Skip to main content
GOV.UK
Developer docs
Menu
Get started
Manual
Kubernetes
Apps
Repos
Mobile
Schemas
Document types
Table of contents
Search (via Google)
Search
govuk-infrastructure
Introduction to GOV.UK infrastructure
Upgrading the cluster
Create a new environment
Kubernetes external secrets
Prerequisite Secrets
Content Delivery Network (CDN) - Fastly
architecture
decisions
0000-TEMPLATE
1. Record architecture decisions
2. Use aws-eks terraform module
3. Split terraform state into separate AWS cluster and Kubernetes resource phases
4. Use AWS Load Balancer Controller for edge traffic services
5. Use EKS managed node groups
6. Use Helm for application package management
7. Use fluentbit, elasticsearch and kibana for application logs
8. Use external-secrets for secrets storage
9. Use external-dns for DNS record management
10. Use Dex IdP for user web auth
11. Use AWS Graviton (ARM) for Compute Instances
12. Non-GOV.UK domain policy
13. Expose external metrics for HPA via Prometheus Adapter
14. Replace Terraform Cloud backend with S3 + DynamoDB
15. Maintain a read-only IAM role
logit
logit
Intro
Home
Repos
govuk-infrastructure
Last updated:
16 Jun 2025
govuk-infrastructure: 0000-TEMPLATE
Date:
Status
Pending
Context
Decision
Consequences