Post

Cloud Resume Challenge

Posted
By Edel Zamora 5 min read

I am coming back to write the blog post and finish the project.

Background

I started the Cloud Resume Challenge in March of 2022 after seeing an X post (formerly Twitter). I chose this project to begin my journey into the cloud. So, what is the cloud resume challenge? It is a hands-on project to get you started with the cloud. Like it sounds, it is having your resume in the cloud. Here is a link for more information on the cloud resume challenge.

The project can use any cloud provider, and I picked Amazon Web Services (AWS). I chose AWS for its longevity and being a market leader.

The project consists of 16 steps:

  1. Certification
  2. HTML
  3. CSS
  4. Static Website
  5. HTTPS
  6. DNS
  7. Javascript
  8. Database
  9. API
  10. Python
  11. Tests
  12. Infrastructure as Code
  13. Source Control
  14. CI/CD (Back end)
  15. CI/CD (Front end)
  16. Blog Post

Simple does not mean easy

While it may look simple, it is challenging for someone starting in the cloud or new to tech. I bought the guidebook from the author of the challenge to learn how to approach this project; the book is not a tutorial. The book provides structure and resources about the challenge. It lists a few resources and tools to complete the step and leaves the implementation to the reader.

One of my favorite recommendations is:
Think of other challenge solutions as spoilers. You didn’t want to know the ending of your favorite movie or show. Don’t let some other developers spoil the learning experience.

It is easy to find a solution by looking it up on a search engine but at that point, it becomes a tutorial where I follow along and learn less. I gave myself the constraint of using stack overflow, documentation, and quickstart YouTube videos to get familiar with the tech.

I will follow a similar approach and outline my process. Plus, the code is on my GitHub profile. In the future, I may come back and make a step-by-step guide.

The process

I obtained the AWS Cloud Practitioner in April of 2022, marking step 1 complete. The certification covered what services AWS offers, what they do, and its cost. It does not cover how to use any service. I decided to do two projects to use different cloud services.

One is the personal website/portfolio, and the second is the web resume.

Portfolio

For steps 2, 3, 4, and 7, I used the Reactjs framework since I was familiar with JS and this frontend library. I decided to write the components from scratch and not use component libraries. After two weeks, I had a static website ready for hosting. I was deciding what to use for hosting.

I could have used an EC2 instance, but I was intimidated about setting up HTTPS certificates for the site. Another approach was using an Application Load Balancer (ALB) with preinstalled certificates. The ALB sits in front of the EC2 instances, but the monthly cost would be a bit much for only a personal site. I decided to use AWS Amplify as it is free for my site, has TLS certificates, and is easy to configure with Route53. Having the front end complete and the hosting platform decided, I was ready to deploy, but it required a few more things.

I used git as the version control system and GitHub (step 13) to host the project’s code. Another benefit of Amplify is the continuous deployment (CD) [partial step 15]. It required setting up permissions and communication from GitHub to Amplify. I ran into issues during the setup, the build pipeline failed. I reran the pipeline to see where the build failed and looked through the logs. There was a permissions issue with the AWS Role GitHub assumes. There needed to be more permissions associated with the role to finish the build and deploy. After the permissions adjustment, the connection allowed a seamless deployment to production by pushing the code to the repository’s main branch. I still need to complete the project’s continuous integration (CI).

Resume

I did not use a framework for the resume, only HTML and CSS. For hosting, I used an S3 bucket to learn and get hands-on experience with bucket permissions. This service is capable of static web hosting with HTTPS preconfigured. For the CD process, I used the native service of GitHub, GitHub Actions. I wrote a YAML file for the required build steps to deploy to the S3 bucket. I had to create an AWS Role that gives the GitHub OpenID URI permissions to assume the role. I gave the role the required permissions and followed the least privilege principle. Again, the permissions required adjusting since the role failed to upload to the bucket. The role is only allowed to read and put into the S3 bucket. When GitHub Actions is ready to deploy, it assumes the AWS Role and requests temporary credentials from the Security Token Service (STS). That way, there are no hard-coded credentials in the YAML files.

I started with the backend, and the challenge is to have a serverless architecture using an API Gateway, Lambda, and DynamoDB. At the time, I struggled. I did not know what a software development kit (SDK) was. I would read the definition but could not wrap my head around it. I knew Python but could not figure out how to use the boto3 library with lambda. I had used Flask and Fastapi for mini projects but struggled with API Gateway. I left the project unfinished as I was new to using and configuring these services.

Returning to complete the challenge

After staying busy with school, internships, Army Reserve duties, and life. I am returning to complete the challenge. I will make an update on this post or create a part 2.

This post is licensed under CC BY 4.0 by the author.