Skip to content
Kindo Kindo Docs

AWS Infrastructure Deployment

This guide walks you through deploying Kindo infrastructure on AWS using the kindo-infra Terraform module.

Quick Start

  1. Set up your deployment directory:

    Terminal window
    cd kindo-modules/examples/kindo-infra-aws-example
    cp terraform.tfvars.example terraform.tfvars

  2. Configure terraform.tfvars with at minimum:

    project_name    = "mycompany"
    environment     = "production"
    aws_region      = "us-west-2"
    deployment_size = "small"
    vpc_cidr        = "10.0.0.0/16"
    domain_name     = "kindo.mycompany.com"

  3. Deploy:

    Terminal window
    export AWS_PROFILE=your-aws-profile
    terraform init
    terraform plan
    terraform apply

Core Configuration

Project Identification

project_name = "mycompany"     # Namespace for all resources
environment  = "production"    # dev, staging, or production
aws_region   = "us-west-2"     # AWS region

Use lowercase with no spaces or special characters. Keep project_name consistent across environments.

Deployment Sizing

deployment_size = "small"
production_mode = false
SizeBest ForNodesRDSEst. Monthly Cost
devDevelopment/Testing1—3 t3.mediumdb.t3.micro~$150—200
smallSmall production2—5 t3.largedb.t3.small~$400—500
mediumStandard production3—8 t3.xlargedb.t3.medium~$800—1000
largeHigh traffic5—15 m5.xlargedb.m5.large~$2000—3000
xlargeEnterprise10—30 m5.2xlargedb.m5.xlarge~$5000+

Setting production_mode = true enables deletion protection on RDS and prevents accidental terraform destroy.

Network Configuration

vpc_cidr = "10.0.0.0/16"

The module automatically creates public, private, and database subnets across availability zones.

Feature Toggles

enable_gpu_nodes = false     # Enable for self-hosted models
enable_monitoring = true     # CloudWatch monitoring
enable_bastion = false       # Bastion host for debugging

What Gets Created

The kindo-infra module provisions:

  • VPC with public, private, and database subnets across 3 AZs
  • EKS cluster with managed node groups
  • RDS PostgreSQL (multi-AZ in production)
  • ElastiCache Redis cluster
  • Amazon MQ (RabbitMQ) broker
  • S3 buckets for uploads, audit logs, and backups
  • KMS keys for encryption
  • Security groups and network ACLs
  • CloudWatch log groups and alarms

Post-Deployment Verification

Terminal window
# Verify EKS access
aws eks update-kubeconfig --name <cluster-name> --region us-west-2
kubectl get nodes


# Verify RDS
aws rds describe-db-instances --query 'DBInstances[*].DBInstanceIdentifier'


# Verify Redis
aws elasticache describe-cache-clusters


# Verify S3 buckets
aws s3 ls | grep kindo

Terraform Outputs

After deployment, save these outputs for use in subsequent modules:

Terminal window
terraform output -json > infra-outputs.json

Key outputs include: EKS cluster name, VPC ID, subnet IDs, RDS endpoint, Redis endpoint, RabbitMQ endpoint, and S3 bucket names.

Next Steps

Proceed to AWS Secrets Manager to configure secrets, then AWS Peripherals for supporting services.