{"id":38678304,"url":"https://github.com/project-talan/tln-clouds","last_synced_at":"2026-01-17T10:06:10.194Z","repository":{"id":39590376,"uuid":"492602481","full_name":"project-talan/tln-clouds","owner":"project-talan","description":"Cloud Agnostic IaC based SaaS Skeleton","archived":false,"fork":false,"pushed_at":"2025-08-17T11:07:47.000Z","size":1000,"stargazers_count":10,"open_issues_count":2,"forks_count":1,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-08-17T12:28:18.209Z","etag":null,"topics":["aws","azure","digitalocean","gcp","helm","terraform"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/project-talan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-05-15T20:58:12.000Z","updated_at":"2025-08-17T10:58:11.000Z","dependencies_parsed_at":"2024-04-28T11:28:24.797Z","dependency_job_id":"032a0854-f956-4c47-bc91-7e79b5be720d","html_url":"https://github.com/project-talan/tln-clouds","commit_stats":null,"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/project-talan/tln-clouds","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/project-talan%2Ftln-clouds","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/project-talan%2Ftln-clouds/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/project-talan%2Ftln-clouds/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/project-talan%2Ftln-clouds/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/project-talan","download_url":"https://codeload.github.com/project-talan/tln-clouds/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/project-talan%2Ftln-clouds/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28505600,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-17T06:57:29.758Z","status":"ssl_error","status_checked_at":"2026-01-17T06:56:03.931Z","response_time":85,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","azure","digitalocean","gcp","helm","terraform"],"created_at":"2026-01-17T10:06:09.677Z","updated_at":"2026-01-17T10:06:10.187Z","avatar_url":"https://github.com/project-talan.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Description\nTalan Clouds is a modular infrastructure platform designed to simplify and standardize cloud-native deployments across environments. It integrates best practices for security, scalability, and automation using Terraform, Kubernetes, and Cloud provider services. Built for flexibility and team collaboration, Talan Clouds accelerates application delivery in modern DevOps ecosystems.\n\n## Cloud Agnostic IaC based SaaS Skeleton.\n![Infrastructure Instance](ii.png)\n\n## Features\n* ✅ AWS Support out of the box (Azure and GCP support in progress)\n* 🏢 Multi-tenancy architecture using layered design: provider, group, network, managed, app, and tenant\n* 🌍 Environment isolation made easy — define multiple environments with a single variable: **TF_VAR_env_id**\n* 🛠️ Infrastructure as Code using Terraform and Helm\n* 🔗 Multiple backend providers supported: Local, Cloud, PostgreSQL (S3 support coming soon)\n\n## Infrastructure Instance layers\n![Infrastructure Instance Layers](layers.png)\n\n## Quick start\n* Install [Nodejs 20.x or higher](https://nodejs.org)\n* Install helpers [tln](https://www.npmjs.com/package/tln-cli) \u0026 [tpm](https://github.com/project-talan/tln-pm)\n    ```\n    npm i -g tln-cli@1.110.0 tln-pm@0.19.0 \u0026\u0026 brew install wget\n    ```\n* Goto **projects** folder from **tln** installation above and clone repository\n  ```\n  git clone --depth 1 --branch v25.5.0 git@github.com:project-talan/tln-clouds.git \u0026\u0026 cd tln-clouds\n  ```\n* For local development just clone repository as usual\n  ```\n  git clone git@github.com:project-talan/tln-clouds.git \u0026\u0026 cd tln-clouds\n  ```\n\u003e Important\u003cbr\u003e\n\u003e * Commands below assume that Terraform Cloud is used as a storage