'scaled down' version of TRE?

[tk-subgenius]

Hi , Please is there some 'scaled down' version of TRE available? This repo is great, but there are an awful lot of resources deployed for this. I can imagine running terraform from ECS, and without all of the network resources deployed. Even lambda can run terraform from an image (keeping in mind the 15 minute execution limit).

Thank you! Tom

[campaand]

As you mentioned, it would be interesting for them to consider running EC2 with terraform installed within a VPC and subnet provided directly by the user at stack creation time (to avoid creation of some network resources like VPC, some subnets and 3 NAT gateways). Maybe it can be implemented by creating a series of TRE templates with different usage scenarios.

[smaly-amazon]

Hi,

Thanks for the feedback. I agree that for many cases a simpler stack would be a good option.

We chose to include VPC/networking because many Service Catalog customers delete their default VPCs, for example with accounts created through AWS Control Tower.

Right now we don't plan on supporting multiple versions of the solution with options to remove VPC resources or other things that might be optional for some accounts. It is possible to fork the repo and customize the code to create a lighter stack, though that adds some burden for keeping up with updates.

Regarding Lambda: Many customers have complex provisioning that would exceed the max 15 minutes allowed for an invocation. I agree that Lambda would be a lighter solution, but we didn't want to add that 15-minute limitation.

The ECS suggestion is a good one. It may be a better choice for compute layer in a future version.

[lorengordon]

Codebuild also works as a great environment for executing Terraform, particularly longer running jobs, and requires no VPC by default.

[vmwiz]

Would be nice to have the same model as what you did with AFT and eventually having both solutions merged somehow.

The AFT pipelines are awesome, I particularly appreciate the API helpers and the jinja parser allowing dynamic generation of the terraform files based on other values pumped from the AWS API (SSM parameters, list of VPCs, multi-region providers, ...)