https://za4emyavam.com/ Recent content in Mykyta Sukh | IT Infrastructure & DevOps Engineer on My Portfolio Hugo en-us Mon, 01 Jan 0001 00:00:00 +0000 https://za4emyavam.com/architecture/ Mon, 01 Jan 0001 00:00:00 +0000 https://za4emyavam.com/architecture/ <p>The foundation of this website is not merely a collection of HTML files, but a fully automated, cloud-native infrastructure deployed on AWS, utilizing modern DevOps best practices.</p> <p>The core architectural principle driving this project is <strong>maximum security coupled with complete automation</strong>.</p> <h2 id="-infrastructure-as-code-iac">🏗️ Infrastructure as Code (IaC)</h2> <p>The entire infrastructure is provisioned and managed as code using <strong>Terraform</strong>, ensuring a reproducible, consistent, and scalable environment.</p> <ul> <li><strong>Compute:</strong> The application runs on an Amazon Linux 2023 EC2 instance (t3.micro).</li> <li><strong>Network &amp; Security:</strong> The instance resides within a strictly isolated <strong>Private Subnet</strong> of an AWS VPC. It lacks a public IPv4 address, and inbound SSH access (port 22) is completely disabled to eliminate external attack vectors.</li> <li><strong>Routing:</strong> Outbound internet connectivity is facilitated exclusively via IPv6 through an Egress-Only Internet Gateway, preventing any uninitiated inbound traffic.</li> <li><strong>Web Server:</strong> A lightweight Nginx server handles the efficient delivery of static assets.</li> </ul> <p>The reason for choosing an EC2-based architecture over S3+CloudFront is described below in the <strong>Architectural Trade-offs &amp; Design Decisions</strong> section.</p>