What we need for deploying our solution?

We will request an IAM User from you on a fresh sub-account under your organisation. This allows us to create our environment via our provisioning scripts (built on terraform). You will have full control of what we create and all settings can be customised. We have a default set-up, but everything can be workshopped to suit your needs.

What we require from you

Description

Fresh AWS Account

sub-account under your organisation

IAM User

We will need one IAM user for that account. We can workshop the exact permissions needed. For staging we usually request AdministratorAccess, but this can also be customised.

What are we creating in the environment?

Here is a list of the kind of resources we are using on AWS. We are happy to customise configurations on each of the resources.

Resource

Description

AWS VPC

Virtual Private Network

AWS Subnets

Different subnets for private, public, database, cache

AWS Security Groups

To ensure the right resources can access the right things

AWS NAT Gateway

Allows services can access the internet to be able to reach 3rd parties. For example, for sending emails

AWS EKS

Managed Kubernetes by AWS

AWS RDS (Aurora MySQL)

Aurora running MySQL will be the main data store

AWS Elasticcache (Redis)

Used for caching some information for performance

AWS AutoScaling Group

Used so we can autoscale cluster nodes on the Kubernetes cluster

AWS EC2

Only created via the autoscaling group. All will be running only the AWS EKS base image.

AWS ELB

Used for exposing services outside of the cluster, either internal or public (with possible IP whitelist)

Visual Diagram