EKS Cluster on Terraform | DevOps & Frappe Technical Specs

The Problem

Manual Kubernetes provisioning breaks consistency. Different environments drift apart. Security gaps appear. Scaling lags when traffic spikes.

Qualitative Outcome

Replaced one-off, error-prone server setups with a single repeatable Terraform run — consistent clusters, zero drift.

What changed for the business

A fully automated cluster setup that provisions, secures, and scales itself — no manual intervention required.

How it was built

Modular Terraform configurations for an AWS EKS cluster: multi-AZ VPC with private subnets, Auto Scaling worker nodes, and least-privilege IAM via IRSA.

Architecture Snapshot

Local IaCTerraform • VPC Modules

→

Actions CI/CDLint, Trivy & IAM scan

→

AWS EKS CloudSecure Managed Nodes

What I Built

Separated VPC networking, EKS nodes, IAM roles, and Kubernetes manifests into clean, reusable Terraform modules.
Built a multi-AZ VPC with private subnets for worker nodes and public subnets for Application Load Balancers.
Deployed Kubernetes manifests provisioning both frontend and database service layers.
Applied least-privilege IAM policies using AWS IAM Roles for Service Accounts (IRSA).

How It Works

Manual Kubernetes setups don’t break immediately — they erode over time. Misconfigured security groups. Environments that don’t match. Nodes that don’t scale fast enough when traffic spikes on a Tuesday afternoon. This project replaces all of that with one clean Terraform run.

How It’s Structured

The entire cluster is declared in HCL and broken into three focused layers:

Network — A dedicated VPC spanning three availability zones, with private worker subnets and public load balancer subnets. NAT Gateways handle outbound access from private nodes.
Compute — Managed EKS worker node groups inside private subnets, scaling automatically on CPU thresholds via Auto Scaling Groups.
Access Control — IAM boundary policies applied via IRSA, mapping Kubernetes service accounts to least-privilege AWS roles.

Building something similar?

I'd love to hear about what you're working on.

Start a conversation →