DEV Community: Devin The latest articles on DEV Community by Devin (@nullreturn). https://dev.to/nullreturn https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3292298%2Fe7892538-1d0c-47e8-84b2-c7b57d1d0913.jpeg DEV Community: Devin https://dev.to/nullreturn en πŸš€ The Cloud Resume Challenge My Journey to Cloud Mastery Devin Wed, 25 Jun 2025 03:50:44 +0000 https://dev.to/nullreturn/the-cloud-resume-challenge-my-journey-to-cloud-mastery-18oc https://dev.to/nullreturn/the-cloud-resume-challenge-my-journey-to-cloud-mastery-18oc <p>As a technologist looking to build real world cloud skills, I took on the Cloud Resume Challenge: a project that tests and demonstrates core cloud knowledge through hands-on implementation. This challenge wasn't just about deploying a website; it was a full-spectrum journey through modern cloud infrastructure, tools, development practices, and operational procedures.</p> <h2> 🌩️ What is the Cloud Resume Challenge </h2> <p>Created by Forrest Brazeal, the Cloud Resume Challenge is a real project that guides you through building and deploying a cloud-native resume website. It covers many core principles of cloud computing and DevOps workflows including:</p> <ul> <li>πŸ— Infrastructure as Code</li> <li>βš™οΈ Serverless architecture</li> <li>🎨 Frontend development</li> <li>πŸš€ CI/CD pipelines</li> <li>🌐 DNS setup</li> <li>πŸ” Cloud security</li> </ul> <p>The goal is to not just build a site, but to treat your resume like a real-world cloud application where security, automation, and scalability matter.</p> <h2> πŸ›  My Stack and Architecture </h2> <p>To complete this challenge I leveraged several AWS services as well as modern development tools. The architecture includes:</p> <ul> <li>πŸ–₯ <strong>Frontend</strong>: Static resume website built with HTML, Tailwind CSS, and JavaScript</li> <li>πŸ“¦ <strong>Hosting and Delivery</strong>: Private S3 bucket with content served via CloudFront with HTTPS</li> <li>🧠 <strong>Backend</strong>: AWS Lambda functions triggered via API Gateway to serve a dynamic visitor counter</li> <li>πŸ—ƒ <strong>Database</strong>: DynamoDB table to store and increment visitor count</li> <li>πŸ“œ <strong>Infrastructure</strong>: Defined and provisioned using Terraform for repeatability and version control</li> <li>πŸ€– <strong>CI/CD Pipeline</strong>: GitHub Actions to automate builds, testing, deployment, and cache invalidation</li> <li>🌍 <strong>DNS Management</strong>: Custom domain from PorkBun managed in Route 53 with alias records to CloudFront</li> </ul> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F974y3j568lr6okuun2ce.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F974y3j568lr6okuun2ce.png" alt="Cloud Architecture Diagram" width="800" height="441"></a></p> <h2> 🧭 The Build Step by Step </h2> <h3> 1️⃣ Resume with HTML and Tailwind </h3> <p>I started with a simple static resume coded in HTML and styled using Tailwind CSS. Tailwind was chosen for its utility-first approach, which let me quickly build responsive layouts without writing much custom CSS. I implemented dark mode media query support and ensured the design worked well on mobile and desktop devices.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7f03xj16x22l1kvl6cu9.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7f03xj16x22l1kvl6cu9.png" alt="Live Website Screenshot" width="800" height="389"></a></p> <h3> 2️⃣ Hosting with S3 and CloudFront </h3> <p>To securely host the static site, I created a private S3 bucket and blocked all public access. Using an Origin Access Identity (OAI), I configured CloudFront to act as the only trusted source that could pull content from the bucket. This ensures your content remains secure and only served through the CDN.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz9sh69e8vrvugdeg2plz.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz9sh69e8vrvugdeg2plz.png" alt="S3 Bucket Settings" width="800" height="336"></a></p> <h3> 3️⃣ DNS Setup with Route 53 and PorkBun </h3> <p>After registering my domain through PorkBun, I delegated DNS authority to AWS Route 53. I set up a hosted zone, created A records with alias targets pointing to the CloudFront distribution, and updated name servers in PorkBun.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqy2cpe20y3hajh5o9jqt.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqy2cpe20y3hajh5o9jqt.png" alt="Route53 Hosted Zone" width="800" height="473"></a></p> <h3> 4️⃣ Visitor Counter with Lambda and DynamoDB </h3> <p>The visitor counter feature required backend logic. I wrote a Lambda function in Python which incremented a counter in DynamoDB and returned the updated count via API Gateway.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="sh">'</span><span class="s">cloudresume-counter</span><span class="sh">'</span><span class="p">)</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="k">try</span><span class="p">:</span> <span class="n">response</span> <span class="o">=</span> <span class="n">table</span><span class="p">.