AWS DevOps Capstone Project
A fully automated, production-ready AWS infrastructure built with Terraform , GitHub Actions , and security best practices.
π Architecture Diagram
graph TD
igw[Internet Gateway]
subnet1[Public Subnet AZ1]
subnet2[Public Subnet AZ2]
alb[Application Load Balancer]
ec2a[EC2 Instance AZ1]
ec2b[EC2 Instance AZ2]
rds[RDS - PostgreSQL]
dynamodb[DynamoDB Table]
app1[Static App]
app2[Static App]
github[GitHub Actions CI/CD]
s3[S3 Backend Bucket]
ddb[DynamoDB Lock Table]
acm[ACM Certificate]
iam[IAM Role]
igw --> subnet1
igw --> subnet2
subnet1 --> alb
subnet2 --> alb
alb --> ec2a
alb --> ec2b
ec2a --> app1
ec2b --> app2
ec2a --> rds
ec2b --> dynamodb
github --> alb
github --> rds
github --> ec2a
github --> ec2b
s3 --> github
ddb --> github
acm --> alb
iam --> ec2a
iam --> ec2b
ec2a --> s3
ec2b --> s3
π Key Features
- Infrastructure as Code: Modular Terraform architecture
- Security: IAM role scoping, HTTPS via ACM, private RDS networking
- CI/CD: GitHub Actions with OIDC authentication
- Scalability: EC2 Auto Scaling group behind ALB
- Observability: CloudWatch logs and custom metrics
- Cost Awareness: Free Tier-compliant infrastructure
π§ What I Learned
- Deployed secure, scalable cloud infrastructure using AWS best practices
- Implemented least-privilege IAM roles and GitHub OIDC auth with Terraform
- Diagnosed and resolved complex issues with ALB, Route 53, and CloudTrail
- Built confidence using GitHub Actions for fully automated CI/CD pipelines
πΈ Proof of Work
- β GitHub Actions deployment logs
- β Terraform apply logs
- β AWS Console screenshots (EC2, RDS, CloudWatch, Route 53)
- β Domain: capstone.vanfreckle.com
π I'm actively looking for DevOps roles β if you want secure, scalable AWS infrastructure built with automation in mind, letβs connect .