Skip to content

Update README.md#4

Open
yindia wants to merge 34 commits intomainfrom
yindia-patch-2
Open

Update README.md#4
yindia wants to merge 34 commits intomainfrom
yindia-patch-2

Conversation

@yindia
Copy link
Owner

@yindia yindia commented Jan 17, 2026

No description provided.

@github-actions
Copy link

github-actions bot commented Jan 17, 2026
edited
Loading

Terrateam Plan Output

example/e2e.yaml ✅ Succeeded

Plan: 110 to add, 0 to change, 0 to destroy

Expand for plan output details 
Adds:
  - module.adminpltfrole.aws_iam_policy.vanilla_policy
  - module.adminpltfrole.aws_iam_role.role
  - module.adminpltfrole.aws_iam_role_policy.pass_role_to_self
  - module.adminpltfrole.aws_iam_role_policy_attachment.extra_policies_attachment[0]
  - module.adminpltfrole.aws_iam_role_policy_attachment.vanilla_role_attachment
  - module.base.aws_cloudwatch_log_group.vpc_flow_log[0]
  - module.base.aws_db_subnet_group.main
  - module.base.aws_default_security_group.default[0]
  - module.base.aws_docdb_subnet_group.main
  - module.base.aws_ebs_encryption_by_default.default
  - module.base.aws_eip.nat_eips[0]
  - module.base.aws_eip.nat_eips[1]
  - module.base.aws_eip.nat_eips[2]
  - module.base.aws_elasticache_subnet_group.main
  - module.base.aws_flow_log.vpc[0]
  - module.base.aws_iam_role.vpc_flow_log[0]
  - module.base.aws_iam_role_policy.vpc_flow_log[0]
  - module.base.aws_iam_service_linked_role.autoscaling
  - module.base.aws_internet_gateway.igw[0]
  - module.base.aws_kms_alias.alias
  - module.base.aws_kms_key.key
  - module.base.aws_nat_gateway.nat_gateways[0]
  - module.base.aws_nat_gateway.nat_gateways[1]
  - module.base.aws_nat_gateway.nat_gateways[2]
  - module.base.aws_route.nat_routes[0]
  - module.base.aws_route.nat_routes[1]
  - module.base.aws_route.nat_routes[2]
  - module.base.aws_route_table.private_route_tables[0]
  - module.base.aws_route_table.private_route_tables[1]
  - module.base.aws_route_table.private_route_tables[2]
  - module.base.aws_route_table.public_route_table[0]
  - module.base.aws_route_table_association.private_associations[0]
  - module.base.aws_route_table_association.private_associations[1]
  - module.base.aws_route_table_association.private_associations[2]
  - module.base.aws_route_table_association.public_association[0]
  - module.base.aws_route_table_association.public_association[1]
  - module.base.aws_route_table_association.public_association[2]
  - module.base.aws_s3_bucket.log_bucket
  - module.base.aws_s3_bucket_acl.log_bucket
  - module.base.aws_s3_bucket_lifecycle_configuration.log_bucket
  - module.base.aws_s3_bucket_ownership_controls.log_bucket
  - module.base.aws_s3_bucket_policy.log_bucket_policy
  - module.base.aws_s3_bucket_public_access_block.log_bucket
  - module.base.aws_s3_bucket_server_side_encryption_configuration.log_bucket
  - module.base.aws_s3_bucket_versioning.log_bucket
  - module.base.aws_security_group.db
  - module.base.aws_security_group.documentdb
  - module.base.aws_security_group.elasticache
  - module.base.aws_subnet.private_subnets[0]
  - module.base.aws_subnet.private_subnets[1]
  - module.base.aws_subnet.private_subnets[2]
  - module.base.aws_subnet.public_subnets[0]
  - module.base.aws_subnet.public_subnets[1]
  - module.base.aws_subnet.public_subnets[2]
  - module.base.aws_vpc.vpc[0]
  - module.base.aws_vpc_endpoint.s3[0]
  - module.base.aws_vpc_endpoint_route_table_association.s3[0]
  - module.base.aws_vpc_endpoint_route_table_association.s3[1]
  - module.base.aws_vpc_endpoint_route_table_association.s3[2]
  - module.base.random_id.bucket_suffix
  - module.base.random_id.vpc_flow_log_suffix[0]
  - module.eks.aws_cloudwatch_log_group.cluster_logs
  - module.eks.aws_eks_cluster.cluster
  - module.eks.aws_eks_node_group.node_group
  - module.eks.aws_iam_openid_connect_provider.cluster
  - module.eks.aws_iam_policy.minimal_ebs_kms_create_and_attach
  - module.eks.aws_iam_role.cluster_role
  - module.eks.aws_iam_role.node_group
  - module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy
  - module.eks.aws_iam_role_policy_attachment.cluster_minimal_ebs_kms_create_and_attache
  - module.eks.aws_iam_role_policy_attachment.node_group_AmazonEC2ContainerRegistryReadOnly
  - module.eks.aws_iam_role_policy_attachment.node_group_AmazonEKSWorkerNodePolicy
  - module.eks.aws_iam_role_policy_attachment.node_group_AmazonEKS_CNI_Policy
  - module.eks.aws_security_group.eks
  - module.eks.random_id.key_suffix
  - module.nodegroup1.aws_eks_node_group.node_group
  - module.nodegroup1.aws_iam_role.node_group
  - module.nodegroup1.aws_iam_role_policy_attachment.node_group_AmazonEC2ContainerRegistryReadOnly
  - module.nodegroup1.aws_iam_role_policy_attachment.node_group_AmazonEKSWorkerNodePolicy
  - module.nodegroup1.aws_iam_role_policy_attachment.node_group_AmazonEKS_CNI_Policy
  - module.nodegroup1.random_id.key_suffix
  - module.notifcationsQueue.aws_kms_key.key
  - module.notifcationsQueue.aws_sqs_queue.terraform_queue
  - module.notifcationsQueue.aws_sqs_queue_policy.default
  - module.postgres.aws_rds_cluster.secondary[0]
  - module.postgres.aws_rds_cluster_instance.secondary[0]
  - module.postgres.random_password.pg_password
  - module.postgres.random_string.db_name_hash
  - module.postgres.time_sleep.wait_for_db
  - module.s3.aws_cloudfront_origin_access_identity.read
  - module.s3.aws_s3_bucket.bucket
  - module.s3.aws_s3_bucket_lifecycle_configuration.bucket
  - module.s3.aws_s3_bucket_logging.bucket[0]
  - module.s3.aws_s3_bucket_ownership_controls.ownership_controls
  - module.s3.aws_s3_bucket_policy.policy
  - module.s3.aws_s3_bucket_public_access_block.block[0]
  - module.s3.aws_s3_bucket_server_side_encryption_configuration.bucket
  - module.s3.aws_s3_bucket_versioning.bucket
  - module.schedulesQueue.aws_kms_key.key
  - module.schedulesQueue.aws_sqs_queue.terraform_queue
  - module.schedulesQueue.aws_sqs_queue_policy.default
  - module.topic.aws_kms_key.key
  - module.topic.aws_sns_topic.topic
  - module.topic.aws_sns_topic_policy.default
  - module.topic.aws_sns_topic_subscription.user_updates_sqs_target[0]
  - module.userpltfrole.aws_iam_policy.vanilla_policy
  - module.userpltfrole.aws_iam_role.role
  - module.userpltfrole.aws_iam_role_policy.pass_role_to_self
  - module.userpltfrole.aws_iam_role_policy_attachment.extra_policies_attachment[0]
  - module.userpltfrole.aws_iam_role_policy_attachment.vanilla_role_attachment
Changes:
  (none)
Destroys:
  (none)