for states\u003cbr/\u003e\n\u003e * By skipping **--backend cloud** local backend will be used\u003cbr/\u003e\n\u003e * You will need **domain name** to configure all layers (myproject.io as an example below)\n* Use **.env.template** file as an examples and fill it with actual values insode **root .env**\n  ```\n  TF_TOKEN_app_terraform_io=\u003cyour_terraform_cloud_token\u003e\n\n  TF_VAR_org_id=\u003cyour_terraform_cloud_org\u003e\n  TF_VAR_project_id=myproject\n  TF_VAR_group_id=dev\n  TF_VAR_env_id=dev01\n  TF_VAR_tenant_id=demo\n\n  TF_VAR_account_id=\u003cyour_aws_account_id\u003e\n\n  TF_VAR_registry=\n  TF_VAR_repositories=[\"dev.myproject.services.iam\",\"dev.myproject.web.landing\"]\n  TF_VAR_image_tag_mutability=\n\n  TF_VAR_domain_name=myproject.dev\n  TF_VAR_dns_records=dev01.myproject.dev,api\n  TF_VAR_use_primary_domain=false\n  TF_VAR_api_base_url=https://api.dev01.myproject.dev\n\n  TF_VAR_postgresql={ size = \"db.t4g.micro\", allocated_storage = \"20\", max_allocated_storage = \"30\", master_user_password = true, engine_version = \"17.4\", family = \"postgres17\", major_engine_version = \"17\", multi_az = false, manage_master_user_password = true, backup_schedule = \"cron(0 */2 * * ? *)\", backup_lifecycle_delete_after = 97, backup_lifecycle_coldstorage_after = 7, rds_snapshot_identifier = null }\n  TF_VAR_databases={ \"iam\" = { owner = \"admin\", password = \"admin\" }, \"notify\" = { owner = \"admin\", password = \"admin\" } }\n\n  TF_VAR_db_instance_identifier=\n  TF_VAR_tenant_databases={}\n  TF_VAR_user_pool_id=\n  TF_VAR_use_cognito_provider=false\n  TF_VAR_identity_providers={\"demo-oidc\":{\"provider_type\":\"OIDC\",\"provider_details\":{\"attributes_request_method\":\"POST\",\"attributes_url\":\"https://idp.dev01.myproject.dev/realms/demo/protocol/openid-connect/userinfo\",\"authorize_scopes\":\"openid profile email\",\"authorize_url\":\"https://idp.dev01.myproject.dev/realms/demo/protocol/openid-connect/auth\",\"client_id\":\"demo\",\"client_secret\":\"...\",\"jwks_uri\":\"https://idp.dev01.myproject.dev/realms/demo/protocol/openid-connect/certs\",\"oidc_issuer\":\"https://idp.dev01.myproject.dev/realms/demo\",\"token_url\":\"https://idp.dev01.myproject.dev/realms/demo/protocol/openid-connect/token\"}}}\n  ```\n### AWS\n  * Create **aws/.env** file using **aws/.env.template** as an example\n    ```\n    AWS_ACCESS_KEY_ID=\u003cyour_aws_id\u003e\n    AWS_SECRET_ACCESS_KEY=\u003cyour_aws_key\u003e\n    AWS_REGION=eu-central-1\n    AWS_DEFAULT_REGION=eu-central-1\n\n    TF_VAR_aws_k8s_version=1.33\n    TF_VAR_aws_k8s_node_groups={ng1 = { name = \"ng1\", \"instance_types\" = [\"t3.small\"], \"min_size\": 1, \"desired_size\": 2, \"max_size\": 3, \"disk_size\": 20 }}    \n    ```\n* **Install dependencies**\n  ```\n  tln install aws --depends\n  ```\n* Construct six AWS Infrastructure Instance layers\n\n  * **Provider layer - configure ERC**\n    ```\n    tln construct aws -- --backend cloud --init --apply --layer provider --state project,provider\n    ```\n    * **Groupr layer - configure Route53, certificate \u0026 validation. You will need to modify DNS nameservers at your registrar side**\n      ```\n      tln construct aws -- --backend cloud --init --apply --layer group --state project,provider,group\n      ```\n      * **Network layer - configure VPC, Bastion**\n        ```\n        tln construct aws -- --backend cloud --init --apply --layer network --state   project,provider,group,env,layer\n        ```\n      * **Managed layer - K8s**\n        ```\n        tln construct aws -- --backend cloud --init --apply --layer managed --state project,provider,group,env,layer\n        ```\n      * **At this point you have secure access via bastion to your cloud resources, initiate sshuttle connection to your cloud network via bastion (first