Challenge
A professional cloud security portfolio should demonstrate more than a static page. The hosting layer needed to show secure defaults, repeatable infrastructure, and a realistic path toward a custom domain and production deployment.
Case Study | Terraform | AWS
Secure static portfolio infrastructure with Terraform, S3, and CloudFront.
Built repeatable AWS infrastructure for this portfolio with private S3 storage, CloudFront delivery, origin access control, encryption, versioning, tagging, and clean outputs.
Terraform
Private S3
CloudFront OAC
HTTPS Site
Approach
- Created an S3 bucket with public access blocked and server-side encryption enabled.
- Enabled bucket versioning to preserve object history and support safer updates.
- Configured CloudFront with origin access control so users access content through the distribution, not public S3.
- Added custom error responses and Terraform outputs for the site URL, bucket, and distribution ID.
Security Value
- Demonstrates least-privilege access to static site content.
- Keeps infrastructure repeatable instead of manually configured in the console.
- Creates a clean base for adding Route 53, ACM, deployment automation, and monitoring.
Production Considerations
- Route 53 and ACM for a custom HTTPS domain.
- Automated upload of website assets and CloudFront invalidation.
- Access logs, security headers, and CI validation for Terraform changes.