Plan: 110 to add, 0 to change, 0 to destroy

Cost Estimation

Total Monthly Difference: 893.60626

Expand for cost estimation details 
Project: yindia/pltf/.pltf/example-aws/workspace/.pltf-plan.json

 Name                                                          Monthly Qty  Unit                     Monthly Cost    
                                                                                                                     
 module.postgres.aws_rds_cluster_instance.secondary[0]                                                               
 ├─ Database instance (on-demand, db.t3.medium)                        730  hours                          $91.25    
 ├─ Performance Insights API                                           500  1000 requests                   $5.00  * 
 └─ Extended support (year 1)                                        1,460  vCPU-hours                    $175.20    
                                                                                                                     
 module.eks.aws_eks_node_group.node_group                                                                            
 ├─ Instance usage (Linux/UNIX, on-demand, t3.medium)                2,190  hours                         $119.14    
 └─ Storage (general purpose SSD, gp2)                                  60  GB                              $7.20    
                                                                                                                     
 module.nodegroup1.aws_eks_node_group.node_group                                                                     
 ├─ Instance usage (Linux/UNIX, on-demand, t3.medium)                2,190  hours                         $119.14    
 └─ Storage (general purpose SSD, gp2)                                  60  GB                              $7.20    
                                                                                                                     
 module.eks.aws_eks_cluster.cluster                                                                                  
 └─ EKS cluster                                                        730  hours                          $73.00    
                                                                                                                     
 module.base.aws_nat_gateway.nat_gateways[0]                                                                         
 ├─ NAT gateway                                                        730  hours                          $45.26    
 └─ Data processed                                                     111  GB                              $6.88  * 
                                                                                                                     
 module.base.aws_nat_gateway.nat_gateways[1]                                                                         
 ├─ NAT gateway                                                        730  hours                          $45.26    
 └─ Data processed                                                     111  GB                              $6.88  * 
                                                                                                                     
 module.base.aws_nat_gateway.nat_gateways[2]                                                                         
 ├─ NAT gateway                                                        730  hours                          $45.26    
 └─ Data processed                                                     111  GB                              $6.88  * 
                                                                                                                     
 module.base.aws_s3_bucket.log_bucket                                                                                
 └─ Standard                                                                                                         
    ├─ Storage                                                         225  GB                              $5.63  * 
    ├─ PUT, COPY, POST, LIST requests                                1,000  1k requests                     $4.70  * 
    ├─ GET, SELECT, and all other requests                          12,500  1k requests                     $4.63  * 
    ├─ Select data scanned                                           2,500  GB                              $5.63  * 
    └─ Select data returned                                          7,250  GB                              $5.80  * 
                                                                                                                     
 module.s3.aws_s3_bucket.bucket                                                                                      
 └─ Standard                                                                                                         
    ├─ Storage                                                         225  GB                              $5.63  * 
    ├─ PUT, COPY, POST, LIST requests                                1,000  1k requests                     $4.70  * 
    ├─ GET, SELECT, and all other requests                          12,500  1k requests                     $4.63  * 
    ├─ Select data scanned                                           2,500  GB                              $5.63  * 
    └─ Select data returned                                          7,250  GB                              $5.80  * 
                                                                                                                     
 module.postgres.aws_rds_cluster.secondary[0]                                                                        
 ├─ Storage                                                             50  GB                              $6.00  * 
 ├─ I/O requests                                                    21.024  1M requests                     $5.05  * 
 ├─ Backup storage                                                     354  GB                              $8.14  * 
 └─ Snapshot export                                                    500  GB                              $6.00  * 
                                                                                                                     
 module.base.aws_cloudwatch_log_group.vpc_flow_log[0]                                                                
 ├─ Data ingested                                                       10  GB                              $7.60  * 
 ├─ Archival Storage                                                   166  GB                              $5.48  * 
 └─ Insights queries data scanned                                    1,000  GB                              $7.60  * 
                                                                                                                     
 module.eks.aws_cloudwatch_log_group.cluster_logs                                                                    
 ├─ Data ingested                                                       10  GB                              $7.60  * 
 ├─ Archival Storage                                                   166  GB                              $5.48  * 
 └─ Insights queries data scanned                                    1,000  GB                              $7.60  * 
                                                                                                                     
 module.topic.aws_sns_topic.topic                                                                                    
 ├─ HTTP/HTTPS notifications (over 100k)                            20.125  100k notifications              $1.21  * 
 ├─ Email/Email-JSON notifications (over 1k)                          0.64  100k notifications              $1.28  * 
 ├─ Kinesis Firehose notifications                                     6.5  1M notifications                $1.68  * 
 ├─ Mobile Push notifications                                          2.6  1M notifications                $1.30  * 
 └─ MacOS notifications                                                2.6  1M notifications                $1.30  * 
                                                                                                                     
 module.notifcationsQueue.aws_sqs_queue.terraform_queue                                                              
 └─ Requests                                                          12.5  1M requests                     $5.00  * 
                                                                                                                     
 module.schedulesQueue.aws_sqs_queue.terraform_queue                                                                 
 └─ Requests                                                          12.5  1M requests                     $5.00  * 
                                                                                                                     