terminal)**\n        ```\n        tln connect aws -- --layer network --prefix bastion\n        ```\n      * **Open another shell with necessary environment variables (second terminal)**\n        ```\n        tln shell aws\n        kubectl get pods -A\n        ```\n      * **Check cluster (second terminal)**\n        ```\n        kubectl get pods -A\n        ```\n      * **Deploy App layer - configure Nginx ingress, Postgres DBs, DNS records (second terminal)**\n        ```\n        tln construct aws -- --backend cloud --init --apply --layer app --state project,provider,group,env,layer\n        ```\n        * **Deploy Tenant (demo) layer - Tenant specific DNS, database etc.**\n          ```\n          tln construct aws -- --backend cloud --init --apply --layer tenant --state project,provider,group,env,tenant\n          ```\n        * **You can check endpoints availability in browser https://dev01.myprojecy.io \u0026 https://api.dev01.myproject.io**\n        * Now you can deconstruct all layers and free all Cloud resources\n        * **Undeploy Tenant (demo)**\n          ```\n          tln deconstruct aws -- --backend cloud --init --apply --layer tenant --state project,provider,group,env,tenant\n          ```\n      * **Undeploy App layer**\n        ```\n        tln deconstruct aws -- --backend cloud --init --apply --layer app --state   project,provider,group,env,layer\n        ```\n      * **Close sshuttle connection (first terminal)**\n        ```\n        ^C\n        ```\n    * **Delete Managed layer**\n      ```\n      tln deconstruct aws -- --backend cloud --init --apply --layer managed --state project,provider,group,env,layer\n      ```\n    * **Delete Network layer**\n    ```\n    tln deconstruct aws -- --backend cloud --init --apply --layer network --state project,provider,group,env,layer\n    ```\n  * **Delete Groupr layer**\n    ```\n    tln deconstruct aws -- --backend cloud --init --apply --layer group --state project,provider,group\n    ```\n* **Delete Provider layer**\n  ```\n  tln deconstruct aws -- --backend cloud --init --apply --layer provider --state project,provider\n  ```\n\n## Command line options\n  General format\n  ```\n  tln [construct | deconstruct] [aws | azure | gcp] [-u] -- [option, [option], ...]\n  ```\n  | Option  | Description | Example |\n  | ------------- | ------------- | ------------- |\n  | backend | Defines which backend provider should bu used (cloud, pg) | $ tln construct aws -- --backend cloud \u003cbr /\u003e $ tln construct aws -- --backend pg |\n  | state | Defines how store name will be built: project, provider, env, layer, tenant, \u003ccustom_string\u003e | $ tln construct aws -- --backend cloud --layer network --state project,provider,env,layer \u003cbr /\u003e will use myproject-aws-dev-dev01-network Terraform Cloud workspace |\n  | init | Run Terraform init | $ tln construct aws -- --backend cloud --init --layer network --state project,provider,env,layer |\n  | upgrade | Run Terraform upgrade mode for init | $ tln construct aws -- --backend cloud --init --upgrade --layer network --state project,provider,env,layer |\n  | plan | Run Terraform plan | $ tln construct aws -- --backend cloud --plan --layer network --state project,provider,env,layer |\n  | apply | Run Terraform apply | $ tln construct aws -- --backend cloud --apply --layer network --state project,provider,env,layer |\n  | auto-approve | Tun on auto approve for apply \u0026 destroy | $ tln construct aws -- --backend cloud --apply --auto-approve --layer network --state project,provider,env,layer |\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fproject-talan%2Ftln-clouds","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fproject-talan%2Ftln-clouds","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fproject-talan%2Ftln-clouds/lists"}