Best way to have parts of the infrastructure definitions in a separate git repo?

aws

#1

What is your recommended way of having parts of the infrastructure definitions in a separate git repo?

I have a serverless project with Lambda, DynamoDB tables etc defined as code. Now I’m going to add a few SNS topics, and for these, a number of external systems needs their own SQS queue and a subscripiton with filters, that binds the SQS queue to a topic.

We might soon have a large number of identical external machines that we integrate with. And I don’t want people who maintain that list, to also have write access to the repo with our lambdas, permissions etc.

But I can surely see the value of having all the queues and subscriptions defined in code - so I’d like to have a separate repo with these definitions, and include that in my main project - any suggestions/best practices?


#2

I think I’ll solve this differently.

Since all the external parts are defined in a database anyway, I’ll just make a lambda which is triggered by changes in the dynamodb table - and let that lambda add/remove the needed queues.