 module.base.aws_kms_key.key                                                                                         
 ├─ Customer master key                                                  1  months                          $1.00    
 ├─ Requests                                             Monthly cost depends on usage: $0.03 per 10k requests       
 ├─ ECC GenerateDataKeyPair requests                     Monthly cost depends on usage: $0.10 per 10k requests       
 └─ RSA GenerateDataKeyPair requests                     Monthly cost depends on usage: $0.10 per 10k requests       
                                                                                                                     
 module.notifcationsQueue.aws_kms_key.key                                                                            
 ├─ Customer master key                                                  1  months                          $1.00    
 ├─ Requests                                             Monthly cost depends on usage: $0.03 per 10k requests       
 ├─ ECC GenerateDataKeyPair requests                     Monthly cost depends on usage: $0.10 per 10k requests       
 └─ RSA GenerateDataKeyPair requests                     Monthly cost depends on usage: $0.10 per 10k requests       
                                                                                                                     
 module.schedulesQueue.aws_kms_key.key                                                                               
 ├─ Customer master key                                                  1  months                          $1.00    
 ├─ Requests                                             Monthly cost depends on usage: $0.03 per 10k requests       
 ├─ ECC GenerateDataKeyPair requests                     Monthly cost depends on usage: $0.10 per 10k requests       
 └─ RSA GenerateDataKeyPair requests                     Monthly cost depends on usage: $0.10 per 10k requests       
                                                                                                                     
 module.topic.aws_kms_key.key                                                                                        
 ├─ Customer master key                                                  1  months                          $1.00    
 ├─ Requests                                             Monthly cost depends on usage: $0.03 per 10k requests       
 ├─ ECC GenerateDataKeyPair requests                     Monthly cost depends on usage: $0.10 per 10k requests       
 └─ RSA GenerateDataKeyPair requests                     Monthly cost depends on usage: $0.10 per 10k requests       
                                                                                                                     
 OVERALL TOTAL                                                                                            $893.61 

*Usage costs were estimated using Infracost Cloud settings, see docs for other options.

──────────────────────────────────
103 cloud resources were detected:
∙ 19 were estimated
∙ 84 were free

┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━┳━━━━━━━━━━━━┓
┃ Project                                                 ┃ Baseline cost ┃ Usage cost* ┃ Total cost ┃
┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╋━━━━━━━━━━━━━━━╋━━━━━━━━━━━━━╋━━━━━━━━━━━━┫
┃ yindia/pltf/.pltf/example-aws/workspace/.pltf-plan.json ┃          $732 ┃        $162 ┃       $894 ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━┻━━━━━━━━━━━━┛
Raw cost data (json) 
{"version":"0.2","metadata":{"infracostCommand":"breakdown","vcsBranch":"yindia-patch-2","vcsCommitSha":"8ab56c642f640d764c7d3c27895fd20e26b49283","vcsCommitAuthorName":"uv","vcsCommitAuthorEmail":"evalsocket@gmail.com","vcsCommitTimestamp":"2026-02-01T05:28:27Z","vcsCommitMessage":"Merge branch 'main' into yindia-patch-2","vcsRepositoryUrl":"https://github.com/yindia/pltf","vcsProvider":"github","vcsBaseBranch":"main","vcsPullRequestTitle":"Update README.md","vcsPullRequestUrl":"https://github.com/yindia/pltf/pull/4","vcsPullRequestAuthor":"yindia","vcsPipelineRunId":"21557387668","vcsPullRequestId":"4","usageApiEnabled":true},"currency":"USD","projects":[{"name":"yindia/pltf/.pltf/example-aws/workspace/.pltf-plan.json","displayName":"","metadata":{"path":"/home/runner/work/pltf/pltf/.pltf/example-aws/workspace/.pltf-plan.json","type":"terraform_plan_json","vcsSubPath":".pltf/example-aws/workspace/.pltf-plan.json","providers":[{"name":"aws"},{"name":"random"},{"name":"external"},{"name":"random"},{"name":"random"},{"name":"random"},{"name":"time"}]},"pastBreakdown":{"resources":[],"totalHourlyCost":"0","totalMonthlyCost":"0","totalMonthlyUsageCost":"0"},"breakdown":{"resources":[{"name":"module.postgres.aws_rds_cluster_instance.secondary[0]","resourceType":"aws_rds_cluster_instance","tags":{"Environment":"dev","Owner":"PlatformTeam","cost_center":"shared","team":"platform","terraform":"true"},"defaultTags":{},"providerSupportsDefaultTags":true,"metadata":{"defaultTagsChecksum":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"},"hourlyCost":"0.371849315068493150685","monthlyCost":"271.45","monthlyUsageCost":"5","costComponents":[{"name":"Database instance (on-demand, db.t3.medium)","unit":"hours","hourlyQuantity":"1","monthlyQuantity":"730","price":"0.125","hourlyCost":"0.125","monthlyCost":"91.25","priceNotFound":false},{"name":"Performance Insights API","unit":"1000 requests","hourlyQuantity":"0.6849315068493151","monthlyQuantity":"500","price":"0.01","hourlyCost":"0.006849315068493150685","monthlyCost":"5","usageBased":true,"priceNotFound":false},{"name":"Extended support (year 1)","unit":"vCPU-hours","hourlyQuantity":"2","monthlyQuantity":"1460","price":"0.12","hourlyCost":"0.24","monthlyCost":"175.2","priceNotFound":false}]},{"name":"module.eks.aws_eks_node_group.node_group","resourceType":"aws_eks_node_group","tags":{"Environment":"dev","Owner":"PlatformTeam","cost_center":"shared","team":"platform","terraform":"true"},"defaultTags":{},"providerSupportsDefaultTags":true,"metadata":{"defaultTagsChecksum":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"},"hourlyCost":"0.173063013698630136","monthlyCost":"126.336","costComponents":[{"name":"Instance usage (Linux/UNIX, on-demand, t3.medium)","unit":"hours","hourlyQuantity":"3","monthlyQuantity":"2190","price":"0.0544","hourlyCost":"0.1632","monthlyCost":"119.136","priceNotFound":false},{"name":"CPU credits","unit":"vCPU-hours","hourlyQuantity":"0","monthlyQuantity":"0","price":"0.05","hourlyCost":"0","monthlyCost":"0","priceNotFound":false},{"name":"Storage (general purpose SSD, gp2)","unit":"GB","hourlyQuantity":"0.0821917808219178","monthlyQuantity":"60","price":"0.12","hourlyCost":"0.009863013698630136","monthlyCost":"7.2","priceNotFound":false}]},{"name":"module.nodegroup1.aws_eks_node_group.node_group","resourceType":"aws_eks_node_group","tags":{"Environment":"dev","Owner":"PlatformTeam","cost_center":"shared","team":"platform","terraform":"true"},"defaultTags":{},"providerSupportsDefaultTags":true,"metadata":{"defaultTagsChecksum":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"},"hourlyCost":"0.173063013698630136","monthlyCost":"126.336","costComponents":[{"name":"Instance usage (Linux/UNIX, on-demand, t3.medium)","unit":"hours","hourlyQuantity":"3","monthlyQuantity":"2190","price":"0.0544","hourlyCost":"0.1632","monthlyCost":"119.136","priceNotFound":false},{"name":"CPU credits","unit":"vCPU-hours","hourlyQuantity"...

To apply all these changes, comment:

pltf terraform apply -f example/e2e.yaml --auto-approve --env dev

Approval Requirements

AI risk review:

Blockers

  • none

Cautions

  • New IAM roles and policies may introduce excessive permissions; ensure least privilege principles are followed.
  • Multiple new security groups and subnets could increase network exposure; verify configurations to prevent unintended access.

Notes

  • Adding numerous resources, including VPC components and IAM roles, increases the blast radius for future changes.
  • Ensure that S3 bucket policies and public access blocks are configured correctly to prevent data exposure.
  • Monitor for potential downtime during the deployment of new EKS clusters and RDS instances.
Security scan (tfsec) 
timings
  ──────────────────────────────────────────
  disk i/o             0.914154ms
  parsing              72.789239ms
  adaptation           2.819162ms
  checks               6.420508ms
  total                82.943063ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    11
  blocks processed     362
  files read           65

  results
  ──────────────────────────────────────────
  passed               85
  ignored              10
  critical             0
  high                 2
  medium               0
  low                  0

  85 passed, 10 ignored, 2 potential problem(s) detected.```
</details>

_NOTE: This comment updates automatically on pushes to the PR._

Repository owner deleted a comment from github-actions bot Feb 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yindia