A Portfolio website using Hugo and deployed to AWS using Pulumi

This is a submission for the Pulumi Deploy and Document Challenge: Fast Static Website Deployment

What I Built

A statically generated portfolio website using Hugo and deployed to AWS using Pulumi. The project automates provisioning of an S3 bucket for hosting, CloudFront CDN for distribution, and Route53 DNS records. Includes automated HTTPS via ACM certificates and integrates GitHub Actions for CI/CD.

The README includes:

• Full architecture diagram

• Environment setup instructions

• Pulumi deployment walkthrough

• Cost estimation guide

• Security hardening practices

---

My Journey

1. Initial Setup: Spent 2 hours learning Pulumi's TypeScript SDK and AWS provider structure

2. Core Implementation:

• Generated Hugo site with custom theme

• Configured S3 bucket with public-read access and static website hosting

• Set up CloudFront distribution with custom domain and SSL

1. Challenges:

• DNS propagation delays with Route53

• Configuring correct CORS policies for CDN

• Debugging Pulumi preview vs actual deployment differences

1. Solutions:

• Implemented Pulumi's waitUntil for resource stabilization

• Used Terraform CDK patterns for complex resource relationships

• Added comprehensive unit tests with Pulumi Test Framework

---

Using Pulumi

Pulumi was chosen for its:

• Strong TypeScript support with real TypeScript typing

• Multi-cloud capabilities (could easily port to Azure/GCP)

• Resource dependency visualization in VSCode

• Rollback capabilities during deployment failures

Key Pulumi features used:

// Infrastructure components

const websiteBucket = new s3.Bucket('WebsiteBucket', {

    website: {

        indexDocument: 'index.html',

    },

});

const distribution = new cloudfront.Distribution('WebsiteDistribution', {

    origins: [{

        domainName: websiteBucket.bucketRegionalDomainName,

        originPath: '',

    }],

    enabled: true,

    defaultRootObject: 'index.html',

    priceClass: PriceClass.PriceClass_100,

});

// DNS automation

const record = new route53.ARecord('WebsiteAlias', {

    zoneId: zone.zoneId,

    name: 'dev-portfolio.com',

    aliases: [{

        name: distribution.domainName,

        zoneId: distribution.hostedZoneId,

    }],

});

---

Best Practices:

1. Environment-specific configurations using .env files

2. Custom Pulumi stack selector for multi-environment management

3. Automated cost estimation via pulumi import commands

4. Security group rules limited to CloudFront IP ranges

5. Automated deployment notifications through Slack integration

Submission Checklist

✅ Working production deployment

✅ Comprehensive documentation

✅ Automated testing workflow

✅ Cost optimization analysis

✅ Security vulnerability scan results

Thanks ....