</span><span class="nf">update_item</span><span class="p">(</span> <span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">id</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">1</span><span class="sh">'</span><span class="p">},</span> <span class="n">UpdateExpression</span><span class="o">=</span><span class="sh">'</span><span class="s">ADD views :incr</span><span class="sh">'</span><span class="p">,</span> <span class="n">ExpressionAttributeValues</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">:incr</span><span class="sh">'</span><span class="p">:</span> <span class="mi">1</span><span class="p">},</span> <span class="n">ReturnValues</span><span class="o">=</span><span class="sh">'</span><span class="s">UPDATED_NEW</span><span class="sh">'</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="sh">'</span><span class="s">headers</span><span class="sh">'</span><span class="p">:</span> <span class="p">{</span> <span class="sh">'</span><span class="s">Access-Control-Allow-Origin</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">*</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">Access-Control-Allow-Methods</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">GET</span><span class="sh">'</span> <span class="p">},</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">'</span><span class="s">views</span><span class="sh">'</span><span class="p">:</span> <span class="nf">int</span><span class="p">(</span><span class="n">response</span><span class="p">[</span><span class="sh">'</span><span class="s">Attributes</span><span class="sh">'</span><span class="p">][</span><span class="sh">'</span><span class="s">views</span><span class="sh">'</span><span class="p">])})</span> <span class="p">}</span> <span class="k">except</span> <span class="nb">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">500</span><span class="p">,</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">({</span><span class="sh">'</span><span class="s">error</span><span class="sh">'</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">e</span><span class="p">)})</span> <span class="p">}</span> </code></pre> </div> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdlq9mrtkzrmst6xjxxze.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdlq9mrtkzrmst6xjxxze.png" alt="Lambda Function Dashboard" width="800" height="575"></a></p> <h3> 5️⃣ Lightweight Infrastructure Automation with Terraform </h3> <p>While much of the infrastructure setup was done manually via the AWS Console to gain hands-on familiarity, I used <strong>Terraform selectively</strong> to automate key backend services and streamline CI/CD integration.</p> <h4> βš™οΈ What I Managed with Terraform: </h4> <ul> <li>🧠 <strong>DynamoDB Table</strong> to store the visitor count with on-demand billing</li> <li>🧬 <strong>Lambda Function</strong> deployment, environment variables, and IAM execution role</li> <li>🌐 <strong>API Gateway</strong> setup with correct CORS configuration and route integration</li> <li>πŸ” <strong>IAM Policies</strong> for secure resource access</li> <li>πŸ€– <strong>CI/CD Support</strong> via IAM credentials for GitHub Actions</li> </ul> <p>This approach let me avoid repetitive manual setups for serverless and security components, while keeping the frontend (S3, CloudFront, Route 53) more visual and hands-on for learning.</p> <h4> 🧩 Why Partial Terraform? </h4> <ul> <li>I wanted to <strong>focus Terraform on areas where automation made the biggest impact</strong>, such as API deployment and IAM security.</li> <li>This hybrid approach gave me <strong>better control during debugging</strong> while still benefiting from repeatable deployments for Lambda and CI/CD.</li> </ul> <p><code>terraform/<br> β”œβ”€β”€ main.tf # Root module<br> β”œβ”€β”€ lambda.tf # Lambda + IAM<br> β”œβ”€β”€ dynamodb.tf # DynamoDB setup<br> β”œβ”€β”€ apigateway.tf # API Gateway resources<br> β”œβ”€β”€ variables.tf # Inputs<br> β”œβ”€β”€ outputs.tf # Useful outputs like API endpoint<br> β”œβ”€β”€ lambda/<br> </code></p> <h3> 6️⃣ Deployment Pipeline with GitHub Actions </h3> <p>CI/CD was automated using GitHub Actions. The pipeline triggers on push to the main branch and includes:</p> <ul> <li>Installing dependencies</li> <li>Building Tailwind CSS output</li> <li>Uploading files to S3 with AWS CLI</li> <li>Invalidating CloudFront cache</li> <li>Basic HTML linting checks</li> </ul> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1ys89zily7tg726o6g0i.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1ys89zily7tg726o6g0i.png" alt="GitHub Actions Run" width="800" height="319"></a></p> <h2> 🧩 Challenges </h2> <h3> πŸ”’ Private S3 Access </h3> <p>Configuring the correct permissions for private S3 access was tricky. I used the principle of least privilege and created an Origin Access Identity (OAI), then applied a bucket policy allowing only that OAI to read content.</p> <h3> 🌐 CORS Errors </h3> <p>The Lambda API required correct CORS settings to work with the frontend JavaScript. I had to carefully set headers both in the AWS Console and in Terraform.</p> <h3> 🧼 Cache Invalidation </h3> <p>Updates weren’t showing up due to CloudFront’s cache. I added an invalidation step to my GitHub Actions workflow to automatically purge the cache.</p> <h3> πŸ“¦ Terraform State </h3> <p>I used an S3 backend and DynamoDB table for locking to manage Terraform state securely and avoid corruption.</p> <h2> πŸ“š What I Learned </h2> <p>This challenge helped me grow in many areas of cloud engineering:</p> <ul> <li>⚑ Build clean, fast UIs with Tailwind CSS</li> <li>πŸ” Secure S3 buckets using OAI</li> <li>🌍 Use multiple DNS providers</li> <li>πŸ›  Modularize infrastructure with Terraform</li> <li>πŸ€– Automate deployments with GitHub Actions</li> <li>🧠 Build serverless functions</li> <li>πŸ“ˆ Debug cloud deployments using logs and state</li> </ul> <h2> πŸ”­ Improvements Ahead </h2> <p>Plans for future improvement include:</p> <ul> <li>πŸ›‘ Add AWS WAF for security</li> <li>πŸ“ˆ Monitor with CloudWatch Alarms</li> <li>🌐 Use multi-region CloudFront</li> <li>☁️ Use Terraform Cloud for state management</li> <li>πŸ“Š Add real-time user analytics</li> </ul> <h2> 🏁 Final Thoughts </h2> <p>The Cloud Resume Challenge turned a simple website into a full-scale cloud project. It pushed me to adopt industry standards, automation, and good security practices.</p> <p>πŸ”— Live site: <a href="https://godevtech.cloud" rel="noopener noreferrer"> godevtech.cloud </a> <br> πŸ“‚ GitHub repo: <a href="https://github.com/DevHAXog/CRC-AWS" rel="noopener noreferrer">GitHub</a></p> devops awschallenge career cloudcomputing