πŸš€ NaN Labs' Terraform AWS Modules

September 29, 2025 Β· View on GitHub

πŸš€ NaN Labs' Terraform AWS Modules

Deploy Production Infrastructure in Minutes, Not Months

Terraform AWS Kubernetes License: MIT GitHub Stars

πŸ”₯ Battle-tested β€’ πŸ”’ Security-first β€’ πŸ’° Cost-optimized β€’ πŸš€ Developer-friendly

From MVP to Enterprise: Infrastructure that scales with your business

🧭 TL;DR

Deploy production-grade AWS building blocks fast with battle-tested Terraform modules (secure defaults, full customization, clear docs).

# Try the smallest stack (~\$46/mo)
git clone https://github.com/nanlabs/terraform-aws-modules.git
cd terraform-aws-modules/examples/simple-web-app
terraform init && terraform apply

Need something bigger? Jump to the example catalog or full module list below.

✨ Why These Modules?

Secure by default, production-proven, cost-aware, and fully overridable. Built to scale from MVP to multi-account enterprise without rewriting your Terraform.

Show feature matrix
  • πŸ›‘οΈ Reliability: Multi‑AZ patterns, zero‑downtime friendly changes, safe defaults that avoid accidental data loss.
  • πŸ” Security: KMS encryption everywhere, least‑privilege IAM surfaces, GitHub OIDC (keyless CI), optional CloudTrail + Config integration.
  • πŸ’° Cost Awareness: Right‑sized defaults, opt‑in NAT / Transit Gateway, lifecycle policies for cold data, no hidden always‑on extras.
  • πŸ“Š Observability: VPC Flow Logs ready, log/metrics hooks, consistent naming for tracing & tagging, surfaces for future dashboards.
  • πŸ§ͺ Developer Experience: Consistent variable names, β€œcomplete wrapper” philosophy, rich runnable examples, auto‑generated docs.
  • 🧩 Extensibility: All upstream module variables & outputs exposed, composable building blocks, feature flags instead of forks.

πŸŽͺ Examples

Pick a starting point:

TierExampleWhat You GetEst. Cost*
Starter🌐 Simple Web AppMinimal VPC + one compute entrypoint (low cost)~$46
Growthβš™οΈ Medium ComplexityEKS + RDS + Bastion (microservices base)~$300
Enterprise🏒 Complete EnterpriseFull platform: multi-AZ network, EKS, RDS (HA), MSK, TGW~$940

Need data / security / networking patterns? See the expanded catalog.

Full example catalog (with costs & focus areas)
ExampleCore ServicesFocusEst. Cost*
🌐 Simple Web AppVPC + minimal computeMVP / quick start~$46
βš™οΈ Medium ComplexityVPC, EKS, RDS, BastionMicroservices staging~$300
🏒 Complete EnterpriseVPC (multi-AZ), EKS, RDS (HA), MSK, TGW, encryptionProduction foundation~$940
πŸ” Secure Multi-Environment Data PlatformCloudTrail, Config, Data Lake, Glue, KMSCompliance & governance~$420
πŸ›°οΈ Hub & Spoke NetworkingTransit Gateway + multi-VPCSegmentation / org networking~$160
πŸ“Š Analytics + Document StoreData Lake, DocumentDB, MSK, GlueHybrid analytics (structured + doc)~$780
πŸ”„ Data Processing PipelineData Lake, Glue Jobs + WorkflowBatch ETL / curation~$180
🧩 Multi-Account Data Platform (Simulated)Central KMS, TGW, Data Lake, Glue, BastionMulti-account pattern~$210

*Estimates at authoring time, us-east-1 on-demand, minimal throughput. Validate with AWS Pricing Calculator / Infracost before production.

Tip

New here? Jump to the Usage Guide or scan the modules below.

🎯 Motivation

Building and maintaining infrastructure across cloud providers can become repetitive and error-prone. This repository consolidates reusable Terraform modules following best practices, allowing your team to provision infrastructure efficiently, securely, and consistentlyβ€”whether it's an AWS VPC, a Kubernetes cluster, or a MongoDB Atlas database.

πŸ“¦ Modules Overview

Highly opinionated wrappers around official modulesβ€”simple defaults, full override capability.

