Cloud Infrastructure for HealthCare Platform
Provisioned production AWS infrastructure with Terraform for a HealthCare platform running a Node.js API and Angular web app on EC2 Auto Scaling Groups behind Application Load Balancers.
Used CloudFront to route traffic cleanly: the frontend is served by default, and /api/ requests go to the backend — with HTTPS enforced.
Deployments are kept simple and repeatable: artifacts are delivered via S3, instances bootstrap via user_data, and infra changes run through a GitLab CI/CD pipeline with remote Terraform state (S3 + DynamoDB locking).
What this covers
CloudFront CDN
Single CloudFront distribution with path-based routing (frontend default, /api/* to backend) and HTTPS redirects.
Dual ALBs
Separate ALBs for frontend and backend, each with its own target groups/listeners and isolated networking.
Auto Scaling
ASGs for both tiers with scale policies and cooldowns to handle traffic spikes safely.
Networking
VPC across two AZs with public/private subnet separation, IGW + NAT gateways for controlled egress.
Deployment Pipeline
GitLab pipeline (init → plan → apply) with manual approval on apply for safe releases.
Bootstrap & Config
EC2 user_data pulls artifacts from S3, configures Node.js + PM2, and sets up Nginx reverse proxy; SSM agent enabled for ops.
State Management
Terraform state stored in S3 with DynamoDB locking + encryption for safe, team-friendly IaC.