// the find
maddevsio/aws-eks-base
This boilerplate contains terraform configurations for the rapid deployment of a Kubernetes cluster, supporting services, and the underlying infrastructure in AWS.
A Terraform + Terragrunt boilerplate for standing up an opinionated AWS EKS cluster with the standard supporting cast: VPC across 3 AZs, on-demand + spot node groups, nginx-ingress, cert-manager, external-dns, Prometheus/Grafana, Loki, and optionally ELK. Built by Mad Devs from their own production use. Target audience is teams that want a working starting point for AWS/EKS infrastructure rather than building from scratch.
The two-layer split (layer1-aws for base infra, layer2-k8s for cluster addons) is a sensible separation that lets you apply them independently and target specific resources without destroying unrelated state. The helm-releases.yaml toggle approach for optional components is clean — flip enabled: true/false instead of commenting out whole blocks. Cost table in the README is refreshingly honest and concrete: ~$217/month baseline, line-itemized, not buried. The included Pritunl VPN module and aws-node-termination-handler integration show real production thinking, not just the happy path.
The README itself admits layer2-k8s is a monolith that should be split — the 500+ line ELK values template using data.template_file is genuinely painful to debug, and large numbers of helm releases cause plan hangs that you can only partially work around with -target. ELK chart ships bundled .tgz files at version 7.16.2 (EOL), which is a security and compatibility liability for anyone who doesn't immediately swap them out. Single NAT Gateway by default is a cost/reliability tradeoff that will silently kill your private subnets in one AZ if that AZ has issues — the README doesn't flag this adequately. The repo acknowledges it should adopt a terragrunt micro-modules approach but hasn't done it yet, so what you're getting is the messy intermediate state they're working away from.