Categories:

  • Network & Access: VPC, Bastion, Transit Gateway (+ Spokes), Shared Networking
  • Compute & Orchestration: EKS, Amplify
  • Data & Analytics: RDS / Aurora, MSK, DocumentDB, Data Lake infra & encryption, Glue suite
  • Security & Governance: CloudTrail, Config, GitHub OIDC, TF State Backend
  • Multi-Cloud: MongoDB Atlas
Show full module catalog
ModuleDescriptionUse Cases
🌐 AWS VPCVPC with subnets, flow logs, sane defaultsNetwork foundation, multi-AZ setup
⚑ AWS EKSManaged Kubernetes + addons wrapperMicroservices, container orchestration
πŸ—„οΈ AWS RDSRelational DB (backups, monitoring)Application persistence
πŸ—„οΈ AWS RDS AuroraHigh-performance Aurora clusterHA & read scaling
πŸ“¨ AWS MSKManaged Kafka (secure & multi-AZ)Event streaming, pipelines
🏰 AWS BastionSSM-based secure jump hostAdmin access, troubleshooting
πŸ“Š AWS DocumentDBMongoDB-compatible document storeFlexible JSON workloads
πŸ‘€ AWS IAM RoleOpinionated IAM role creationLeast-privilege access
🌍 AWS Amplify AppFrontend hosting & CI/CDStatic & SPA delivery
πŸ” AWS CloudTrailCentral activity loggingAudit & compliance
πŸ›‘οΈ AWS ConfigResource config tracking & rulesGovernance & drift detection
🧱 AWS Data Lake EncryptionCentral KMS (S3 + Glue keys)Unified encryption & rotation
πŸ—ƒοΈ AWS Data Lake InfrastructureMedallion S3 layout scaffoldBronze/Silver/Gold zoning
🧬 AWS Glue Code RegistrySchema/code registryETL governance
πŸ“š AWS Glue Data Lake CatalogCatalog databases / tablesMetadata discovery
πŸ› οΈ AWS Glue JobsMap-based multi Glue jobsBatch / Spark ETL
πŸ”„ AWS Glue WorkflowWorkflow & trigger orchestrationChained ETL processes
✈️ AWS Transit GatewayCentral routing hubMulti-VPC topology
πŸ›°οΈ AWS Transit Gateway SpokeVPC attachment wrapperHub & spoke expansion
πŸ•ΈοΈ AWS Shared NetworkingShared services networking layerCentral endpoints & DNS
πŸ“¦ AWS TF State BackendS3 + DynamoDB state backendRemote state & locking
πŸ” AWS GitHub OIDC ProviderOIDC federation for CIKeyless deployments
ModuleDescriptionUse Cases
πŸƒ MongoDB Atlas ClusterManaged multi-cloud MongoDBGlobal & serverless data

πŸš€ Quick Module Usage

Each module is designed to be plug-and-play with sensible defaults, yet highly customizable for complex requirements.

module "vpc" {
  source = "git::https://github.com/nanlabs/terraform-aws-modules.git//modules/aws-vpc?ref=v0.2.0"

  vpc_cidr = "10.0.0.0/16"
  # That's it! VPC with best practices is ready πŸŽ‰
}

πŸ“– See the Usage Guide for advanced patterns (version pinning, multi-account, remote state, KMS sharing).

🎯 Ready to Get Started?

πŸš€ Quick StartπŸ“š Learn More🀝 Get Help
Browse ExamplesRead DocumentationJoin Discussions
Pick an example that fits your needsUnderstand best practicesAsk questions, share ideas

⭐ If this project helps you, please consider giving it a star! ⭐

🀝 Contributing

We love contributions! Whether you're:

  • πŸ› Reporting bugs or suggesting improvements
  • πŸ“ Improving documentation or adding examples
  • πŸš€ Adding new modules or enhancing existing ones
  • πŸ’‘ Sharing ideas for new features

Every contribution matters! Check our Contributing Guidelines to get started.

🌟 Ways to Contribute

  1. Star this repo - It helps others discover these modules
  2. Share your experience - Write a blog post or tweet about your usage
  3. Submit feedback - Open issues with suggestions or bug reports
  4. Code contributions - Submit PRs for new features or fixes
  5. Documentation - Help improve guides and examples

πŸ“š Documentation

πŸ“– Guide🎯 Purpose
πŸ“š Usage GuideComplete module usage, versioning, and advanced patterns
πŸ› οΈ Development SetupSet up your development environment
πŸ“¦ Modules GuideHow to use and create modules
⭐ Best PracticesModule design, security, and guidelines
πŸš€ Versioning StrategyRelease management and versioning
πŸ”„ GitHub ActionsCI/CD workflows and automation
🀝 ContributingHow to contribute to this repository

πŸ“š Additional Resources

License

This project is licensed under the MIT License - see the LICENSE file for details.

πŸ‘₯ Contributors

Contributors

Made with contributors-img.

🌟 Built with ❀️ by NaN Labs

Website LinkedIn

πŸš€ Accelerating development through proven technology solutions