1# AWS Terraform Module Patterns
2 
3## VPC Module
4 
5- VPC with public/private subnets
6- Internet Gateway and NAT Gateways
7- Route tables and associations
8- Network ACLs
9- VPC Flow Logs
10 
11## EKS Module
12 
13- EKS cluster with managed node groups
14- IRSA (IAM Roles for Service Accounts)
15- Cluster autoscaler
16- VPC CNI configuration
17- Cluster logging
18 
19## RDS Module
20 
21- RDS instance or cluster
22- Automated backups
23- Read replicas
24- Parameter groups
25- Subnet groups
26- Security groups
27 
28## S3 Module
29 
30- S3 bucket with versioning
31- Encryption at rest
32- Bucket policies
33- Lifecycle rules
34- Replication configuration
35 
36## ALB Module
37 
38- Application Load Balancer
39- Target groups
40- Listener rules
41- SSL/TLS certificates
42- Access logs
43 
44## Lambda Module
45 
46- Lambda function
47- IAM execution role
48- CloudWatch Logs
49- Environment variables
50- VPC configuration (optional)
51 
52## Security Group Module
53 
54- Reusable security group rules
55- Ingress/egress rules
56- Dynamic rule creation
57- Rule descriptions
58 
59## Best Practices
60 
611. Use AWS provider version `~> 5.0`
622. Enable encryption by default
633. Use least-privilege IAM
644. Tag all resources consistently
655. Enable logging and monitoring
666. Use KMS for encryption
677. Implement backup strategies
688. Use PrivateLink when possible
699. Enable GuardDuty/SecurityHub
7010. Follow AWS Well-Architected Framework
71