Configure AWS infrastructure to support a basic web stack using common infrastructure management tools.


  • A Terraform project or set of CloudFormation configuration JSONs or YMLs to provision the following pieces of AWS infrastructure:

    • EC2 application box: 2x t3.small instances, latest Amazon Linux 2 AMI

    • RDS database: 1x t3.small instance, postgres engine version 11 with database name “geosite”

    • ELB splitting between the EC2 instances

    • VPC + all necessary networking components (e.g. internet gateway, security groups, roles) to provide public access to the EC2 instances and VPC only access to the RDS instance.

  • Ansible playbooks or shell scripts to perform the following on the EC2 instances (should be run as part of the provisioning process):

  • Generate a fresh SSH key for SSH access to the EC2 instances. Submit the private key as part of the project repo, encrypted using PGP with the password “geosite”


  • DO NOT submit any AWS IAM creds or anything that you don’t want to be public. Mark clearly in the configurations where sensitive info such as access_ids, secret_keys, regions, etc. should be provided via secrets/env vars.

  • Use username:password for any other credentials (e.g. RDS)

  • You may reuse your own code from prior work

  • You may use code snippets from other authors but they must be annotated in comments, and they must not constitute wholesale copying (to be arbitrated by Geosite engineers)

Evaluation criteria:

  • Functionality: Does the submission meet all the functional requirements?

  • Discussion: Be prepared to discuss your submission during the interview process

Please save your work as a public git repo and submit the link with your cover letter.