, So writing infrastruction that reflects how things are done in production and not just dwelling inside tutorial hell. Writing about it publicly keeps me accountable.

What is my stack?

  • Cloud: AWS
  • Infrastructure as Code: Terraform (I decided to keep it modular with seperate dev and prod environments)
  • CI/CD : Github Actions
  • Containerization: Docker + Trivy (for container scanning)
  • Application: A minimal PERN stack notes app

Heres what my folder structure looks like

aws-production-infra/
├── modules/ # reusable Terraform modules
│ ├── vpc/
│ │ ├── main.tf
│ │ ├── variables.tf
│ │ ├── outputs.tf
│ │ └── README.md
│ ├── ec2-asg/
│ │ ├── main.tf
│ │ ├── variables.tf
│ │ └── outputs.tf
│ ├── alb/
│ ├── rds/
│ ├── s3-cdn/
│ ├── iam/
│ ├── security/
│ └── monitoring/
├── environments/
│ ├── dev/
│ │ ├── main.tf
│ │ ├── variables.tf
│ │ ├── terraform.tfvars
│ │ └── backend.tf
│ └── prod/
├── app/
│ ├── Dockerfile
│ └── src/
├── .github/
│ └── workflows/
│ ├── terraform-plan.yml
│ └── docker-build.yml
├── docs/
│ ├── architecture.svg
│ └── cost-estimate.md
├── scripts/
│ └── destroy-expensive.sh
├── .gitignore
└── README.md

They key decision I did here is seperating the modules/ folder from environments/. Both environments call the same modules but with different variable values. Dev runs cheaper, single AZ resources purely for developing purposes while Prod runs Multi-AZ, larger instances in a more contained and secure setting.

What I've done so far

The folder structure is set up and the application code is in the repo. I vibe-coded the entire PERN app to save time, and honestly the infrastructure is what its all about.

My build order is

  1. - Write all the terraform infrastructure first.
  2. - Write the Dockerfile and get Trivy scanning running in CI
  3. - Wire everything together with the GitHub actions deployment pipeline

Next post will cover building the VPC modules (building subnets, route tables, NAT gateway, and flow logs)

Repo is here if you want to follow along: https://github.com/KithupaG/aws-production-infra

Top comments (0)