I Built a Serverless Resume on AWS with Terraform, Lambda, and GitHub Actions

# How I Built an Automated Serverless Resume on AWS (Cloud Resume Challenge)

The Cloud Resume Challenge is a practical exercise in moving beyond tutorials into production-style cloud engineering. It forces you to design, deploy, and integrate multiple AWS services into a single working system.

This project evolved from a manually deployed serverless setup into a fully automated Infrastructure-as-Code pipeline on AWS using Terraform and GitHub Actions.

---

## 🏗️ Architecture Overview

The system is fully serverless, globally distributed, and provisioned entirely through Infrastructure-as-Code:

**S3 → CloudFront → API Gateway → Lambda → DynamoDB**

### Core Components

#### 1. Frontend (S3)
- Static resume site built with HTML and Tailwind CSS
- Hosted in a private Amazon S3 bucket
- No direct public access; served via CloudFront only

#### 2. CDN (CloudFront)
- Global content delivery via AWS edge locations
- HTTPS enforced by default
- Aggressive caching for performance optimization

#### 3. Database (DynamoDB)
- Serverless NoSQL table in pay-per-request mode
- Stores a persistent visitor counter (`ID: visitors`)
- Low-latency reads/writes for API interactions

#### 4. Backend (Lambda)
- Python-based AWS Lambda function using `boto3`
- Performs atomic read/increment operations on DynamoDB
- Stateless compute layer triggered via API Gateway

#### 5. API Layer (API Gateway)
- HTTP API with `/counter` POST route
- Proxy integration directly to Lambda
- CORS enabled for browser-based frontend access

#### 6. Infrastructure as Code (Terraform)
- Entire AWS stack defined declaratively in `main.tf`
- Uses `terraform state` to manage resource mapping
- Handles IAM roles, API routes, Lambda packaging, and S3 deployment

#### 7. CI/CD (GitHub Actions)
- Automated deployment pipeline for frontend assets
- Push-to-deploy workflow into S3
- CloudFront cache invalidation after every release

---

## 🧠 Key Engineering Challenges & Fixes

### 1. Git Push Failure: 100MB File Limit (Terraform Provider Bloat)

While staging the repository, Git accidentally tracked `.terraform/` directories. This introduced a large AWS provider binary (~600MB+), exceeding GitHub’s 100MB file limit.

#### Root Cause
Terraform initializes large provider binaries locally, which can be mistakenly committed if not ignored early.

#### Fix
Even after updating `.gitignore`, the file history still contained the large binaries. A full index reset was required:

```bash
git rm -r --cached .
git reset --mixed <clean-commit-hash>
git add .
git commit -m "chore: clean terraform state and restructure repo"
git push origin main

const response = await fetch(apiURL, { method: "POST" });
const data = await response.json();

document.getElementById("counter").innerText = data.count;