neilcassidy.ca

What is this?

A demo site that I built for the Cloud Resume Challenge!

The goal was to roll out something simple at web scale.

How was it made?

Infrastructure

The project mostly runs on Amazon Web Services:

  • Route 53 provides Domain Name Service, so that you can find the site.
  • S3 stores the static files, and CloudFront distributes them to you.
  • Certificate Manager maintains the SSL certificates to secure your connection.
  • A Lambda function registers your visit and updates the visitor count shown below.
  • DynamoDB stores the visits. In the future this count will be cached somehow.

The domain is registered outside of AWS to facilitate multi-cloud experiments.

DevOps

A major goal of the challenge was to use good DevOps practices:

  • Everything is installed in an AWS Organization.
  • There are separate test and production accounts.
  • All code updates are deployed through a GitHub actions CI/CD workflow.
  • The infrastructure is also maintained as code, using the AWS Cloud Development Kit.
  • The backend API is automatically tested with Playwright.

Code

I took the opportunity to sharpen up some dev skills that I don't use at work:

  • The site is hand-coded HTML/CSS and vanilla JS. Maybe I'll update it to React one day.
  • All of the backend components were written in TypeScript and run on Node.js.
  • The infrastructure-as-code is also JavaScript, using the Node.js CDK binding.

UX

Google Lighthouse was used to check the mobile experience. It's not 100% tuned yet.

Security

Some extra measures were taken:

  • DNSSEC is implemented for the domain and hosted zone.
  • Mozilla Observatory was used to check the configuration.
  • No static secrets are used in the CI/CD workflow, it's all OIDC!