Comment on page
Adding a domain
Domains are a mechanism for protecting one service (or group of services) from others. You may create as many as you like. Creation and subsequent updates are simple: Run
substrate create-account -domain <domain> -environment <environment> -quality <quality>
with the name of your (new) domain and a declared environment and quality. This will create a new AWS account in your organization, add it to substrate.accounts.txt
, and create all the necessary IAM roles to allow administrators to access the account.If not immediately, you'll eventually create this domain in all of your environment/quality pairs to enable a complete progression from e.g. development through production.
See domains, environments, and qualities for more discussion of these fundamental Substrate concepts.
All accounts with a given domain, across all environments and qualities, will be generated with Terraform code that references a generated Terraform module named the same as the domain. This is where you should put the vast majority of Terraform resources, possibly parameterized by
module.substrate.tags.domain
, module.substrate.tags.environment
, and module.substrate.tags.quality
as well as module.substrate.public_subnet_ids
and module.substrate.private_subnet_ids
.If you choose to add
variable
stanzas to that module, we recommend that you do not set a default
for those variables; this will force you to consider the appropriate values when creating this domain in different environments and/or qualities.