Client Infrastructure Setup Questionnaire

  • Client Infrastructure Setup Questionnaire

    This questionnaire helps us understand your infrastructure requirements based on our proposal. Please provide details about your current setup and future needs so we can tailor our services accordingly.

  • Infrastructure as Code (IaC)

    Default Approach: Our standard practice is to define the entire infrastructure as code using Terraform.

  • Multi-Environment Setup

    Default Approach: We provision two environments—Development (Dev) and Production (Prod).

     

  • Networking (VPC)

    Default Approach: We create an isolated VPC for each environment.

     

  • Kubernetes & Container Orchestration

    Default Approach: We deploy all essential Kubernetes (K8s) components, including networking, storage, monitoring, logging, scaling tools, certificate management, secret management, NGINX ingress controller (AWS network load balancer), and FluxCD.

     

  • Database Setup

    Default Approach: We use Amazon RDS Serverless v2 with Aurora PostgreSQL.

     

  • Monitoring, Alerting, and Logging

    Default Setup: We implement the Prometheus-Grafana-Loki stack for Kubernetes and AWS CloudWatch for cloud services.

     

  • Security & Access Control

    Default Approach:

    - We create a dedicated AWS service user for Terraform management.

    - We define three AWS user groups:
    Admin: Full read/write access to AWS.
    Read-Only: Read-only access to AWS resources.
    Service Accounts: only for listing services, permissions are provided separated for each service account

    - We define two Kubernetes (K8s) user groups:
    Admin: Full read/write access to Kubernetes.
    Read-Only: Read-only access to Kubernetes.

    - We implement security groups (SGs) for every service and restrict public access.

  • Secret Management

    Default Approach: We use AWS Secrets Manager to securely store sensitive information and manage variables via the External Secrets Operator in Kubernetes.

    Root database passwords are securely stored and rotated.

  • Caching Solutions

    Default Approach: We set up Amazon ElastiCache (Redis Cluster).

  • Documentation

    Default Approach:

    We provide the following documentation:
    - General infrastructure overview
    - Questionnaire
    - Installing and connecting to AWS CLI
    - Setting up and working with Terraform
    - Setting up kubectl and connecting to Kubernetes
    - Working with Kubernetes (basic knowledge)
    - Working with FluxCD
    - CI/CD approach overview
    - GitHub Flow best practices
    - Notification flow (during the support period)
    - Disaster recovery plan (only for the infrastructure we set up)
    - Connecting to the database
    - Connecting to ElastiCache
    - Using AWS Secrets Manager and External Secrets Operator in Kubernetes
    - Working with monitoring tools (Grafana-Prometheus-Loki)
    - Describing applications (base knowledge with an example)
    - Using LENS (Kubernetes management tool)

  • Ongoing Maintenance & Support (1 month for FREE)

    - Provide technical maintenance, system monitoring, and troubleshooting as needed.
    - Perform updates and patches to ensure system security and efficiency.

  • Next Steps

    After completing this questionnaire, our team will analyze your responses and provide a tailored infrastructure setup proposal based on your requirements.
  • Should be Empty: