Application should be provisioned using Terraform. For each application that requires resources in AWS, create a Terraform root module for each account in which it will be deployed.
infra/ applications/ example/ sandbox/ production/
To ensure that staging and production match, you can encapsulate stateful and compute resources into a module:
infra/ applications/ example/ modules/ state/ compute/
You can then use these modules to provision resources in each account and add them to the appropriate clusters.
# applications/example/sandbox/main.tf module "staging" { source = "../modules/state" cluster_names = [data.aws_eks_cluster.sandbox_v1.name] environment = "staging" s3_bucket = "example-staging-activestorage" redis_sidekiq_name = "example-staging-sidekiq-redis-orange" redis_sidekiq_node_type = "cache.t4g.micro" postgres_identifier = "example-staging-strawberry" postgres_instance_class = "db.t4g.small" } module "sandbox_v1" { providers = { kubernetes = kubernetes.sandbox_v1 } source = "../modules/compute" namespace = module.staging.namespace service_role = module.staging.service_role_arn } data "aws_eks_cluster" "sandbox_v1" { name = "example-sandbox-v1" }