How it Works
Gruntwork can help you get your entire infrastructure defined as code in about a day. Here's how it works.
1. Set up your DevOps foundations
The Gruntwork team deploys a Reference Architecture for you, setting you up with all the foundational pieces you need to get started with AWS and Terraform, including:
- AWS multi-account structure: Gruntwork Landing Zone.
- Network topology: VPCs, subnets, route tables, VPN, etc.
- CI / CD: Gruntwork Pipelines.
- Auth: AWS Identity Center (SSO), IAM roles, OIDC, etc.
- Guard rails: SCPs, AWS Config Rules, etc.
- Monitoring: CloudTrail, GuardDuty, Macie, etc.
- Compliance: Gruntwork Compliance.
2. Deploy the rest of your infrastructure
Use the Infrastructure as Code Library (IaC Library) to deploy the rest of your infrastructure, (leveraging the accounts and CI / CD pipeline from the previous step). The IaC Library is a collection of reusable infrastructure code written in Terraform, Go, Bash, and Python that has been proven in production at hundreds of companies. It includes pre-built solutions for:
- Orchestration: EKS, ECS, EC2, ASGs, etc.
- Data stores: MySQL, Postgres, Aurora, Redis, S3, etc.
- Serverless: Lambda, API Gateway, etc.
- Search and analytics: Elasticsearch, Kafka, Kinesis, etc.
3. Deploy an end-to-end architecture
Get support and consulting for the IaC Library and Reference Architecture. We wrote the book on Terraform and the definitive guide to AWS, so you’re in good hands.
- Support: Get help with questions, troubleshooting, and design via our knowledge base, Slack, email, or phone/video calls.
- Consulting: If you need more hands-on help, work directly with the Gruntwork team to adopt the IaC Library and Reference Architecture to your needs.
4. Achieve compliance
Gruntwork Compliance modules are certified compliant by the Center for Internet Security (CIS), so all your infrastructure is compliant out-of-the-box.
- Modules that meet CIS AWS Foundations Benchmark requirements out-of-the-box.
- Controls and guard rails (SCPs, AWS Config Rules) to prevent or alert about non-compliant behavior.
5. Stay up to date
Gruntwork provides commercial maintenance for all the code in the IaC Library and Reference Architecture, and you can use Patcher (BETA) to automatically update your code to our latest releases—even when the new releases involve breaking changes.
- Gruntwork regularly updates the IaC Library to the latest best practices, CIS benchmark versions, Terraform releases, EKS releases, etc., and releases new versions.
- Pull in new versions automatically using Patcher (BETA), including patching breaking changes automatically.
- Use Gruntwork Pipelines to automatically promote updates across environments.