Projects & Case Studies

A collection of my infrastructure automation work.

Personal Cloud Portfolio

Live & On-Going

This Website: A modern, responsive personal portfolio built entirely on AWS serverless infrastructure.

  • Infrastructure: Automated provisioning via Terraform (S3 & CloudFront) with custom modules.
  • Secure Authentication: Eliminated long-lived Access Keys (AK/SK) by implementing GitHub OIDC to assume AWS roles with short-lived credentials for Terraform runs.
🛡️ Repository Security & Governance:
  • Branch Protection: "Main" branch locked. No direct pushes or force pushes allowed.
  • Quality Gates: PRs require approval and passing status checks (Terraform Plan) before merge.
  • Secret Safety: Strict .gitignore policy ensuring no state files (*.tfstate) or variable files (*.tfvars) are committed.
📂 View Source Code
Terraform GitHub Actions AWS OIDC S3/CloudFront

Serverless Dynamic Backend

Upcoming

Roadmap: Enhancing the static portfolio with dynamic capabilities using a Serverless architecture.

  • Implementing API Gateway as the REST entry point.
  • Developing AWS Lambda functions (Python) to process contact forms and dynamic content.
  • Integration with DynamoDB for data persistence.
API Gateway Lambda (Python) Serverless DynamoDB

AWS Static Site Terraform Module

Completed

Infrastructure as Code: Built a reusable Terraform module to automate the deployment of secure, high-performance static websites.

  • Provisions ACM Certificates for SSL/TLS.
  • Configures CloudFront Distribution with default cache behaviors and CloudFront Functions.
  • Secures S3 Buckets with OAI/OAC policies.
Terraform AWS CloudFront AWS ACM S3 Route53